Misconf v1.0 is a lightweight and modular scanner for detecting common framework misconfigurations in web applications.
- Modular scanning engine
- Framework-specific checks (Laravel)
- Clean CLI interface
- Severity-based results
- Debug mode exposure
- .env file exposure
- Missing security headers
- CORS misconfigurations
- Rate limit misconfigurations
git clone https://github.com/cursedwind/misconf.git
cd misconf
pip install -r requirements.txtpython main.py -u https://example.com- CLI Interface
- Scan Result (example.com)
misconf/
├── img/
│ ├── cli-output.png
│ └── scan-example.png
│
├── misconf/
│ ├── __init__.py
│ ├── cli.py
│ ├── checks/
│ │ └── laravel/
│ │ ├── __init__.py
│ │ ├── cors.py
│ │ ├── debug.py
│ │ ├── env.py
│ │ ├── headers.py
│ │ └── ratelimit.py
│ └── core/
│ ├── engine.py
│ ├── http.py
│ └── result.py
│
├── .gitignore
├── main.py
├── pyproject.toml
├── README.md
└── requirements.txtUse this tool only on systems you own or have permission to test.
v1.0 – Initial release