This tool analyzes a given Github repository and searches for dangling or force-pushed commits containing potential secret or interesting information.
☆178Feb 28, 2025Updated last year
Alternatives and similar repositories for github-secrets
Users that are interested in github-secrets are comparing it to the libraries listed below
Sorting:
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Aug 16, 2024Updated last year
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- Webshell agent in aspx and php☆28Dec 11, 2025Updated 2 months ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- ☆31Jul 26, 2024Updated last year
- ☆40Aug 2, 2024Updated last year
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆228Feb 25, 2026Updated last week
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆31Mar 2, 2022Updated 4 years ago
- ☆59Oct 24, 2024Updated last year
- A library to make HTTP requests with the Windows winhttp API☆25Feb 8, 2024Updated 2 years ago
- KERnano: The No-install Python Pen Testing kit. (Windows & Linux)☆13Sep 2, 2022Updated 3 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆24Feb 1, 2025Updated last year
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- A simple mitmproxy blueprint to intercept HTTPS traffic from app running on Kubernetes☆75Apr 14, 2025Updated 10 months ago
- Linux CS bypass technique☆32Feb 4, 2025Updated last year
- Proof-of-concept modular implant platform leveraging v8☆54Mar 4, 2025Updated last year
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆28Oct 13, 2024Updated last year
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- ☆84May 19, 2024Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆138Jul 23, 2024Updated last year
- JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…☆419Jan 31, 2026Updated last month
- Bounces when a fish bites - Evilginx database monitoring with exfiltration automation☆182Jun 9, 2024Updated last year
- Golang search engine scraper intended for identification of published ClickOnce deployments☆91Nov 19, 2024Updated last year
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Establishes mutually trusted TLS connections based on a pre-shared connection key.☆51Mar 21, 2024Updated last year
- TruffleHog Explorer, a user-friendly web-based tool to visualize and analyze data extracted using TruffleHog.☆53Dec 12, 2025Updated 2 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆160Jul 2, 2024Updated last year
- A tool to audit Erlang & Elixir dependencies, to make sure your ✨ gleam projects really sparkle!☆23Jan 5, 2026Updated 2 months ago
- Python script to leverage MSFT_MTProcess WMI class☆39Sep 17, 2025Updated 5 months ago
- Demo of various ways to exploit post based reflected XSS☆18Jul 6, 2023Updated 2 years ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆96Oct 7, 2024Updated last year
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Apr 1, 2023Updated 2 years ago
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago