Yar is a tool for plunderin' organizations, users and/or repositories.
☆240Jan 3, 2021Updated 5 years ago
Alternatives and similar repositories for yar
Users that are interested in yar are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Search exposed EBS volumes for secrets☆301Apr 24, 2023Updated 2 years ago
- Signatures for wraith used to detect secrets across various sources☆15Jul 8, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Mar 4, 2022Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Library Secruity dependency Checker☆12Sep 13, 2019Updated 6 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆472Nov 14, 2019Updated 6 years ago
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,555Mar 7, 2024Updated 2 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated 2 months ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,955Feb 28, 2025Updated last year
- generates weak passwords based on current date☆44Jun 27, 2024Updated last year
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 5 years ago
- Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.☆1,408Feb 10, 2026Updated 2 months ago
- Search for secrets inside user data attached to EC2 instances on multiple AWS accounts☆16Jun 19, 2024Updated last year
- A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in…☆545Jun 28, 2025Updated 9 months ago
- Payload designed for targeting Jamf enrolled devices.☆40May 19, 2023Updated 2 years ago
- ☆29Jan 31, 2025Updated last year
- A tool to capture all the git secrets by leveraging multiple open source git searching tools☆1,141Jun 25, 2019Updated 6 years ago
- Unofficial WhatCMS API package☆40Mar 25, 2021Updated 5 years ago
- A tool to hunt for publicly accessible DigitalOcean Spaces☆156Jan 21, 2020Updated 6 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆397Apr 17, 2020Updated 5 years ago
- Capture all RabbitMQ messages being sent through a broker.☆32Feb 13, 2021Updated 5 years ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆507Sep 23, 2025Updated 6 months ago
- A powerful target reconnaissance framework powered by graph theory.☆420Oct 21, 2022Updated 3 years ago
- FestIn - Open S3 Bucket Scanner☆230Dec 4, 2020Updated 5 years ago
- ☆12Apr 21, 2019Updated 6 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Feb 18, 2021Updated 5 years ago
- Monitor areas on static map services & log new images☆23Aug 22, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- This tool can be used to enumerate the subdomains associated with a company by aggregating the results of multiple OSINT (Open Source Int…☆142Dec 8, 2022Updated 3 years ago
- ☆16May 3, 2021Updated 4 years ago
- Keyhack - Golang API token/webhook validator☆16Mar 20, 2025Updated last year
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Dec 24, 2020Updated 5 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43May 1, 2020Updated 5 years ago
- vulnerable single sign on☆150Aug 1, 2024Updated last year
- Small Python library that makes it easy to exploit race conditions in web apps with Requests.☆162May 22, 2023Updated 2 years ago