snallygaster
snallygaster is a tool that looks for files accessible on web servers that shouldn’t be public and can pose a security risk. Typical examples include publicly accessible git repositories, backup files potentially containing passwords or database dumps. In addition, it contains a few checks for other security vulnerabilities.
Details
Category: Misconfiguration
Publisher: trickest
Created Date: 6/23/2021
Container: quay.io/trickest/snallygaster:0.0.11
Source URL: https://github.com/hannob/snallygaster
Parameters
Command:
--info - Enable all info tests (no bugs/security vulnerabilities).Command:
--path - Base path on server (scans root dir by default).Command:
--debug - Show detailed debugging infoCommand:
Command:
--noisy - Show noisy messages that indicate boring bugs, but no security issue.Command:
--nowww - Skip scanning www.[host].Command:
--tests - Comma-separated tests to run.Command:
--nohttp - Don't scan http.Command:
--nohttps - Don't scan https.Command:
--useragent - User agent to send in request header.