trufflesecurity / trufflehog
Find, verify, and analyze leaked credentials
β18,386Updated this week
Alternatives and similar repositories for trufflehog:
Users that are interested in trufflehog are comparing it to the libraries listed below
- Find secrets with Gitleaks πβ19,133Updated this week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enablβ¦β22,464Updated this week
- Reconnaissance tool for GitHub organizationsβ6,007Updated 2 years ago
- In-depth attack surface mapping and asset discoveryβ12,591Updated this week
- Fast passive subdomain enumeration tool.β11,306Updated this week
- a drop-in replacement for Nmap powered by shodan.ioβ2,974Updated 2 weeks ago
- An HTTP toolkit for security research.β6,230Updated last month
- Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web applicationβ4,622Updated 2 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ5,652Updated 7 months ago
- Open Source Vulnerability Management Platformβ5,242Updated last month
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and moreβ24,964Updated this week
- Fast web fuzzer written in Goβ13,551Updated 8 months ago
- The recursive internet scanner for hackers. π§‘β8,134Updated this week
- Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sockβ6,825Updated last year
- π gowitness - a golang, web screenshot utility using Chrome Headlessβ3,590Updated 2 weeks ago
- An OOB interaction gathering server and client libraryβ3,636Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.β11,300Updated this week
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.β8,202Updated this week
- HTTP parameter discovery suite.β5,496Updated 3 weeks ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of β¦β12,590Updated last month
- A pretty sweet vulnerability scannerβ4,113Updated 5 months ago
- Community curated list of templates for the nuclei engine to find security vulnerabilities.β9,782Updated this week
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β5,203Updated 4 months ago
- Nikto web server scannerβ9,010Updated 2 weeks ago
- Most advanced XSS scanner.β13,664Updated 2 weeks ago
- Adversary Emulation Frameworkβ9,018Updated 2 weeks ago
- A fast, simple, recursive content discovery tool written in Rust.β6,300Updated this week
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.β3,868Updated last week
- Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonationβ5,054Updated last month
- Directory/File, DNS and VHost busting tool written in Goβ11,084Updated this week