π¦π Awesome list of secrets in environment variables π₯οΈ
β909Sep 21, 2022Updated 3 years ago
Alternatives and similar repositories for awesome-list-of-secrets-in-environment-variables
Users that are interested in awesome-list-of-secrets-in-environment-variables are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- π© π€π» [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variablesβ¦β339Sep 4, 2022Updated 3 years ago
- π±βπ» βοΈ π€¬ CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricksβ951Jan 15, 2022Updated 4 years ago
- β1,202Sep 2, 2022Updated 3 years ago
- π±βπ» π Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2β¦β174Mar 22, 2021Updated 5 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID securityβ178Oct 26, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ981Dec 31, 2021Updated 4 years ago
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β429Jun 23, 2026Updated 2 weeks ago
- Awesome list of step by step techniques to achieve Remote Code Execution on various apps!β1,942Oct 7, 2023Updated 2 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,185Jan 21, 2026Updated 5 months ago
- VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkitβ450Nov 2, 2023Updated 2 years ago
- declutters url lists for crawling/pentestingβ1,573Feb 23, 2025Updated last year
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.β619Mar 4, 2021Updated 5 years ago
- "Can I take over DNS?" β a list of DNS providers and how to claim vulnerable domains.β1,099Mar 3, 2025Updated last year
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,276Aug 14, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β1,083Mar 24, 2026Updated 3 months ago
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communitβ¦β3,844May 1, 2026Updated 2 months ago
- A robust Red Team proxy written in Go.β163Dec 26, 2021Updated 4 years ago
- Rust-based high performance domain permutation generator.β305Dec 2, 2023Updated 2 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,183Apr 3, 2026Updated 3 months ago
- Unleash the power of cloudβ819Nov 19, 2024Updated last year
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)β297Sep 26, 2023Updated 2 years ago
- One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password π‘οΈβ6,646Updated this week
- π Collection of regexp pattern for security passive scanningβ116Feb 18, 2023Updated 3 years ago
- Virtual machines for every use case on DigitalOcean β’ AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,796Jun 29, 2026Updated last week
- A repository that includes all the important wordlists used while bug hunting.β1,419Mar 11, 2023Updated 3 years ago
- Contextual Content Discovery Toolβ3,223Apr 29, 2024Updated 2 years ago
- Proof of concept code for Datadog Security Labs referenced exploits.β448Updated this week
- Rockyou for web fuzzingβ3,185Mar 11, 2026Updated 3 months ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.β1,326Aug 7, 2024Updated last year
- Detects request smuggling via HTTP/2 downgrades.β94Jul 30, 2022Updated 3 years ago
- πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.β977Jan 10, 2025Updated last year
- Grafana Unauthorized arbitrary file reading vulnerabilityβ368Feb 14, 2023Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- This repo has been replaced by https://www.cloudvulndb.orgβ724Jun 29, 2022Updated 4 years ago
- Content-Type Researchβ668Jun 29, 2025Updated last year
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.β1,036Jun 29, 2026Updated last week
- β751Jun 26, 2024Updated 2 years ago
- The Swiss Army knife for automated Web Application Testingβ2,358Jun 20, 2026Updated 2 weeks ago
- A collection of hacks and one-off scriptsβ2,504Mar 13, 2025Updated last year
- Automating situational awareness for cloud penetration tests.β2,512May 26, 2026Updated last month