mazen160 / secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
☆1,046Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for secrets-patterns-db
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,421Updated 5 months ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆570Updated 3 months ago
- bypass-url-parser☆1,021Updated this week
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆448Updated 7 months ago
- Awesome cloud enumerator☆894Updated 3 months ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆845Updated 10 months ago
- Attack surface detector that identifies endpoints by static analysis☆607Updated this week
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆861Updated this week
- Automating situational awareness for cloud penetration tests.☆1,955Updated last month
- Unleash the power of cloud☆734Updated 5 months ago
- Fast and configurable TLS grabber focused on TLS based data collection.☆863Updated this week
- Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.☆633Updated last month
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆533Updated 11 months ago
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆354Updated last month
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆941Updated 10 months ago
- OXO is a security scanning orchestrator for the modern age.☆528Updated last week
- Tool to bypass 403/40X response codes.☆1,112Updated 3 months ago
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆1,720Updated this week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆381Updated 3 months ago
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,686Updated last month
- Navigate the CVE jungle with ease.☆1,770Updated this week
- 🍪 CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.☆833Updated last month
- A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target☆1,204Updated 4 months ago
- Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a …☆1,317Updated this week
- Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.☆1,476Updated 8 months ago
- ☆447Updated 6 months ago
- A library for detecting known secrets across many web frameworks☆520Updated this week
- The most exhaustive list of reliable DNS resolvers.☆690Updated last week
- Fast and customizable subdomain wordlist generator using DSL☆728Updated this week
- Go client to communicate with Chaos DB API.☆641Updated this week