A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
-
Updated
May 20, 2024 - Python
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
The blessed GitHub Action, for publishing your 📦 distribution files to PyPI, the tokenless way: https://github.com/marketplace/actions/pypi-publish
A library for detecting known secrets across many web frameworks
Hekatomb is a python script that connects to LDAP directory to retrieve all computers and users informations. Then it will download all DPAPI blob of all users from all computers and uses Domain backup keys to decrypt them.
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Identify hardcoded secrets in static structured text
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded password or related.
Scan for secrets in dangling commits on GitHub using GH Archive data.
Keeper Commander is a python-based CLI and SDK interface to the Keeper Security platform. Provides administrative controls, reporting, import/export and vault management.
Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
A Burp Suite extension to extract datas from source code while browsing.
🔒 Create QR codes to secret-share a message. Ideal for cryptocurrency wallet recovery keys and passwords.
SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
Parse YAML configuration with environment variables in Python
Add a description, image, and links to the secrets topic page so that developers can more easily learn about it.
To associate your repository with the secrets topic, visit your repo's landing page and select "manage topics."