Find credentials and secret with 170+ rules covering across source code, Web URL, and CI/CD, verifies them against vendor APIs, and generates SARIF, JSONL, HTML, PDF, or Excel reports.
β113Jun 23, 2026Updated last week
Alternatives and similar repositories for scan4secrets
Users that are interested in scan4secrets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Active Directory share enumeration toolβ12Apr 28, 2025Updated last year
- An advanced JWT extraction & decoding tool for bug bounty hunters! π΄ββ οΈβ46Mar 24, 2025Updated last year
- sl0ppy-PrivescTaskCreator.ps1β41Oct 8, 2025Updated 8 months ago
- β22Apr 11, 2025Updated last year
- Cloud subdomains identification toolβ63Apr 15, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- An Android app to easily manage Frida server on your device or emulatorβ127Jan 3, 2026Updated 6 months ago
- β102Apr 4, 2025Updated last year
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applicationsβ22May 1, 2024Updated 2 years ago
- Bugboard is a comprehensive open-source cybersecurity tool for vulnerability detection and bug hunting.β45Jun 23, 2026Updated last week
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It prβ¦β107Mar 10, 2025Updated last year
- LDAP Enumeration Tool for Pentestersβ47Apr 22, 2025Updated last year
- β16Aug 25, 2025Updated 10 months ago
- JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, β¦β55Mar 19, 2026Updated 3 months ago
- Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It β¦β72Jun 5, 2025Updated last year
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- I collected it to help the bug hunter get a rewardβ58Sep 7, 2022Updated 3 years ago
- β97Apr 3, 2025Updated last year
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannelβ64Apr 13, 2025Updated last year
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninjaβ24Aug 14, 2025Updated 10 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.β39May 31, 2026Updated last month
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analβ¦β364Jun 2, 2025Updated last year
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, β¦β27Jun 11, 2025Updated last year
- Never forget where you inject.β302Aug 15, 2025Updated 10 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.β265Feb 21, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer β’ AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This is an advanced ASMI bypass that is currently undetected by Windows Defender and all the Antivirus software's on virustotal.β26Jun 10, 2025Updated last year
- Generate Frida bypass scripts for Android APK root and SSL checks.β211Jun 7, 2025Updated last year
- Filter URLs to save your time.β60Jul 29, 2022Updated 3 years ago
- Interactive Shells like PsExec, but in Goβ16Apr 30, 2025Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.β248Mar 9, 2026Updated 3 months ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API β with a clean web interface for easy β¦β28Updated this week
- This Module Helps to Scan a Commit History of a Repo for Leakage of Secretsβ15Apr 26, 2025Updated last year
- Python tool for exploiting CVE-2021-35616β11Dec 3, 2021Updated 4 years ago
- A tool to remotely detect unusual sessions opened on windows machines using RPCβ122Jun 10, 2025Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer β’ AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Serverβ39Jul 6, 2024Updated last year
- β81Apr 28, 2025Updated last year
- alternative to procdumpβ11May 26, 2021Updated 5 years ago
- Template Nuclei SSTIβ34Nov 18, 2025Updated 7 months ago
- Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdomaβ¦β63May 28, 2026Updated last month
- A PoC for Early Cascade process injection technique.β218Jan 30, 2025Updated last year
- Automate Recon XSS Bug Bountyβ187Mar 9, 2026Updated 3 months ago