avito-tech / deepsecrets
Secrets scanner that understands code
☆188Updated last year
Alternatives and similar repositories for deepsecrets:
Users that are interested in deepsecrets are comparing it to the libraries listed below
- Secrets scanner that understands code☆131Updated last week
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆113Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆101Updated 2 weeks ago
- boostsecurityio/lotp☆112Updated this week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆216Updated last month
- A research project to add some brrrrrr to Burp☆127Updated this week
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆211Updated last week
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated last week
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆196Updated 2 months ago
- ☆109Updated last year
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated last year
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆45Updated 6 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆256Updated 7 months ago
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆268Updated last week
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 3 months ago
- Damn Vulnerable Kubernetes App (DVKA) is a series of apps deployed on Kubernetes that are damn vulnerable.☆104Updated 6 months ago
- Manager of third-party sources of Semgrep rules 🗂☆78Updated 6 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆224Updated 5 months ago
- ☆179Updated 3 months ago
- 🧰 Multi Tool Kubernetes Pentest Image☆221Updated 5 months ago
- ☆93Updated 2 years ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆38Updated 2 months ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆118Updated 2 years ago
- Tools to assess DNS security.☆151Updated 11 months ago
- Public OCI-Image (docker image) Security Checker☆14Updated this week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆130Updated last year
- ☆115Updated last year
- ☆55Updated last month
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆173Updated last year