YATAS – A Simple Tool To Audit Your AWS Infrastructure For Misconfiguration Or Potential Security Issues With Plugins Integration

Yet Another Testing & Auditing Solution The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won’t check for all best practices but only for the ones that are important for you based on my experience. Please feel free to tell me if you find something thatRead More

Kubeeye – Tool To Find Various Problems On Kubernetes, Such As Application Misconfiguration, Unhealthy Cluster Components And Node Problems

  KubeEye is an inspection tool for Kubernetes to discover Kubernetes resources (by OPA ), cluster components, cluster nodes (by Node-Problem-Detector) and other configurations are meeting with best practices, and giving suggestions for modification. KubeEye supports custom inspection rules and plugins installation. Through KubeEye Operator, you can view the inspection results and modification suggestions byRead More

ADenum – A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos

AD Enum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos. cracking (john) -jp [path] John binary path -w [wordList] The path of the wordlist to be used john (Default: /usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt -v, –version Show program’s version number and exit -s Use LDAP withRead More

CorsMe – Cross Origin Resource Sharing MisConfiguration Scanner

A Misconfiguration Scanner cors misconfiguration scanner tool based on golang with speed and precision in mind ! Misconfiguration type this scanner can check for Reflect Origin checks Prefix Match Suffix Match Not Esacped Dots Null ThirdParties (Like => github.io, repl.it etc.) Taken from Chenjj’s github repo SpecialChars (Like => “}”,”(“, etc.) See more in AdvancedRead More