Find, verify, and analyze leaked credentials
β25,667Apr 9, 2026Updated this week
Alternatives and similar repositories for trufflehog
Users that are interested in trufflehog are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Find secrets with Gitleaks πβ25,816Mar 25, 2026Updated 2 weeks ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enablβ¦β27,799Apr 6, 2026Updated last week
- Reconnaissance tool for GitHub organizationsβ6,156Sep 20, 2022Updated 3 years ago
- In-depth attack surface mapping and asset discoveryβ14,398Updated this week
- Fast web fuzzer written in Goβ15,866Apr 24, 2025Updated 11 months ago
- Open source password manager - Proton Pass β’ AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Fast passive subdomain enumeration tool.β13,404Updated this week
- A list of useful payloads and bypass for Web Application Security and Pentest/CTFβ76,678Mar 16, 2026Updated 3 weeks ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,153Aug 14, 2024Updated last year
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in β¦β70,044Updated this week
- A Tool for Domain Flyoversβ5,921May 22, 2022Updated 3 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,879Mar 20, 2026Updated 3 weeks ago
- HTTP parameter discovery suite.β6,184Feb 20, 2025Updated last year
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.β9,784Updated this week
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,618Feb 8, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β5,679Jan 5, 2026Updated 3 months ago
- The recursive internet scanner for hackers. π§‘β9,583Updated this week
- A next-generation crawling and spidering framework.β16,496Updated this week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.β12,136Updated this week
- A python script that finds endpoints in JavaScript filesβ4,322Apr 13, 2024Updated last year
- Prowler is the worldβs most widely used open-source cloud security platform that automates security and compliance across any cloud envirβ¦β13,523Updated this week
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,416Mar 25, 2026Updated 2 weeks ago
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Eβ¦β8,539Mar 21, 2026Updated 3 weeks ago
- Multi-Cloud Security Auditing Toolβ7,609Sep 23, 2025Updated 6 months ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Adversary Emulation Frameworkβ10,986Updated this week
- A vulnerability scanner for container images and filesystemsβ12,005Updated this week
- A fast, simple, recursive content discovery tool written in Rust.β7,651Feb 8, 2026Updated 2 months ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β5,869Updated this week
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,476May 1, 2025Updated 11 months ago
- π€ The Modern Port Scanner π€β19,569Apr 2, 2026Updated last week
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,918Apr 5, 2026Updated last week
- A swiss army knife for pentesting networksβ9,117Dec 6, 2023Updated 2 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.β14,747Updated this week
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Directory/File, DNS and VHost busting tool written in Goβ13,585Updated this week
- Most advanced XSS scanner.β14,872Apr 26, 2025Updated 11 months ago
- Six Degrees of Domain Adminβ10,534Mar 2, 2026Updated last month
- Impacket is a collection of Python classes for working with network protocols.β15,608Updated this week
- Scan for misconfigured S3 buckets across S3-compatible APIs!β3,043Dec 11, 2025Updated 4 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.β5,128Mar 30, 2026Updated last week
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of β¦β14,816Oct 6, 2025Updated 6 months ago