misconfig-mapper: uncover security misconfigurations on popular third-party services

Misconfig Mapper

Misconfig Mapper is a project by Intigriti for the community to help you find, detect, and resolve common security misconfigurations in various popular services, technologies, and SaaS-based solutions that your targets use!

CLI Tool

Misconfig Mapper has a dedicated open-source CLI tool written in Golang to help you automate the testing of most misconfigurations found on covered services.

It can identify and enumerate instances of services used by your company, and perform detection and misconfiguration checks at scale! By supplying a template with detection fingerprints and misconfiguration check fingerprints, the tool can quickly and accurately identify potential security risks in popular third-party software and services!

The tool is based on templates and is versatile. New services can be easily added by adding them to the services.json file.

 

detect security misconfigurations

Feature

  • The CLI tool is based on templates defined in the services.json file. You can add as many as you want. See Templates section for more information on how to add a template.
  • If you provide a company name, the tool will automatically generate permutations based on the keyword you provided and try to find any matching services.
  • You can also optionally select to only detect the presence of services without performing any misconfiguration checks (see more on Usage section).

Install & Use

Copyright (c) 2024 Intigriti