Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Security scanner for your Terraform code

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

Kubernetes-native security toolkit

Windows Local Privilege Escalation Cookbook

Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage

⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.

Plugin for YATAS that audits AWS accounts for misconfiguration and security issues

A tool to find .git folder exposed due to server misconfiguration.

Fast CORS Misconfiguration Scanner

Env Breaker adalah Pemindaian dan deteksi file .env pada situs-situs target. Skrip ini membantu mengidentifikasi kemungkinan kebocoran informasi sensitif yang terkait dengan file .env

Plugin for YATAS that audits GCP projects for misconfiguration and security issues

This script automate exploit only cloud service

⚛️ nucleo is a script that checks common vulnerabilities and security misconfigurations, strongly inspired by nuclei.

NetGun is a free and open source tool for port scanning, services enumeration, misconfigurations testing and CVE research. This is only for testing, official repository: https://github.com/MyCr4ck/NetGun_Classe03

Global Misconfig Finder (web)

DroidSniper - Misconfigured Android Debug Bridge Scanner

Azure services configuration analyzer