Yar is a tool for plunderin' organizations, users and/or repositories.
☆241Jan 3, 2021Updated 5 years ago
Alternatives and similar repositories for yar
Users that are interested in yar are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Search exposed EBS volumes for secrets☆306Apr 24, 2023Updated 3 years ago
- Signatures for wraith used to detect secrets across various sources☆15Jul 8, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆77Mar 4, 2022Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Library Secruity dependency Checker☆12Sep 13, 2019Updated 6 years ago
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,561Mar 7, 2024Updated 2 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated 4 months ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,966Feb 28, 2025Updated last year
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- generates weak passwords based on current date☆44Jun 27, 2024Updated last year
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆19May 17, 2020Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.☆1,428Feb 10, 2026Updated 4 months ago
- Search for secrets inside user data attached to EC2 instances on multiple AWS accounts☆16Jun 19, 2024Updated last year
- A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in…☆549Jun 28, 2025Updated 11 months ago
- Payload designed for targeting Jamf enrolled devices.☆40May 19, 2023Updated 3 years ago
- ☆28Jan 31, 2025Updated last year
- A tool to capture all the git secrets by leveraging multiple open source git searching tools☆1,143Jun 25, 2019Updated 6 years ago
- Unofficial WhatCMS API package☆40Mar 25, 2021Updated 5 years ago
- A tool to hunt for publicly accessible DigitalOcean Spaces☆157Jan 21, 2020Updated 6 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆397Apr 17, 2020Updated 6 years ago
- Capture all RabbitMQ messages being sent through a broker.☆32Feb 13, 2021Updated 5 years ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆507Sep 23, 2025Updated 8 months ago
- FestIn - Open S3 Bucket Scanner☆230Dec 4, 2020Updated 5 years ago
- A powerful target reconnaissance framework powered by graph theory.☆420Oct 21, 2022Updated 3 years ago
- ☆12Apr 21, 2019Updated 7 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Feb 18, 2021Updated 5 years ago
- Monitor areas on static map services & log new images☆23Aug 22, 2019Updated 6 years ago
- This tool can be used to enumerate the subdomains associated with a company by aggregating the results of multiple OSINT (Open Source Int…☆142Dec 8, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆16May 3, 2021Updated 5 years ago
- Keyhack - Golang API token/webhook validator☆16Mar 20, 2025Updated last year
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆48Dec 24, 2020Updated 5 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43May 1, 2020Updated 6 years ago
- vulnerable single sign on☆151Aug 1, 2024Updated last year
- Small Python library that makes it easy to exploit race conditions in web apps with Requests.☆162May 22, 2023Updated 3 years ago
- This script helps to identify CVE-2021-26855 ssrf Poc☆22Mar 10, 2021Updated 5 years ago