all InfoSec news
Navgix - A Multi-Threaded Golang Tool That Will Check For Nginx Alias Traversal Vulnerabilities
Feb. 5, 2024, 11:30 a.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities
Techniques
Currently, navgix supports 2 techniques for finding vulnerable directories (or location aliases). Those being the following:
Heuristics
navgix will make an initial GET request to the page, and if there are any directories specified on the page HTML (specified in src attributes on html components), it will test each folder in the path for the vulnerability, therefore if it finds a link to /static/img/photos/avatar.png, it …
More from www.kitploit.com / KitPloit - PenTest Tools!
Jobs in InfoSec / Cybersecurity
Principal Engineer - DLP Endpoint Security
@ Netskope | Bengaluru, Karnataka, India
Security Consultant (m/w/d)
@ Deutsche Telekom | Berlin, Deutschland
Security Engineer
@ IDEMIA | Haarlem, NL, 2031 CC
CyberSecurity Forensics and Incident Response Analyst
@ Bosch Group | Pittsburgh, PA, United States
Cyber MS MDR - Sr Associate
@ KPMG India | Bengaluru, Karnataka, India
Senior Lead Cybersecurity Architect-Threat modeling, Cryptography
@ JPMorgan Chase & Co. | India