Linux command
gixy-next 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Analyze nginx config
gixy-next [/etc/nginx/nginx.conf]
Run only specific checks
gixy-next --tests [ssrf,host_spoofing] [config.conf]
Skip specific checks
gixy-next --skips [http_splitting] [config.conf]
Output as JSON
gixy-next -f json [config.conf]
Show only medium severity and above
gixy-next -ll [config.conf]
说明
gixy-next is a maintained fork of gixy for nginx security analysis. It continues development of the original tool with updates, bug fixes, and support for newer nginx features. The tool analyzes nginx configurations for security issues, detecting misconfigurations that could lead to vulnerabilities such as SSRF and host spoofing.
参数
- --tests _RULES_
- Only run specific checks (comma-separated).
- --skips _RULES_
- Skip specific checks (comma-separated).
- -f, --format _FORMAT_
- Output format (text, json).
- -l
- Filter by severity level. Use -l for LOW+, -ll for MEDIUM+, -lll for HIGH only.
- --help
- Display help information.
FAQ
What is the gixy-next command used for?
gixy-next is a maintained fork of gixy for nginx security analysis. It continues development of the original tool with updates, bug fixes, and support for newer nginx features. The tool analyzes nginx configurations for security issues, detecting misconfigurations that could lead to vulnerabilities such as SSRF and host spoofing.
How do I run a basic gixy-next example?
Run `gixy-next [/etc/nginx/nginx.conf]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does --tests _RULES_ do in gixy-next?
Only run specific checks (comma-separated).