avito-tech / deepsecrets
Secrets scanner that understands code
☆188Updated last year
Alternatives and similar repositories for deepsecrets:
Users that are interested in deepsecrets are comparing it to the libraries listed below
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆113Updated last year
- Secrets scanner that understands code☆129Updated 6 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆101Updated 2 weeks ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated last week
- boostsecurityio/lotp☆111Updated last month
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆216Updated last month
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆38Updated last month
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆157Updated 2 months ago
- ☆110Updated last year
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated last year
- GitLab CI security tools runner☆17Updated last year
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆266Updated 2 months ago
- Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets☆205Updated 2 months ago
- 🧰 Multi Tool Kubernetes Pentest Image☆220Updated 5 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆45Updated 5 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆254Updated 7 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…☆194Updated 2 years ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆118Updated 2 years ago
- ☆179Updated 2 months ago
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆173Updated last year
- Manager of third-party sources of Semgrep rules 🗂☆78Updated 6 months ago
- ☆93Updated 2 years ago
- Docker toolbox for pentest of web based application.☆146Updated this week
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆186Updated 2 months ago
- Protect against subdomain takeover☆92Updated 8 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- Tools to assess DNS security.☆151Updated 10 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Watch the latest awesome security talks around the globe☆270Updated 2 years ago