Added Endpoint Detection Checks

[puzzlepeaches]

The following bchecks were added in this pull request:

• NTLM endpoint detection
• Git config detection
• Ruby on Rails storage.yml detection
• NPM debug log detection
• IIS web.config file detection
• PHP info file detection

These checks are unique in looking for file disclosure in that they don't just look at the site's root page but all directories discovered during a crawl. For example, if the following URL is discovered:

• https://site.acme.com/login

The checks look for git config files trailing the login directory like so:

• https://site.acme.com/login/.git/config

[xElkomy]

why you use replace path?

[PortSwiggerWiener]

This check will cause a number of duplicated requests if there are multiple files within a given path. Also the use of the regex is a little opaque.

Can you please raise an issue (or issues) as these checks seem to highlight some areas of the language that need enhancement.