mazen160 / secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
☆1,119Updated last year
Alternatives and similar repositories for secrets-patterns-db:
Users that are interested in secrets-patterns-db are comparing it to the libraries listed below
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆917Updated last week
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,513Updated 10 months ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆599Updated 3 weeks ago
- A list of open source web security scanners☆1,034Updated 2 weeks ago
- Attack surface detector that identifies endpoints by static analysis☆677Updated this week
- A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…☆848Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!☆861Updated last year
- Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.☆1,527Updated last year
- Go CLI and Library for quickly mapping organization network ranges using ASN information.☆837Updated this week
- A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target☆1,293Updated last week
- Tool to bypass 403/40X response codes.☆1,219Updated 2 months ago
- bypass-url-parser☆1,060Updated last week
- Utility program to perform multiple operations for a given subnet/CIDR ranges.☆1,040Updated this week
- Awesome cloud enumerator☆991Updated 2 weeks ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆983Updated last year
- Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.☆673Updated 5 months ago
- Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned ent…☆1,839Updated 4 months ago
- Fast and customizable subdomain wordlist generator using DSL☆782Updated 2 weeks ago
- ☆638Updated last week
- Asset inventory of over 800 public bug bounty programs.☆1,341Updated last month
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)☆1,455Updated last year
- A utility to detect various technology for a given IP address.☆814Updated this week
- Check your WAF before an attacker does☆1,348Updated 2 months ago
- Identify privilege escalation paths within and across different clouds☆684Updated 4 months ago
- Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a …☆1,405Updated this week
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.☆1,771Updated 5 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆405Updated 2 months ago
- The most exhaustive list of reliable DNS resolvers.☆748Updated this week
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆629Updated last year
- Community curated list of nuclei templates for finding "unknown" security vulnerabilities.☆63Updated 10 months ago