daffainfo / Git-Secret
Go scripts for finding sensitive data like API key / some keywords in the github repository
☆158Updated 2 years ago
Related projects: ⓘ
- A fast tool to fetch URLs from HTML attributes by crawl-in.☆209Updated last week
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)☆258Updated 11 months ago
- A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration☆76Updated 4 years ago
- ☆153Updated 2 years ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆115Updated 2 years ago
- Go scripts for checking API key / access token validity☆210Updated 3 years ago
- Tool to find the real IP behind CDNs/WAFs like cloudflare using passive recon by retrieving the favicon hash. For the same hash value, al…☆176Updated 3 years ago
- Enumerate Subdomains Through Google Dorks☆118Updated 3 years ago
- Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…☆186Updated 5 months ago
- Turns any junk text into a usable wordlist for brute-forcing.☆214Updated 6 months ago
- a Go code to detect leaks in JS files via regex patterns☆138Updated 2 years ago
- Small tool to automate SSRF wordpress and XMLRPC finder☆78Updated last year
- Complex payload encoder☆207Updated 8 months ago
- Prototype pollution scanner using headless chrome☆196Updated 2 years ago
- R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.☆147Updated 3 years ago
- Find endpoints on GitHub.☆183Updated last year
- 🔭 Collection of regexp pattern for security passive scanning☆110Updated last year
- A reverse whois tool based on Whoxy API.☆156Updated 5 months ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆100Updated 2 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 3 years ago
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆175Updated 2 years ago
- Random Tools for Bug Bounty☆137Updated last year
- part of my wordlist to bruteforce DNS to find subdoamains.☆62Updated 3 years ago
- A collection oneliner scripts for bug bounty☆167Updated 5 months ago
- A Fast Broken Link Hijacker Tool written in Python☆94Updated 5 months ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆287Updated last year
- Secret and/or credential patterns used for gf.☆229Updated last year
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆162Updated 3 years ago
- ☆192Updated this week