error-log-mining

Community

Mine exposed PHP error logs for credentials and intel.

Authoruphiago
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Exposed PHP error logs on misconfigured WordPress, Laravel, or custom PHP sites routinely leak sensitive server data including database credentials, API keys, SQL queries, and full directory paths that are otherwise inaccessible during standard reconnaissance.

Core Features & Use Cases

  • Discovers accessible error log files across 11 common paths on target web servers, with content validation to avoid false positives from SPAs or custom 404 pages.
  • Extracts high-value intelligence including server paths, email addresses, database credentials, API keys, SQL queries, WordPress salts, internal IPs, and installed plugin/theme names.
  • Use Case: During a penetration test of a WordPress e-commerce site, this skill pulled 879 SQL queries and 47 unique server paths from a 1.7MB exposed error log to map the server structure and identify potential attack vectors.

Quick Start

Use the error-log-mining skill to scan your target WordPress site for exposed error logs and extract all available database credentials, API keys, and server paths from any discovered log files.

Dependency Matrix

Required Modules

None required

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: error-log-mining
Download link: https://github.com/uphiago/recon-skills/archive/main.zip#error-log-mining

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.