Http Request Path Aws Credentials Txt

Matches HTTP requests attempting to access a plaintext file at /.aws/credentials.txt. This primitive helps identify reconnaissance or exploitation attempts where attackers probe for exposed cloud credential material stored in unsecured text files, often accessible due to directory listing, misconfigured file serving, or file disclosure vulnerabilities.