avito-tech / deepsecrets
Secrets scanner that understands code
☆188Updated last year
Alternatives and similar repositories for deepsecrets:
Users that are interested in deepsecrets are comparing it to the libraries listed below
- Secrets scanner that understands code☆135Updated 2 weeks ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆215Updated this week
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆114Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated last month
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆101Updated last month
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆257Updated 8 months ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- ☆110Updated last year
- A research project to add some brrrrrr to Burp☆134Updated last month
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated last week
- 🧰 Multi Tool Kubernetes Pentest Image☆226Updated 6 months ago
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- boostsecurityio/lotp☆114Updated this week
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆220Updated last month
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆198Updated 2 years ago
- Public OCI-Image (docker image) Security Checker☆15Updated last week
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆48Updated 2 months ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆120Updated 2 years ago
- Distribute ordinary bash commands over many systems☆161Updated 2 years ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Updated 6 months ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆272Updated last month
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆276Updated 3 months ago
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆177Updated last year
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆38Updated 3 months ago
- ☆75Updated 2 years ago
- Watch the latest awesome security talks around the globe☆271Updated 2 weeks ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Scan DockerHub images that match a keyword to find secrets.☆55Updated 4 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Docker image to exploit RCE, try for pentest methods and test container security solutions (trivy, falco and etc.)☆88Updated 4 years ago