0x5t4l1n/hunting
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/hunting.git synced 2026-05-26 19:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
20798031321e1c465bdc9e2d01602e1155a94566
hunting/Security-Misconfiguration/README.md
T

27 lines
998 B
Markdown
Raw Blame History

# Security Misconfiguration
## Description
Security misconfiguration vulnerabilities arise from insecure default configurations, incomplete or ad-hoc configurations, open cloud storage, misconfigured HTTP headers, and verbose error messages containing sensitive information. These are among the most common security issues.
## Common Issues
- Default credentials
- Unnecessary features enabled
- Directory listing enabled
- Detailed error messages
- Outdated software
- Misconfigured security headers
- Open cloud storage buckets
## Common Attack Vectors
- Default admin interfaces
- Configuration files exposed
- Backup files accessible
- Development/debug modes enabled
- Unnecessary services running
## Testing Approach
Test for common misconfigurations, default credentials, exposed configuration files, and security header weaknesses.
## Payloads
See `default-credentials-payloads.txt` and `misconfiguration-paths-payloads.txt` for comprehensive lists of security misconfiguration tests.
Reference in New Issue View Git Blame Copy Permalink