Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
CORS Misconfiguration Scanner
翻译 - CORS错误配置扫描程序
一个漏洞扫描工具,可用于扫描容器镜像、系统文件、Git仓库、以及配置和硬编码密钥等
🎯 Fast CORS misconfiguration vulnerabilities scanner
Trivy's misconfiguration scanning engine
Discover internet-wide misconfigurations while drinking coffee
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
翻译 - Bridgecrew使用Checkov防止在Terraform,Cloudformation,Kubernetes,无服务器框架和其他基础架构代码语言的构建期间对云进行错误配置。
⚙️ ArminC's autoexec for CS2 - well documented, analysed and no misconfigurations
Cross Origin Resource Sharing MisConfiguration Scanner
Scan your code for security misconfiguration, search for passwords and secrets. 🔍
BGP and RPKI monitoring tool. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, ROA misconfiguration, and more.
翻译 - 监视BGP数据流的软件。预先配置用于实时可见性损失和劫持检测。
kubescape 是一个用于k8s风险分析、安全合规性、RBAC 可视化工具和图像漏洞扫描工具。
AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
翻译 - AD Enum 是一个渗透测试工具,它允许通过协议 LDAP 发现错误配置,并利用 kerberos 来利用其中的一些弱点。
#夺旗赛 (CTF) 和网络安全资源#A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges ...
GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test products with ac...