misconfiguration
There are 21 repositories under misconfiguration topic.
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
aquasecurity/tfsec
Tfsec is now part of Trivy
TH3xACE/SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
aquasecurity/trivy-operator
Kubernetes-native security toolkit
nickvourd/Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
firefart/stunner
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
aquasecurity/chain-bench
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
b3rito/yotter
yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
Vinum-Security/yandex-cloud-security
⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.
fatihtokus/scan2html
A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.
padok-team/yatas-aws
Plugin for YATAS that audits AWS accounts for misconfiguration and security issues
4lch3mis7/XGiF
A tool to find .git folder exposed due to server misconfiguration.
machine1337/cors_scanner
Fast CORS Misconfiguration Scanner
cehuda1/env-breaker
Env Breaker adalah Pemindaian dan deteksi file .env pada situs-situs target. Skrip ini membantu mengidentifikasi kemungkinan kebocoran informasi sensitif yang terkait dengan file .env
padok-team/yatas-gcp
Plugin for YATAS that audits GCP projects for misconfiguration and security issues
K3ysTr0K3R/DroidSniper
DroidSniper - Misconfigured Android Debug Bridge Scanner
Rozan312/Cloud-Service-Hunting
This script automate exploit only cloud service
Archive-Puma/nucleo
⚛️ nucleo is a script that checks common vulnerabilities and security misconfigurations, strongly inspired by nuclei.
fagci/gmf
Global Misconfig Finder (web)
ShackWove/NetGun
NetGun is a free and open source tool for port scanning, services enumeration, misconfigurations testing and CVE research. This is only for testing, official repository: https://github.com/MyCr4ck/NetGun_Classe03
gsscoder/configinsights
Azure services configuration analyzer