GIXY download | SourceForge.net

Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection. Currently supported Python versions are 2.7, 3.5, 3.6 and 3.7. Gixy is well tested only on GNU/Linux, other OSs may have some issues. You can find things that Gixy is learning to detect at Issues labeled with "new plugin". By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf. Or something else, you can find all other gixy arguments with the help command: gixy --help. Gixy is available as a Docker image from the Docker hub. To use it, mount the configuration that you want to analyse as a volume and provide the path to the configuration file when running the Gixy image. If you have an image that already contains your nginx configuration, you can share the configuration with the Gixy container as a volume.

Features

Find Server Side Request Forgery
Find problems with referrer/origin validation
Redefining of response headers by "add_header" directive
Find request's Host header forgery
Find multiline response headers
Find path traversal via misconfigured alias

Project Samples

Project Activity

See All Activity >

License

Mozilla Public License 2.0 (MPL 2.0)

Follow GIXY

GIXY Web Site

Other Useful Business Software

Auth0 B2B Essentials: SSO, MFA, and RBAC Built In

Unlimited organizations, 3 enterprise SSO connections, role-based access control, and pro MFA included. Dev and prod tenants out of the box.

Auth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.

Rate This Project

User Reviews

Be the first to post a review of GIXY!

Additional Project Details

Operating Systems

Linux

Programming Language

Python

Related Categories

Python Source Code Analysis Tool

Registered

2021-08-13

Similar Business Software

ManageEngine OpManager

OpManager is a network management tool geared to monitor your entire network. Ensure all devices operate at peak health, performance, and availability. The extensive network monitoring capabilities lets you track performance of switches, routers, LANs, WLCs, IP addresses, and...

See Software
Grafana Cloud

Grafana Labs delivers the leading AI-powered observability platform, built around Grafana—the world’s most widely adopted open source technology for dashboards and visualization. Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Observability Platforms, Grafana Labs supports more...

See Software
Bitrise

Bitrise is a CI/CD platform built for mobile development, helping teams speed up builds, automate testing, and deliver high-quality apps faster. It supports native languages like Swift, Objective-C, Java, and Kotlin, as well as cross-platform frameworks including React Native, Flutter, Xamarin,...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Windsurf Editor

The Windsurf Editor is a free AI-powered IDE and AI coding assistant that accelerates development by providing intelligent code generation and agents in over 70 programming languages and more than 40 IDEs, including VSCode, JetBrains, and Jupyter Notebooks. With Windsurf, developers can write...

See Software
StackAI

StackAI is an enterprise AI automation platform to build end-to-end internal tools and processes with AI agents in a fully compliant and secure way. Designed for large, regulated organizations, it enables teams to automate complex workflows across operations, compliance, finance, IT, and support...

See Software