SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
☆113Apr 26, 2026Updated last week
Alternatives and similar repositories for scan4secrets
Users that are interested in scan4secrets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Active Directory share enumeration tool☆12Apr 28, 2025Updated last year
- Shellcode Tester Pro is a graphical interface tool for analysis, simulated execution, and reverse engineering of malicious shellcodes.☆49Apr 7, 2025Updated last year
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆45Mar 24, 2025Updated last year
- sl0ppy-PrivescTaskCreator.ps1☆41Oct 8, 2025Updated 6 months ago
- ☆22Apr 11, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Cloud subdomains identification tool☆62Apr 15, 2025Updated last year
- An Android app to easily manage Frida server on your device or emulator☆120Jan 3, 2026Updated 4 months ago
- ☆102Apr 4, 2025Updated last year
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications☆22May 1, 2024Updated 2 years ago
- BugBoard: A comprehensive open-source cybersecurity tool for vulnerability detection and bug hunting.☆40Jan 26, 2026Updated 3 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆108Mar 10, 2025Updated last year
- LDAP Enumeration Tool for Pentesters☆47Apr 22, 2025Updated last year
- ☆16Aug 25, 2025Updated 8 months ago
- Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It …☆70Jun 5, 2025Updated 11 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, …☆47Mar 19, 2026Updated last month
- I collected it to help the bug hunter get a reward☆57Sep 7, 2022Updated 3 years ago
- ☆95Apr 3, 2025Updated last year
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆63Apr 13, 2025Updated last year
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja☆24Aug 14, 2025Updated 8 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.☆39May 5, 2025Updated last year
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆26Jun 11, 2025Updated 10 months ago
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆353Jun 2, 2025Updated 11 months ago
- Never forget where you inject.☆300Aug 15, 2025Updated 8 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆264Feb 21, 2025Updated last year
- This is an advanced ASMI bypass that is currently undetected by Windows Defender and all the Antivirus software's on virustotal.☆25Jun 10, 2025Updated 10 months ago
- Generate Frida bypass scripts for Android APK root and SSL checks.☆210Jun 7, 2025Updated 10 months ago
- Filter URLs to save your time.☆60Jul 29, 2022Updated 3 years ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆247Mar 9, 2026Updated last month
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆27Updated this week
- This Module Helps to Scan a Commit History of a Repo for Leakage of Secrets☆15Apr 26, 2025Updated last year
- Python tool for exploiting CVE-2021-35616☆11Dec 3, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server☆38Jul 6, 2024Updated last year
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆121Jun 10, 2025Updated 10 months ago
- ☆81Apr 28, 2025Updated last year
- alternative to procdump☆11May 26, 2021Updated 4 years ago
- Template Nuclei SSTI☆34Nov 18, 2025Updated 5 months ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆226Sep 25, 2025Updated 7 months ago
- Automate Recon XSS Bug Bounty☆183Mar 9, 2026Updated last month