Repository navigation

#

misconfiguration

aquasecurity / trivy 

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

安全Dockercontainersvulnerability-scannersvulnerability-detectionvulnerabilityGoKubernetesHacktoberfestdevsecopsmisconfigurationInfrastructure as code
Go
29298
2 天前
aquasecurity/tfsec
aquasecurity / tfsec 

Tfsec is now part of Trivy

Terraform安全scannerstatic-analysis持续集成Amazon Web ServicesAzureGoogle 云complianceInfrastructure as codedevsecopsvulnerability-scannersmisconfigurationdigitaloceanDevOpslinterGoHacktoberfest
Go
6894
1 个月前
TH3xACE/SUDO_KILLER
TH3xACE / SUDO_KILLER 

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

sudo-exploitationabuse-sudoctfExploitCommon Vulnerabilities and Exposures (CVE)pentestpentest-toolprivilege-escalationsudolinux-exploitsmisconfigurationoscposcp-toolsoscp-journeyoscp-prep
Shell
2364
2 天前
aquasecurity / trivy-operator 

Kubernetes-native security toolkit

cloud-nativeGoKubernetesoperator安全misconfigurationoctoberfestvulnerability-detectionvulnerability-scanners
Go
1644
3 天前
nickvourd / Windows-Local-Privilege-Escalation-Cookbook 

Windows Local Privilege Escalation Cookbook

cheatsheetoscposcp-preposepprivilege-escalationWindowsadministratorcmdMicrosoftPowerShellcookbooklpelabmisconfiguration
PowerShell
1185
8 个月前
firefart / stunner 

Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.

stunturnWebRTCExploitmisconfiguration安全Testing工具
Go
825
24 天前
aquasecurity / chain-bench 

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

devsecopssoftware-supply-chainsoftware-supply-chain-security安全vulneraGocismisconfigurationOpen Policy Agent
Go
758
10 个月前
b3rito / yotter 

yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage

Reconnaissancesubdomainssubdomain-brutescannerportscannerportscaninformation-gatheringdnsLinuxmisconfigurationdirectorybruteforcebruteforce-attacks
Shell
124
8 年前
fatihtokus / scan2html 

A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.

cloudmisconfigurationOpen Sourcereportsbomscan安全trivyvulnerabilitycontainersDevOpsdevsecopsInfrastructure as codesecopsvulnerability-management
HTML
109
1 个月前
Vinum-Security / yandex-cloud-security 

⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.

安全cloudmisconfiguration
40
4 年前
padok-team / yatas-aws 

Plugin for YATAS that audits AWS accounts for misconfiguration and security issues

Amazon Web Servicesaudithardeningmisconfiguration安全
Go
14
13 小时前
K3ysTr0K3R / DroidSniper 

DroidSniper - Misconfigured Android Debug Bridge Scanner

accessAndroidandroid-debug-bridgedevicesmisconfigurationmisconfigurationsReconnaissancereconnaissanceremote-code-executionscannerunauthenticated
Python
12
2 年前
Kloudle / aws-iam-large-account-security 

Security insights for AWS IAM in large-scale accounts (20K+ users), bypassing CSPM limitations.

Amazon Web Servicescloud-securitycspmiammisconfigurationsecurity-automationsecurity-scanner
7
7 个月前
root4031 / cors_scanner 

Fast CORS Misconfiguration Scanner

Cross-origin resource sharing (CORS)misconfigurationBug BountyHackingpentesting
Shell
7
3 年前
4lch3mis7 / XGiF 

A tool to find .git folder exposed due to server misconfiguration.

Bug Bountybugbounty-toolhacking-toolshacking-toolGomisconfiguration
Go
5
1 年前
sicpa-foundations / secretKeeper 

SecretKeeper is a tool for detecting secrets and misconfigurations on your Git repositories (Bitbucket and GitHub).

bitbucketGitHubgitleakshashicorp-vaultmisconfiguration
Python
4
9 个月前
cehuda1 / env-breaker 

Env Breaker adalah Pemindaian dan deteksi file .env pada situs-situs target. Skrip ini membantu mengidentifikasi kemungkinan kebocoran informasi sensitif yang terkait dengan file .env

misconfigurationscannervulnerability
PHP
3
2 年前
secshubhamsharma / FireSploit 

FireSploit is a powerful tool for ethical hackers, developers, and security researchers. It helps find and fix misconfigured Firebase databases that are exposing sensitive data to the public. By scanning for open read/write access, it helps you secure your applications and prevent data breaches.

bugbounty-toolCybersecurityFirebasemisconfiguration
Python
3
2 个月前
padok-team / yatas-gcp 

Plugin for YATAS that audits GCP projects for misconfiguration and security issues

auditGoogle 云hardeningmisconfiguration安全
Go
3
4 天前
Rozan312 / Cloud-Service-Hunting 

This script automate exploit only cloud service

cloudsecurityBug BountycloudExploitmisconfiguration
Python
3
2 年前