GIXY download | SourceForge.net

Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection. Currently supported Python versions are 2.7, 3.5, 3.6 and 3.7. Gixy is well tested only on GNU/Linux, other OSs may have some issues. You can find things that Gixy is learning to detect at Issues labeled with "new plugin". By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf. Or something else, you can find all other gixy arguments with the help command: gixy --help. Gixy is available as a Docker image from the Docker hub. To use it, mount the configuration that you want to analyse as a volume and provide the path to the configuration file when running the Gixy image. If you have an image that already contains your nginx configuration, you can share the configuration with the Gixy container as a volume.

Features

Find Server Side Request Forgery
Find problems with referrer/origin validation
Redefining of response headers by "add_header" directive
Find request's Host header forgery
Find multiline response headers
Find path traversal via misconfigured alias

Project Samples

Project Activity

See All Activity >

License

Mozilla Public License 2.0 (MPL 2.0)

Follow GIXY

GIXY Web Site

Other Useful Business Software

MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.

Start Free

Rate This Project

User Reviews

Be the first to post a review of GIXY!

Additional Project Details

Operating Systems

Linux

Programming Language

Python

Related Categories

Python Source Code Analysis Tool

Registered

2021-08-13

Similar Business Software

StackAI

StackAI is an enterprise AI automation platform to build end-to-end internal tools and processes with AI agents in a fully compliant and secure way. Designed for large organizations, it enables teams to automate complex workflows across operations, compliance, finance, IT, and support without...

See Software
ManageEngine OpManager

OpManager is a network management tool geared to monitor your entire network. Ensure all devices operate at peak health, performance, and availability. The extensive network monitoring capabilities lets you track performance of switches, routers, LANs, WLCs, IP addresses, and...

See Software
Bitrise

Bitrise is a CI/CD platform built for mobile development, helping teams speed up builds, automate testing, and deliver high-quality apps faster. It supports native languages like Swift, Objective-C, Java, and Kotlin, as well as cross-platform frameworks including React Native, Flutter, Xamarin,...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Windsurf Editor

The Windsurf Editor is a free AI-powered IDE and AI coding assistant that accelerates development by providing intelligent code generation and agents in over 70 programming languages and more than 40 IDEs, including VSCode, JetBrains, and Jupyter Notebooks. With Windsurf, developers can write...

See Software
DbVisualizer

DbVisualizer is one of the world's most popular database editors. With almost 7 million downloads and Pro users in 150 countries worldwide, it won't disappoint you. Free and Pro versions are available. Developers, analysts, and DBAs use it to elevate their SQL experience with modern tools to...

See Software