GH Scanner Tool is written in Python3 and designed for penetration testers and bug bounty hunters to scan Organization/User repositories for leaks such as GitHub Token, AWS Access Keys, Slack Webhooks, Firebase, Private Keys and more.
☆34Jul 13, 2025Updated 9 months ago
Alternatives and similar repositories for gh_scanner
Users that are interested in gh_scanner are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆11Aug 27, 2020Updated 5 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.☆11Dec 14, 2025Updated 4 months ago
- List of custom Nuclei templates☆16Nov 4, 2023Updated 2 years ago
- Strumenti per Domini - Whois - IP - Data Breach - Email☆18Oct 30, 2024Updated last year
- A program to find the real string for your hash. MD5, SHA256, any really. Works really fast, gets to the "aaaa" combo in about 1 second e…☆17Jun 5, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in☆21Dec 22, 2022Updated 3 years ago
- Python based Web Scraper which can discover JavaScript files and parse them for juicy information (API keys, IP's, Hidden Paths etc)☆16Feb 17, 2022Updated 4 years ago
- Burp Suite plugin that adds additional checks to the passive scanner to reveal the origin IP(s) of Cloudflare-protected web applications.☆63Nov 29, 2022Updated 3 years ago
- 「📖」Tool created to extract metadata from a domain☆14Dec 7, 2024Updated last year
- Script to test open Akamai ARL vulnerability.☆69Aug 11, 2021Updated 4 years ago
- A bash tool used to install famous bug bounty tools. Mainly used when setting up a fresh environment.☆16Mar 20, 2023Updated 3 years ago
- Blank methodology sheet for the OSWE exam☆13Dec 17, 2021Updated 4 years ago
- ☆12May 16, 2020Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Tool to hack Graphql☆15Oct 17, 2023Updated 2 years ago
- Validate proxies for specific domain☆39Aug 14, 2021Updated 4 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- Endpoint monitor tool☆21Sep 16, 2020Updated 5 years ago
- Tool for Reconnaissance on a web camera.☆17Apr 5, 2022Updated 4 years ago
- A FireBase DataBase TakeOver Tool along with POC Generator☆35Sep 16, 2021Updated 4 years ago
- Bash Enumeration Script☆18Oct 18, 2019Updated 6 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆158Nov 24, 2023Updated 2 years ago
- gSAST - Grep Static Analysis Security Tool☆13Mar 30, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Try dictionary words as private keys to find unused funds☆11Dec 6, 2017Updated 8 years ago
- ☆44Apr 30, 2021Updated 5 years ago
- Crawl website extract links☆58Jun 1, 2020Updated 5 years ago
- InfiniteWP Client < 1.9.4.5 - Authentication Bypass☆21Jul 28, 2021Updated 4 years ago
- ☆21Dec 15, 2020Updated 5 years ago
- OWASP Smart Contract Securty Verification Standard☆18Aug 20, 2025Updated 8 months ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆112Feb 14, 2022Updated 4 years ago
- Horizontal Domain Discovery☆76May 22, 2023Updated 2 years ago
- ☆19Apr 20, 2026Updated 2 weeks ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- ☆12Apr 14, 2021Updated 5 years ago
- One-click installer for Frida and Burp certs for SSL Pinning bypass☆82Apr 9, 2026Updated last month
- Analyze Android APK files from a browser.☆14Sep 29, 2020Updated 5 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- A Python script to brute force Curve25519 Keys to be used with wireguard and search for a given string in its b64 encode.☆11May 7, 2020Updated 6 years ago
- A standalone tool that runs in your browser and allows you to recover a BTC.com wallet☆15Sep 27, 2024Updated last year
- https://sites.google.com/securifyinc.com/secblogs/finding-leaked-sensitive-data☆17Jun 14, 2018Updated 7 years ago