https://github.com/TH3xACE/SUDO_KILLER is a tool to detect if we can exploit sudo to gain unauthorized access.
As servers like Eglide uses some sudo rules to allow group of users to control their services, it could be interesting to find a way to run this tool automatically and export the report somewhere.
looks an interesting tool, something quite frightening is that it comes with a set of exploit, (if I understand, a common way to exploit sudo flaws).
As a shell script not even indented, it is absolutely unreadable, and more or less one have to trust the creator to not making mistake.
Moreover for full use, you have to give a sudo password in clear text ( I just don't understand the reason)
As such, I would say it would be kind of crazy to run it automatically and I would not comfortable to simply run it for myself in any way.
This kind of unreadable mess is very common in security tools, so there is no hint that there is something wrong (probably the opposite).
What I say must be taken wit a lot of grain of salt, as I often think of similar unreadable mess nearly each time I read some code. (but usually I have some hint of what happen in the big picture but not in this case)/
Those are valid concerns.
What I'd suggest is to spawn a copy of a server on a different account, so sudo configuration and actual files are provided, and run the tool there.
What we need to automate in a script would so be:
The password is irrelevant, all our sudo rules are NOPASSWD.
I have no idea how to do it, but looks like a good plan. Apart that, in my opinion, you do a much more of what would be necessary to run nasqueron services (but it is your time, you use it like you want)