Secrets scanner that understands code
☆192Nov 2, 2023Updated 2 years ago
Alternatives and similar repositories for deepsecrets
Users that are interested in deepsecrets are comparing it to the libraries listed below
Sorting:
- Secrets scanner that understands code☆166Dec 3, 2025Updated 2 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆282Sep 11, 2025Updated 5 months ago
- An Evil OIDC Server☆53Oct 19, 2022Updated 3 years ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆228Updated this week
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Nov 28, 2025Updated 3 months ago
- navgix is a multi-threaded golang tool that will check for nginx alias traversal vulnerabilities☆74May 20, 2023Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Sep 14, 2023Updated 2 years ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆438Dec 30, 2025Updated 2 months ago
- Service that scans your Infrastructure as Code for common vulnerabilities☆49Dec 14, 2023Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secrets☆247Feb 4, 2026Updated 3 weeks ago
- Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.☆1,105Updated this week
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- a simple discovery script that uses popular tools like subfinder, amass, puredns, alterx, massdns and others☆85Nov 22, 2023Updated 2 years ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆116Jul 17, 2024Updated last year
- GitHub Actions Pipeline Enumeration and Attack Tool☆730Sep 17, 2025Updated 5 months ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.☆142Jun 7, 2025Updated 8 months ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Sep 11, 2024Updated last year
- Provides an overview of the inner file structure of a PDF☆24Sep 26, 2022Updated 3 years ago
- ☆18Mar 26, 2024Updated last year
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers☆22Jun 19, 2024Updated last year
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆721Feb 3, 2026Updated 3 weeks ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆753Dec 19, 2023Updated 2 years ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆315Jan 25, 2026Updated last month
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts