SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
☆113Apr 26, 2026Updated 3 weeks ago
Alternatives and similar repositories for scan4secrets
Users that are interested in scan4secrets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Active Directory share enumeration tool☆12Apr 28, 2025Updated last year
- Shellcode Tester Pro is a graphical interface tool for analysis, simulated execution, and reverse engineering of malicious shellcodes.☆50Apr 7, 2025Updated last year
- An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️☆45Mar 24, 2025Updated last year
- sl0ppy-PrivescTaskCreator.ps1☆41Oct 8, 2025Updated 7 months ago
- ☆22Apr 11, 2025Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Cloud subdomains identification tool☆62Apr 15, 2025Updated last year
- An Android app to easily manage Frida server on your device or emulator☆120Jan 3, 2026Updated 4 months ago
- ☆102Apr 4, 2025Updated last year
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications☆22May 1, 2024Updated 2 years ago
- BugBoard: A comprehensive open-source cybersecurity tool for vulnerability detection and bug hunting.☆43Jan 26, 2026Updated 3 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆107Mar 10, 2025Updated last year
- LDAP Enumeration Tool for Pentesters☆47Apr 22, 2025Updated last year
- ☆16Aug 25, 2025Updated 8 months ago
- Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It …☆71Jun 5, 2025Updated 11 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, …☆51Mar 19, 2026Updated 2 months ago
- I collected it to help the bug hunter get a reward☆57Sep 7, 2022Updated 3 years ago
- ☆96Apr 3, 2025Updated last year
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆64Apr 13, 2025Updated last year
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja☆24Aug 14, 2025Updated 9 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.☆39May 5, 2025Updated last year
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆353Jun 2, 2025Updated 11 months ago
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆26Jun 11, 2025Updated 11 months ago
- Never forget where you inject.☆301Aug 15, 2025Updated 9 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆265Feb 21, 2025Updated last year
- This is an advanced ASMI bypass that is currently undetected by Windows Defender and all the Antivirus software's on virustotal.☆25Jun 10, 2025Updated 11 months ago
- Generate Frida bypass scripts for Android APK root and SSL checks.☆210Jun 7, 2025Updated 11 months ago
- Filter URLs to save your time.☆60Jul 29, 2022Updated 3 years ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆247Mar 9, 2026Updated 2 months ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆28Updated this week
- This Module Helps to Scan a Commit History of a Repo for Leakage of Secrets☆15Apr 26, 2025Updated last year
- Python tool for exploiting CVE-2021-35616☆11Dec 3, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server☆39Jul 6, 2024Updated last year
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆121Jun 10, 2025Updated 11 months ago
- ☆80Apr 28, 2025Updated last year
- alternative to procdump☆11May 26, 2021Updated 4 years ago
- Template Nuclei SSTI☆34Nov 18, 2025Updated 6 months ago
- Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdoma…☆61Feb 24, 2026Updated 3 months ago
- A PoC for Early Cascade process injection technique.☆216Jan 30, 2025Updated last year