m14r41 / scan4secretsLinks
SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
☆101Updated 3 weeks ago
Alternatives and similar repositories for scan4secrets
Users that are interested in scan4secrets are comparing it to the libraries listed below
Sorting:
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆128Updated last month
- ☆94Updated 5 months ago
- Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts☆63Updated 3 months ago
- ☆46Updated 6 months ago
- Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!☆151Updated last month
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆42Updated 5 months ago
- Search for all leaked keys/secrets using one regex! bugbounty☆137Updated 5 months ago
- 🚀 ORedirectMe is a robust and efficient tool designed to detect Open Redirect vulnerabilities in web applications.☆17Updated 8 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆98Updated 2 months ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆74Updated last month
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆138Updated 9 months ago
- This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's nam…☆99Updated 2 months ago
- SubOwner - A Simple tool check for subdomain takeovers.☆114Updated 11 months ago
- ☆76Updated 7 months ago
- A New Approach to Directory Bruteforce with WaybackLister v1.0☆204Updated 3 weeks ago
- AI/LLM local model integration for analysis of reconftw results☆80Updated 4 months ago
- This script automates SQL injection testing using SQLMap with AI-powered decision making.☆24Updated 3 months ago
- Mining URLs from Wayback Machine for bug hunting/fuzzing/further probing☆55Updated last year
- A command-line utility for performing reverse DNS lookups☆73Updated 2 years ago
- Parse FFUF results in GUI with option to sort based by response code , size , keyword☆98Updated last year
- Analyze Android native `.so` files☆80Updated last month
- ⚡ XSSuccessor is a powerful, asynchronous Cross-Site Scripting (XSS) detection tool.☆57Updated 8 months ago
- Automated Subdomain Enumeration and Scanning Tool☆116Updated last year
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆173Updated 3 weeks ago
- ☆124Updated 3 weeks ago
- A passive way to find backups/ sensitive information.☆87Updated 2 months ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆38Updated 6 months ago
- Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc…☆77Updated 6 months ago
- This is an AD pentest tools collection☆58Updated last year
- reverse engineered and improved BSQLi script from Coffinxp☆15Updated last year