m14r41 / scan4secretsLinks
SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
☆100Updated 2 months ago
Alternatives and similar repositories for scan4secrets
Users that are interested in scan4secrets are comparing it to the libraries listed below
Sorting:
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆107Updated last month
- Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts☆61Updated last month
- ☆94Updated 3 months ago
- reverse engineered and improved BSQLi script from Coffinxp☆14Updated 10 months ago
- MailSecOps is an email and mail gateway security testing tool. With this script, you can perform mail spoofing, relay tests and security …☆55Updated 7 months ago
- Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!☆150Updated 7 months ago
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆41Updated 3 months ago
- ☆46Updated 4 months ago
- This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's nam…☆98Updated this week
- AI/LLM local model integration for analysis of reconftw results☆65Updated 2 months ago
- Search for all leaked keys/secrets using one regex! bugbounty☆133Updated 3 months ago
- Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-3847…☆98Updated 9 months ago
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆134Updated 7 months ago
- ⚡ XSSuccessor is a powerful, asynchronous Cross-Site Scripting (XSS) detection tool.☆56Updated 6 months ago
- A collection of config files for linux focusing on hackthebox theme☆48Updated 6 months ago
- 🚀 ORedirectMe is a robust and efficient tool designed to detect Open Redirect vulnerabilities in web applications.☆17Updated 6 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆93Updated last week
- GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identif…☆139Updated 3 months ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆157Updated 2 months ago
- ☆66Updated 4 months ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆72Updated 5 months ago
- A fully automated subdomain reconnaissance and sensitive data discovery toolkit.☆42Updated 2 weeks ago
- Mining URLs from Wayback Machine for bug hunting/fuzzing/further probing☆55Updated last year
- A cheatsheet of tools and commands that I use to pentest Active Directory.☆50Updated 3 years ago
- 🪄 XSSDynaGen is a tool designed to analyze URLs with parameters, identify the characters allowed by the server, and generate advanced XS…☆53Updated 6 months ago
- Automated Subdomain Enumeration and Scanning Tool☆114Updated last year
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆36Updated 4 months ago
- ☆118Updated last year
- A New Approach to Directory Bruteforce with WaybackLister v1.0☆189Updated 2 weeks ago
- ThreatTracer - A python Script to identify CVE by name & version and more by @FR13ND0x7F☆134Updated last month