Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
Updated
Nov 5, 2024 - Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Tfsec is now part of Trivy
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
Kubernetes-native security toolkit
Windows Local Privilege Escalation Cookbook
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.
⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.
Fast CORS Misconfiguration Scanner
A tool to find .git folder exposed due to server misconfiguration.
DroidSniper - Misconfigured Android Debug Bridge Scanner
Env Breaker adalah Pemindaian dan deteksi file .env pada situs-situs target. Skrip ini membantu mengidentifikasi kemungkinan kebocoran informasi sensitif yang terkait dengan file .env
This script automate exploit only cloud service
NetGun is a free and open source tool for port scanning, services enumeration, misconfigurations testing and CVE research. This is only for testing, official repository: https://github.com/MyCr4ck/NetGun_Classe03
Global Misconfig Finder (web)
⚛️ nucleo is a script that checks common vulnerabilities and security misconfigurations, strongly inspired by nuclei.
Add a description, image, and links to the misconfiguration topic page so that developers can more easily learn about it.
To associate your repository with the misconfiguration topic, visit your repo's landing page and select "manage topics."