m14r41 / scan4secretsLinks
SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
☆103Updated 2 months ago
Alternatives and similar repositories for scan4secrets
Users that are interested in scan4secrets are comparing it to the libraries listed below
Sorting:
- ☆95Updated 7 months ago
- Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!☆153Updated last month
- Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts☆66Updated 5 months ago
- Search for all leaked keys/secrets using one regex! bugbounty☆142Updated 7 months ago
- ☆47Updated 8 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆299Updated 3 weeks ago
- This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's nam…☆102Updated 4 months ago
- This script automates SQL injection testing using SQLMap with AI-powered decision making.☆25Updated 5 months ago
- Analyze Android native `.so` files☆87Updated 3 months ago
- IDOR Scanner is a Burp Suite extension that automates the detection and enumeration of potentially vulnerable numeric fields to identify …☆40Updated 8 months ago
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆45Updated 7 months ago
- Parse FFUF results in GUI with option to sort based by response code , size , keyword☆99Updated last year
- AI/LLM local model integration for analysis of reconftw results☆84Updated 6 months ago
- I-Espresso is a tool that enables users to generate Portable Executable (PE) files from batch scripts. Leveraging IExpress, it demonstrat…☆85Updated last year
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆138Updated 11 months ago
- ☆190Updated 6 months ago
- Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-3847…☆110Updated last year
- Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc…☆83Updated 8 months ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unw…☆98Updated 4 months ago
- Dnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently brutef…☆123Updated 11 months ago
- ⚡ XSSuccessor is a powerful, asynchronous Cross-Site Scripting (XSS) detection tool.☆57Updated 10 months ago
- GBounty is a multi-step website vulnerability scanner developed in Golang designed to help companies, pentesters, and bug hunters identif…☆150Updated 2 months ago
- SubCerts is a simple tool that uses certificate transparency logs (via crt.sh) to extract subdomains of a given domain.☆74Updated 3 months ago
- SubOwner - A Simple tool check for subdomain takeovers.☆117Updated last year
- Discovering Typo Squatting on your domains!☆78Updated last year
- A cheatsheet of tools and commands that I use to pentest Active Directory.☆52Updated 3 years ago
- MailSecOps is an email and mail gateway security testing tool. With this script, you can perform mail spoofing, relay tests and security …☆56Updated last year
- A New Approach to Directory Bruteforce with WaybackLister v1.0☆211Updated 2 months ago
- A fully automated subdomain reconnaissance and sensitive data discovery toolkit.☆45Updated 4 months ago
- 📲 Python project developed to help on the process of searching for vulnerabilities in Android mobile applications. It takes the APK file…☆134Updated last month