m14r41 / scan4secrets
SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
☆57Updated this week
Alternatives and similar repositories for scan4secrets:
Users that are interested in scan4secrets are comparing it to the libraries listed below
- CVE-2024-24919 [Check Point Security Gateway Information Disclosure]☆31Updated 10 months ago
- Advanced Tool To Scan And Exploit Local File Inclusion (LFI) Vulnerabilities☆31Updated last year
- Grep subdomains from web pages.☆42Updated 2 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆72Updated 3 weeks ago
- reverse engineered and improved BSQLi script from Coffinxp☆12Updated 7 months ago
- ☆28Updated this week
- A simple bug bounty utility tool to remove uninteresting entries from a list of URLs.☆14Updated 9 months ago
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.☆40Updated last year
- ☆50Updated 2 months ago
- Web Crawler for Identifying Entry Points☆11Updated last year
- Tools for bug bounty☆27Updated last year
- Passive Web Vulnerability Detection Tool☆31Updated 3 months ago
- ☆46Updated last month
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆35Updated last month
- CrlfiX☆19Updated 2 months ago
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆34Updated 5 months ago
- A collaborative hub for Nuclei templates. Contribute, share, and explore powerful vulnerability detection tools!☆25Updated 2 months ago
- Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters☆31Updated last year
- Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulner…☆54Updated 2 months ago
- ☆18Updated 2 years ago
- A standalone collection of widely used technologies with default credentials enabled, which can be utilized for establishing an initial f…☆18Updated 10 months ago
- POC for CVE-2024-40348. Will attempt to read /etc/passwd from target☆30Updated 9 months ago
- CVE-2024-28955 Exploitation PoC☆34Updated 9 months ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆53Updated 5 months ago
- Bypass Reset Password Code Lead to Account Takeover☆25Updated 7 months ago
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆44Updated last year
- A passive way to find backups/ sensitive information.☆77Updated 2 weeks ago
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP ranges☆39Updated 5 months ago
- Python/Bash automation customization script designed to automate the reconnaissance process☆21Updated last year