gixy
Nginx configuration security analyzer
TLDR
Analyze nginx config
$ gixy [/etc/nginx/nginx.conf]
Check specific directive$ gixy --only-plugins [ssrf] [config.conf]
Output JSON$ gixy -f json [config.conf]
Skip plugins$ gixy --skip-plugins [host_spoofing] [config.conf]
SYNOPSIS
gixy [options] config
DESCRIPTION
gixy analyzes nginx configuration files for security issues. It detects common misconfigurations that could lead to vulnerabilities like SSRF, host spoofing, and path traversal.
The tool includes plugins for various security checks and provides detailed explanations of issues found. It is used in security audits and CI pipelines to catch nginx misconfigurations before deployment.
PARAMETERS
CONFIG
Nginx configuration file.--only-plugins PLUGINS
Only run specific plugins.--skip-plugins PLUGINS
Skip specific plugins.-f FORMAT, --format FORMAT
Output format (text, json).--help
Display help information.
CAVEATS
Python tool. May need updates for latest nginx features. False positives possible.
HISTORY
gixy was created by Yandex to automate nginx security configuration review.
SEE ALSO
nginx(1)