Intigriti - Hack Hub
  • Misconfig Mapper Docs
    • Introduction
    • Supported Services
    • CLI Tool
    • Contributing
  • Services
    • GraphQL
      • GraphQL Introspection Query Enabled
    • Symfony PHP
      • Symfony Profiler Enabled
    • Postman API Platform
      • Public Workspaces
    • Salesforce
      • Salesforce Lightning Aura Components Enabled
    • Trello
      • View Permissions on Trello Boards
    • Figma
      • View access misconfiguration
    • Freshworks Freshservice
      • Open User Registration
    • Slack
      • No Admin Approval for Invitations
    • Atlassian Bitbucket
      • Publicly Accessible Private Repositories
    • Atlassian Confluence
      • Anonymous access to Remote API
      • Disabled XSRF Protection
      • User Email Visibility
      • Misconfigured Spaces
    • Atlassian Jira
      • Open User Registration
      • Atlassian Jira Email Visibility
      • Atlassian Jira Service Desk Open Signups
    • AWS S3
      • Misconfigured List Permissions
    • Cloudflare R2
      • R2.DEV Enabled
    • Google Groups
      • Misconfigured read permissions
    • Google Docs
      • Misconfigured read permissions
    • Google Cloud Storage Bucket
      • Misconfigured access controls
    • Google OAuth
      • Unrestricted email domains
    • Jenkins
      • Open Signups
      • Public Groovy Script Console
    • GitLab
      • Gitlab Private Source Code Snippets Exposed
    • Drupal
      • Drupal Nodes with Misconfigured Access Controls
    • Laravel
      • Debug Mode Enabled
      • Laravel Telescope Enabled In Production
Powered by GitBook
On this page
  • How to contribute to Misconfig Mapper Docs
  • Submitting a coverage for a new misconfiguration
  • Suggesting an improvement
  • Submitting a new template

Was this helpful?

Edit on GitHub
  1. Misconfig Mapper Docs

Contributing

How to contribute to Misconfig Mapper Docs

Misconfig Mapper is open-source and made for the community! We encourage you to contribute to the project!

This guideline contains information to help you contribute to Misconfig Mapper Documentation! Thank you for helping out! We appreciate all contributions made to this project!

Submitting a coverage for a new misconfiguration

To document each misconfiguration properly, you will have to make sure the following 6 sections are present in your new submitted service.

Title

Make sure to provide a descriptive title to help describe the misconfiguration.

Description

A description contains a small overview about what the service and misconfiguration is

Testing

The testing section should provide clear to follow steps on how to test for the documented misconfiguration. This may include proof of concepts, images, and other supporting references to help users identify the presence of the security misconfiguration.

Remediation

The remediation section should provide simple steps on how to remediate and prevent the security misconfiguration. This may include links to official third-party service documentation and images supporting the reproduction steps.

Potential Impact

This section should mention the potential impact of the security misconfiguration.

References

If applicable, you may link articles or other supporting references to help users with further testing or remediation for example.

Suggesting an improvement

Please consider opening a new pull request or issue for submitting an improvement.

Submitting a new template

To help contribute to the scanner, view the guidelines here.

PreviousCLI ToolNextGraphQL

Last updated 1 year ago

Was this helpful?