Yar is a tool for plunderin' organizations, users and/or repositories.
☆240Jan 3, 2021Updated 5 years ago
Alternatives and similar repositories for yar
Users that are interested in yar are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Search exposed EBS volumes for secrets☆304Apr 24, 2023Updated 3 years ago
- Signatures for wraith used to detect secrets across various sources☆15Jul 8, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Mar 4, 2022Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Library Secruity dependency Checker☆12Sep 13, 2019Updated 6 years ago
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,558Mar 7, 2024Updated 2 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated 3 months ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,961Feb 28, 2025Updated last year
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- generates weak passwords based on current date☆44Jun 27, 2024Updated last year
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆18May 17, 2020Updated 6 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.☆1,420Feb 10, 2026Updated 3 months ago
- Search for secrets inside user data attached to EC2 instances on multiple AWS accounts☆16Jun 19, 2024Updated last year
- A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in…☆548Jun 28, 2025Updated 10 months ago
- Payload designed for targeting Jamf enrolled devices.☆40May 19, 2023Updated 3 years ago
- ☆29Jan 31, 2025Updated last year
- A tool to capture all the git secrets by leveraging multiple open source git searching tools☆1,142Jun 25, 2019Updated 6 years ago
- Unofficial WhatCMS API package��☆40Mar 25, 2021Updated 5 years ago
- A tool to hunt for publicly accessible DigitalOcean Spaces☆158Jan 21, 2020Updated 6 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆397Apr 17, 2020Updated 6 years ago
- Capture all RabbitMQ messages being sent through a broker.☆32Feb 13, 2021Updated 5 years ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆508Sep 23, 2025Updated 7 months ago
- FestIn - Open S3 Bucket Scanner☆230Dec 4, 2020Updated 5 years ago
- A powerful target reconnaissance framework powered by graph theory.☆420Oct 21, 2022Updated 3 years ago
- ☆12Apr 21, 2019Updated 7 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Feb 18, 2021Updated 5 years ago
- Monitor areas on static map services & log new images☆23Aug 22, 2019Updated 6 years ago
- This tool can be used to enumerate the subdomains associated with a company by aggregating the results of multiple OSINT (Open Source Int…☆142Dec 8, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆16May 3, 2021Updated 5 years ago
- Keyhack - Golang API token/webhook validator☆16Mar 20, 2025Updated last year
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Dec 24, 2020Updated 5 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43May 1, 2020Updated 6 years ago
- vulnerable single sign on☆150Aug 1, 2024Updated last year
- Small Python library that makes it easy to exploit race conditions in web apps with Requests.☆162May 22, 2023Updated 2 years ago
- This script helps to identify CVE-2021-26855 ssrf Poc☆22Mar 10, 2021Updated 5 years ago