Topic: "misconfiguration"
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Language: Go - Size: 874 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 28,090 - Forks: 2,693
aquasecurity/tfsec
Tfsec is now part of Trivy
Language: Go - Size: 116 MB - Last synced at: 3 days ago - Pushed at: about 1 month ago - Stars: 6,880 - Forks: 550
TH3xACE/SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
Language: Shell - Size: 4.88 MB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 2,345 - Forks: 259
aquasecurity/trivy-operator
Kubernetes-native security toolkit
Language: Go - Size: 41.9 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1,609 - Forks: 247
nickvourd/Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
Language: PowerShell - Size: 32.6 MB - Last synced at: 10 days ago - Pushed at: 8 months ago - Stars: 1,168 - Forks: 184
firefart/stunner
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
Language: Go - Size: 302 KB - Last synced at: 37 minutes ago - Pushed at: about 3 hours ago - Stars: 818 - Forks: 47
aquasecurity/chain-bench
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Language: Go - Size: 5.74 MB - Last synced at: about 1 month ago - Pushed at: 9 months ago - Stars: 752 - Forks: 65
b3rito/yotter
yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
Language: Shell - Size: 56.6 KB - Last synced at: over 1 year ago - Pushed at: almost 8 years ago - Stars: 122 - Forks: 20
fatihtokus/scan2html
A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.
Language: HTML - Size: 15.4 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 104 - Forks: 13
padok-team/yatas-aws
Plugin for YATAS that audits AWS accounts for misconfiguration and security issues
Language: Go - Size: 2.17 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 14 - Forks: 2
Kloudle/aws-iam-large-account-security
Security insights for AWS IAM in large-scale accounts (20K+ users), bypassing CSPM limitations.
Size: 5.86 KB - Last synced at: 5 months ago - Pushed at: 6 months ago - Stars: 7 - Forks: 0
4lch3mis7/XGiF
A tool to find .git folder exposed due to server misconfiguration.
Language: Go - Size: 3.21 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 6 - Forks: 2
machine1337/cors_scanner
Fast CORS Misconfiguration Scanner
Language: Shell - Size: 19.5 KB - Last synced at: 5 months ago - Pushed at: almost 3 years ago - Stars: 6 - Forks: 3
padok-team/yatas-gcp
Plugin for YATAS that audits GCP projects for misconfiguration and security issues
Language: Go - Size: 1.76 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 3 - Forks: 0
secshubhamsharma/FireSploit
Scan & exploit misconfigured Firebase Realtime DBs
Language: Python - Size: 4.32 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 1
cehuda1/env-breaker
Env Breaker adalah Pemindaian dan deteksi file .env pada situs-situs target. Skrip ini membantu mengidentifikasi kemungkinan kebocoran informasi sensitif yang terkait dengan file .env
Language: PHP - Size: 6.84 KB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 0
Archive-Puma/nucleo
⚛️ nucleo is a script that checks common vulnerabilities and security misconfigurations, strongly inspired by nuclei.
Language: Shell - Size: 3.91 KB - Last synced at: over 1 year ago - Pushed at: almost 3 years ago - Stars: 2 - Forks: 0
fagci/gmf
Global Misconfig Finder (web)
Language: Python - Size: 39.1 KB - Last synced at: 5 months ago - Pushed at: almost 4 years ago - Stars: 2 - Forks: 0
killukeren/Hosti
Automation tools untuk mendeteksi celah misconfig Host Header injection
Language: Python - Size: 0 Bytes - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 1 - Forks: 0
codershiyar/WinPrivilegeEscalation
This repository provides easy-to-follow methods for gaining admin rights (privilege escalation) on Windows 10, 11, and newer systems. Learn how to identify and exploit misconfigurations, weak permissions, and common security flaws to escalate user privileges. Perfect for ethical hackers, penetration testers, and security researchers looking to test
Language: HTML - Size: 44 MB - Last synced at: 5 months ago - Pushed at: 11 months ago - Stars: 1 - Forks: 0
K3ysTr0K3R/DroidSniper
DroidSniper - Misconfigured Android Debug Bridge Scanner
Language: Python - Size: 12.7 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 1
ShackWove/NetGun Fork of MyCr4ck/NetGun_Classe03
NetGun is a free and open source tool for port scanning, services enumeration, misconfigurations testing and CVE research. This is only for testing, official repository: https://github.com/MyCr4ck/NetGun_Classe03
Language: HTML - Size: 14.1 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 1 - Forks: 0
dafneb/MiCloudPurple
Microsoft Cloud Purple tool
Language: Python - Size: 82 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0
Ad661-uckkk/S3eker
S3eker: real-time CLI toolkit for open S3 bucket discovery and Firebase config checks. TUI scraper with live filters, formatted reports, and Markdown export. 🐙
Language: Go - Size: 30.3 KB - Last synced at: 12 days ago - Pushed at: 13 days ago - Stars: 0 - Forks: 0
AWS-Security-Portfolio/s3-security
Securing S3 buckets: Test public access, apply policies and encryption, and detect misconfigurations with AWS Trusted Advisor. Includes screenshots, policy examples, and clear documentation.
Size: 2.86 MB - Last synced at: 25 days ago - Pushed at: 25 days ago - Stars: 0 - Forks: 0
javelinsoft/CORS-Misconfiguration-test
CORS Misconfiguration Test
Language: HTML - Size: 19.5 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
UsamaMatrix/cloud-exploit-framework
⚠️ Description only - code is confidential. Automates cloud security assessments for AWS, Azure, and GCP to detect misconfigurations and perform controlled exploitation.
Size: 4.88 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
ace-83/simple-wp-checker
simple wordpress checker
Language: Python - Size: 9.77 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0
gsscoder/configinsights
Azure services configuration analyzer
Language: C# - Size: 184 KB - Last synced at: 4 months ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 1
liuyuxy/STAD
A tool to diagnose software configuration errors by analyzing stack trace.
Language: Java - Size: 18.6 KB - Last synced at: over 2 years ago - Pushed at: over 3 years ago - Stars: 0 - Forks: 0
