From 11a47a36b8643821d39e2ce6ee7c660ca656e037 Mon Sep 17 00:00:00 2001
From: ItsIgnacioPortal <5990@protonmail.com>
Date: Tue, 24 Jun 2025 23:18:03 -0300
Subject: [PATCH] feat(docs): Added documentation for the
 'Java-Spring-Boot.txt' wordlist

Related to #1220
---
 Discovery/Web-Content/Programming-Language-Specific/README.md | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 Discovery/Web-Content/Programming-Language-Specific/README.md

diff --git a/Discovery/Web-Content/Programming-Language-Specific/README.md b/Discovery/Web-Content/Programming-Language-Specific/README.md
new file mode 100644
index 00000000..c2c4cb18
--- /dev/null
+++ b/Discovery/Web-Content/Programming-Language-Specific/README.md
@@ -0,0 +1,4 @@
+## Java-Spring-Boot.txt
+Use for: Detecting actuator endpoints, and testing for RCEs in Spring-Boot instances.
+
+Note that it's possible for a spring-boot backend to be behind a spring-cloud-gateway, which may _only_ route all traffic prefixed with `/api/` to the backend. Consider fuzzing the starting prefix `api` with many different values to find what reaches the backend. A recommended wordlist to fuzz this value with is at `Fuzzing/Miscellaneous/schemes.txt`
\ No newline at end of file