avito-tech / deepsecrets
Secrets scanner that understands code
☆189Updated last year
Alternatives and similar repositories for deepsecrets:
Users that are interested in deepsecrets are comparing it to the libraries listed below
- Secrets scanner that understands code☆139Updated last month
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆216Updated 3 weeks ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆115Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆166Updated last month
- 🧰 Multi Tool Kubernetes Pentest Image☆229Updated 7 months ago
- boostsecurityio/lotp☆119Updated 2 weeks ago
- ☆110Updated last year
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆221Updated last month
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆46Updated 7 months ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated this week
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆103Updated 2 months ago
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆121Updated 2 years ago
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆49Updated 2 months ago
- Public OCI-Image (docker image) Security Checker☆16Updated 3 weeks ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- ☆175Updated 4 months ago
- Extensible framework for analyzing publicly available information about vulnerabilities☆110Updated last week
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆265Updated this week
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆39Updated 3 months ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆198Updated 2 years ago
- A research project to add some brrrrrr to Burp☆150Updated last month
- ☆61Updated 3 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆132Updated last year
- Nuclei plugins to audit Chrome extensions☆64Updated 8 months ago
- Protect against subdomain takeover☆93Updated 10 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆258Updated 2 weeks ago
- ☆186Updated 4 months ago
- It's my solution for bugbounty automation☆18Updated 2 weeks ago
- Manager of third-party sources of Semgrep rules 🗂☆81Updated 8 months ago