search

hakaioffsec / navgix

navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities
59 stars 5 forks source link

how use it? thx #2

Open sasholy opened 1 year ago

dk4trin commented 1 year ago

After installation, run:

navgix scan -u LIST navgix scan -u URL

dk4trin commented 1 year ago

image

sasholy commented 1 year ago

sorry, but there is an example of a vulnerable site. thx

dk4trin commented 1 year ago

Look this: https://labs.hakaioffsec.com/nginx-alias-traversal/

There are case studies.

yhy0 commented 1 year ago

Here's a demonstration. https://github.com/vulhub/vulhub/blob/6a142caa19620bffa4cda9989697afd5b4136c87/nginx/insecure-configuration/README.md