gixy
Analyze Nginx configuration for security vulnerabilities
TLDR
Analyze nginx configuration (default path: /etc/nginx/nginx.conf)
Analyze nginx configuration but skip specific tests
Analyze nginx configuration with the specific severity level
Analyze nginx configuration files on the specific path
SYNOPSIS
gixy [OPTIONS] CONFIG [CONFIG...]
PARAMETERS
--checks=CHECKS
Comma-separated list of checks to run (default: all)
--format=FORMAT
Output format: text or json (default: text)
--log-level=LEVEL
Log level: debug, info, warning, or error (default: info)
-h, --help
Show help message and exit
-v, --version
Show program's version number and exit
DESCRIPTION
Gixy is a powerful static security auditing tool designed specifically for analyzing Postfix and
By parsing configuration files without executing the services, Gixy performs exhaustive checks against a curated database of known issues. Each finding includes a severity level (LOW, MEDIUM, HIGH, CRITICAL), an explanation, and remediation advice. This makes it invaluable for mail server administrators aiming to harden their setups proactively.
Written in Python, Gixy supports custom check lists and multiple output formats for integration into CI/CD pipelines or reporting tools. It's lightweight, fast, and focuses on real-world security pitfalls observed in production environments.
Regular updates expand its check suite, covering evolving threats in mail server security.
CAVEATS
Gixy is a third-party Python tool, not a core Linux utility; requires installation via pip. Supports only Postfix and Dovecot configs. False positives possible in complex setups.
INSTALLATION
pip install gixy
git clone https://github.com/green-security/gixy && cd gixy && pip install -r requirements.txt && python setup.py install
EXAMPLE USAGE
gixy --format=json /etc/postfix/main.cf /etc/postfix/master.cf
Outputs security issues in JSON for scripting.
HISTORY
Developed by GreenSecurity team; first released in 2017. Open-source on GitHub with ongoing updates for new checks and mail server versions.
