How to use the command gixy (with examples)

gixy is a command-line tool that allows users to analyze nginx configuration files. It helps to identify potential security issues, misconfigurations, and performance problems in the nginx configuration.

Use case 1: Analyze nginx configuration

Code:

gixy

Motivation: Running gixy without any arguments will automatically analyze the default nginx configuration file located at /etc/nginx/nginx.conf. This is useful when you want to quickly analyze the default configuration file without specifying a specific path.

Explanation:

• gixy: This is the command to analyze the nginx configuration file.

Example output:

[+] Parsing config: /etc/nginx/nginx.conf
[+] Testing vulnerabilities...
[*]  No critical vulnerabilities found!
[*]  No non-critical vulnerabilities found!

Use case 2: Analyze nginx configuration but skip specific tests

Code:

gixy --skips http_splitting

Motivation: Sometimes, you may want to skip specific tests that are not relevant or that you have already addressed. This can help to streamline the analysis process and reduce noise in the output.

Explanation:

• --skips http_splitting: This argument instructs gixy to skip the specific test for HTTP splitting vulnerabilities.

Example output:

[+] Parsing config: /etc/nginx/nginx.conf
[+] Testing vulnerabilities...
[*]  No critical vulnerabilities found!
[*]  No non-critical vulnerabilities found!

Use case 3: Analyze nginx configuration with the specific severity level

Code:

gixy -ll

Motivation: By specifying the severity level, you can filter the results based on the severity of the vulnerabilities found. This can be useful when you want to focus on critical vulnerabilities or when you want to get comprehensive information about all vulnerabilities.

Explanation:

• -l: This argument specifies the severity level to “low” and only displays vulnerabilities with a severity level of “low” or higher.
• -ll: This argument specifies the severity level to “medium” and displays vulnerabilities with a severity level of “medium” or higher.
• -lll: This argument specifies the severity level to “high” and displays vulnerabilities with a severity level of “high” or higher.

Example output:

[+] Parsing config: /etc/nginx/nginx.conf
[+] Testing vulnerabilities...
[*]  No critical vulnerabilities found!
[*]  No non-critical vulnerabilities found!

Use case 4: Analyze nginx configuration files on the specific path

Code:

gixy path/to/configuration_file_1 path/to/configuration_file_2

Motivation: This use case is useful when you have nginx configuration files located in custom paths and you want to analyze them without moving or copying them to the default nginx configuration file path.

Explanation:

• path/to/configuration_file_1 path/to/configuration_file_2: These are the specific paths to the nginx configuration files that you want to analyze.

Example output:

[+] Parsing config: path/to/configuration_file_1
[+] Parsing config: path/to/configuration_file_2
[+] Testing vulnerabilities...
[*]  No critical vulnerabilities found!
[*]  No non-critical vulnerabilities found!

Conclusion:

gixy is a powerful command-line tool for analyzing nginx configuration files. With its various use cases, it provides flexibility in analyzing different configuration files and allows you to customize the analysis based on your needs. Whether you are looking for specific vulnerabilities, want to skip certain tests, or filter results based on severity, gixy has got you covered.