feeltheajf / trufflehog3

Related projects ⓘ

Alternatives and complementary repositories for trufflehog3

• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆110Updated last year
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆121Updated last year
• assetnote / ghostbuster
  Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
  ☆265Updated 2 months ago
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆229Updated 2 weeks ago
• Santandersecurityresearch / DrHeader
  drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
  ☆105Updated last month
• nccgroup / ccs
  ☆110Updated last year
• avito-tech / deepsecrets
  Secrets scanner that understands code
  ☆187Updated last year
• cr0hn / festin
  FestIn - Open S3 Bucket Scanner
  ☆230Updated 3 years ago
• righteousgambit / quiet-riot
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆203Updated last week
• pseudo-security / slacksecrets
  Scans Slack for API tokens, credentials, passwords, and more using YARA rules
  ☆38Updated 3 years ago
• WeAreCloudar / s3-account-search
  S3 Account Search
  ☆246Updated last month
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆92Updated 5 months ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆133Updated 4 years ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆98Updated 9 months ago
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆96Updated 11 months ago
• DefectDojo / defectdojo_api
  Python API library for DefectDojo
  ☆40Updated last year
• pownjs / git
  Assorted tools for security-related task for git repositories
  ☆59Updated 2 years ago
• GitLab-Red-Team / gitrob
  Reconnaissance tool for GitLab and GitHub organizations
  ☆49Updated last year
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆332Updated 4 years ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆112Updated last year
• szski / shapeshifter
  GraphQL security testing tool
  ☆118Updated 2 years ago
• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated 2 years ago
• NotSoSecure / cloud-service-enum
  ☆233Updated 4 months ago
• nccgroup / ConMachi
  Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container
  ☆103Updated 5 years ago
• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆45Updated 2 years ago
• amalmurali47 / onaws
  Fetch the details of assets hosted on AWS.
  ☆86Updated 11 months ago
• domain-protect / domain-protect
  OWASP Domain Protect - prevent subdomain takeover
  ☆398Updated last month
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆181Updated 2 years ago
• mxm0z / awesome-sec-s3
  A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets
  ☆307Updated 5 months ago