SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
β110Aug 21, 2025Updated 6 months ago
Alternatives and similar repositories for scan4secrets
Users that are interested in scan4secrets are comparing it to the libraries listed below
Sorting:
- An advanced JWT extraction & decoding tool for bug bounty hunters! π΄ββ οΈβ45Mar 24, 2025Updated 11 months ago
- Shellcode Tester Pro is a graphical interface tool for analysis, simulated execution, and reverse engineering of malicious shellcodes.β42Apr 7, 2025Updated 10 months ago
- Active Directory share enumeration toolβ12Apr 28, 2025Updated 10 months ago
- sl0ppy-PrivescTaskCreator.ps1β40Oct 8, 2025Updated 4 months ago
- Cloud subdomains identification toolβ62Apr 15, 2025Updated 10 months ago
- BugBoard: A comprehensive open-source cybersecurity tool for vulnerability detection and bug hunting.β34Jan 26, 2026Updated last month
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API β with a clean web interface for easy β¦β24Feb 24, 2026Updated last week
- β102Apr 4, 2025Updated 11 months ago
- Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdomaβ¦β58Feb 24, 2026Updated last week
- An Android app to easily manage Frida server on your device or emulatorβ113Jan 3, 2026Updated 2 months ago
- tomcat CVE-2024-50379/CVE-2024-56337 ζ‘δ»Άη«δΊζδ»ΆδΈδΌ expβ85Dec 23, 2024Updated last year
- LDAP Enumeration Tool for Pentestersβ48Apr 22, 2025Updated 10 months ago
- Automate Recon XSS Bug Bountyβ178Updated this week
- A PoC for Early Cascade process injection technique.β211Jan 30, 2025Updated last year
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannelβ59Apr 13, 2025Updated 10 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It prβ¦β107Mar 10, 2025Updated 11 months ago
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applicationsβ22May 1, 2024Updated last year
- β22Apr 11, 2025Updated 10 months ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts β six enumeration methods rated by noise level, from siβ¦β37Feb 6, 2026Updated 3 weeks ago
- Helios: Automated XSS Testingβ158Aug 3, 2024Updated last year
- Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSRβ¦β132Sep 6, 2024Updated last year
- My small collection of reports templates (This is a fork of orignal repo from https://github.com/gwen001/BB-datas)β127Nov 8, 2023Updated 2 years ago
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Powerβ¦β813Mar 28, 2025Updated 11 months ago
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data β¦β154Dec 26, 2025Updated 2 months ago
- Template Nuclei SSTIβ34Nov 18, 2025Updated 3 months ago
- γβοΈγRing 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.xβ27Apr 10, 2025Updated 10 months ago
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninjaβ24Aug 14, 2025Updated 6 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.β39May 5, 2025Updated 10 months ago
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.β246Nov 2, 2025Updated 4 months ago
- Complete Solution for VAPT/AppSec and Pentesting Guide: Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | β¦β1,469Updated this week
- β108Feb 20, 2025Updated last year
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.β262Feb 21, 2025Updated last year
- β120Mar 28, 2025Updated 11 months ago
- Never forget where you inject.β298Aug 15, 2025Updated 6 months ago
- I collected it to help the bug hunter get a rewardβ57Sep 7, 2022Updated 3 years ago
- CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Serverβ38Jul 6, 2024Updated last year
- β21Aug 3, 2022Updated 3 years ago
- Automatically deploy Nemesisβ21Jun 14, 2024Updated last year
- Universal exploitation tool for CVE-2025-33073 targeting Windows Domain Controllers with DNSAdmins privileges and WinRM enabled.β65Nov 14, 2025Updated 3 months ago