duo-labs / secret-bridgeView external linksLinks
Monitors Github for leaked secrets
☆205Oct 25, 2024Updated last year
Alternatives and similar repositories for secret-bridge
Users that are interested in secret-bridge are comparing it to the libraries listed below
Sorting:
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆76Jul 15, 2021Updated 4 years ago
- notorious BIG IP☆15Aug 8, 2019Updated 6 years ago
- ☆157Jul 8, 2023Updated 2 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆11Oct 29, 2018Updated 7 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Mar 4, 2022Updated 3 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆118Dec 23, 2025Updated last month
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- Pastebin-scraper tool leverages the API of https://psbdmp.ws/ to find emails/domains dumped in pastebin.☆133Apr 3, 2024Updated last year
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆534Mar 7, 2022Updated 3 years ago
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆924Jul 25, 2019Updated 6 years ago
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,546Mar 7, 2024Updated last year
- ☆16May 3, 2021Updated 4 years ago
- A golang utility to spider through a website searching for additional links.☆343Nov 7, 2020Updated 5 years ago
- Parallelized enumeration tool for red team engagements and bug bounty programs.☆16Mar 31, 2021Updated 4 years ago
- Enumerate the permissions associated with AWS credential set☆1,217Feb 5, 2024Updated 2 years ago
- DNS Rebinding Exploitation Framework☆495Apr 27, 2021Updated 4 years ago
- ☆83Dec 5, 2019Updated 6 years ago
- A set of tools that allow researchers to experiment with certificate chain validation issues☆13Dec 4, 2019Updated 6 years ago
- Command line tool for testing CRLF injection on a list of domains.☆166Apr 14, 2024Updated last year
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.☆907Dec 17, 2021Updated 4 years ago
- A tool to find sensitive keys and passwords in Travis logs☆140Jun 27, 2021Updated 4 years ago
- Scan your code for security misconfiguration, search for passwords and secrets.☆653Jun 23, 2023Updated 2 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆31Mar 11, 2021Updated 4 years ago
- Finds Directory Listings or open S3 buckets from a list of URLs☆52Dec 1, 2021Updated 4 years ago
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,944Feb 28, 2025Updated 11 months ago
- Dashboard to collect, analyze, and respond to reported phishing emails.☆293Aug 1, 2023Updated 2 years ago
- CVE-2023-6875 PoC☆25Jan 15, 2024Updated 2 years ago
- DOM XSS scanner for Single Page Applications☆417Nov 15, 2025Updated 3 months ago
- rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments☆249Oct 15, 2019Updated 6 years ago
- ☆12May 12, 2022Updated 3 years ago
- InfiniteWP Client < 1.9.4.5 - Authentication Bypass☆21Jul 28, 2021Updated 4 years ago
- This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.☆12Dec 29, 2020Updated 5 years ago
- WebLogic Insecure Deserialization - CVE-2019-2725 payload builder & exploit☆51Sep 26, 2019Updated 6 years ago
- Clientside vulnerability / reflected xss fuzzer☆149Jul 29, 2023Updated 2 years ago
- AWS IAM linting library☆1,109Jan 7, 2026Updated last month
- Burp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common m…☆75Mar 22, 2024Updated last year
- Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates being issued☆68Oct 11, 2022Updated 3 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Apr 17, 2020Updated 5 years ago
- Suite of programs meant to aid in bug hunting and security assessments☆79Dec 29, 2019Updated 6 years ago