# Introduction

Misconfig Mapper is a project by Intigriti for the community to help you find, detect and resolve common security misconfigurations in various popular services, technologies and SaaS-based solutions that your targets use!

Misconfig Mapper consists out of 2 parts, the Documentation and the Scanner.

## Documentation

The documentation has all the known misconfigured services documented. Each section or service has its own misconfigurations listed.

Each page is further divided into 5 separate sections; "Description", "Testing", "Remediation", "Potential Impact" and "References" (if any).

<figure><img src="/files/MvTlmdTRGEv65YAdBTpm" alt=""><figcaption><p><em>Example of a Public Groovy Script Console accessible on a misconfigured Jenkins instance.</em></p></figcaption></figure>

## Scanner

The open-source scanner that is written in Golang is designed to help you automate finding or detecting almost all common security misconfigurations!

Some features include:

* Automatic target enumeration (via permutations)
* Template-based (easy configuration of new services)
* Passive-only tests

<figure><img src="/files/y574Ojf25wSFCnxHT1kE" alt=""><figcaption><p><em>Example of a misconfigured "Atlassian Jira Service Desk" finding using Misconfig Mapper.</em></p></figcaption></figure>

{% embed url="<https://github.com/intigriti/misconfig-mapper>" %}

## Supported Services

At the moment, there are 15+ services available. [Click here](/misconfig-mapper-docs/readme/services.md) to view the full list of services covered.

{% content-ref url="/pages/mmLAJgZHpPszaWS1kITp" %}
[Supported Services](/misconfig-mapper-docs/readme/services.md)
{% endcontent-ref %}

## Contributions

Contributions to the project are encouraged! Please learn more on how to contribute to the project on the following page:

{% content-ref url="/pages/ZrsepHG0vYwInoMzVLtd" %}
[Contributing](/misconfig-mapper-docs/readme/contributing.md)
{% endcontent-ref %}

## License

This project is licensed and available under the [MIT License](https://github.com/intigriti/misconfig-mapper/blob/main/LICENSE.md).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://bugology.intigriti.io/misconfig-mapper-docs/readme/introduction.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.