h33tlit / secret-regex-list
List of regex for scraping secret API keys and juicy information.
β701Updated 2 years ago
Alternatives and similar repositories for secret-regex-list:
Users that are interested in secret-regex-list are comparing it to the libraries listed below
- BUG BOUNTY WRITEUPS - OWASP TOP 10 π΄π΄π΄π΄ββ836Updated 2 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β863Updated last year
- Real-world infosec wordlists, updated regularlyβ1,471Updated this week
- β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)β847Updated 9 months ago
- The most powerful CRLF injection (HTTP Response Splitting) scanner.β575Updated last year
- My cheatsheet notes to pentest AWS infrastructureβ672Updated 2 years ago
- A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a β¦β594Updated this week
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β946Updated 3 months ago
- β749Updated 9 months ago
- AllForOne allows bug bounty hunters and security researchers to collect all Nuclei YAML templates from various public repositories,β631Updated last year
- Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search β¦β528Updated last year
- mx-takeover focuses DNS MX records and detects misconfigured MX records.β346Updated last year
- hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.β440Updated 2 years ago
- Fast and customizable subdomain wordlist generator using DSLβ782Updated 2 weeks ago
- bypass-url-parserβ1,063Updated this week
- jsleak is a tool to find secret , paths or links in the source code during the recon.β520Updated 2 months ago
- β518Updated last year
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β415Updated 5 months ago
- Bugbounty Resourcesβ536Updated last year
- Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and moreβ1,636Updated 2 weeks ago
- Tool to bypass 403/40X response codes.β1,222Updated 3 months ago
- β1,120Updated last year
- Try to find the origin IP of a webapp protected by Cloudflare.β341Updated 7 months ago
- An XSS exploitation command-line interface and payload generator.β1,352Updated 2 months ago
- Find subdomains with GPT, for freeβ337Updated 11 months ago
- π¦π Awesome list of secrets in environment variables π₯οΈβ880Updated 2 years ago
- A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.β399Updated 3 months ago
- Here I gather all the resources about hacking that I find interestingβ268Updated this week
- Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests wβ¦β608Updated last week
- Golang client for querying SecurityTrails API dataβ546Updated last year