misconfiguration topic
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
yotter
yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges...
tfsec
Security scanner for your Terraform code
stunner
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
chain-bench
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
trivy-operator
Kubernetes-native security toolkit
Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
yandex-cloud-security
⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.
scan2html
A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.