misconfiguration

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Security scanner for your Terraform code

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.

Kubernetes-native security toolkit

yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage

⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.

A tool to find .git folder exposed due to server misconfiguration.

Plugin for yatas that audits AWS for misconfiguration and security issues

Fast CORS Misconfiguration Scanner

⚛️ nucleo is a script that checks common vulnerabilities and security misconfigurations, strongly inspired by nuclei.

NetGun is a free and open source tool for port scanning, services enumeration, misconfigurations testing and CVE research

Global Misconfig Finder (web)

A tool to diagnose software configuration errors by analyzing stack trace.

Azure services configuration analyzer