Find, verify, and analyze leaked credentials
β24,779Feb 28, 2026Updated this week
Alternatives and similar repositories for trufflehog
Users that are interested in trufflehog are comparing it to the libraries listed below
Sorting:
- Find secrets with Gitleaks πβ25,103Feb 21, 2026Updated last week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enablβ¦β27,194Feb 24, 2026Updated last week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and moreβ32,280Updated this week
- In-depth attack surface mapping and asset discoveryβ14,193Updated this week
- Reconnaissance tool for GitHub organizationsβ6,139Sep 20, 2022Updated 3 years ago
- Fast passive subdomain enumeration tool.β13,159Feb 25, 2026Updated last week
- Fast web fuzzer written in Goβ15,637Apr 24, 2025Updated 10 months ago
- A list of useful payloads and bypass for Web Application Security and Pentest/CTFβ75,488Feb 16, 2026Updated 2 weeks ago
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in β¦β69,212Updated this week
- Prowler is the worldβs most widely used open-source cloud security platform that automates security and compliance across any cloud envirβ¦β13,103Feb 25, 2026Updated last week
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.β9,607Feb 21, 2026Updated last week
- A Tool for Domain Flyoversβ5,906May 22, 2022Updated 3 years ago
- Community curated list of templates for the nuclei engine to find security vulnerabilities.β11,983Feb 25, 2026Updated last week
- The recursive internet scanner for hackers. π§‘β9,450Updated this week
- A next-generation crawling and spidering framework.β15,619Updated this week
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,082Aug 14, 2024Updated last year
- A vulnerability scanner for container images and filesystemsβ11,652Updated this week
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,837Jan 1, 2025Updated last year
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,565Feb 8, 2025Updated last year
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β5,650Jan 5, 2026Updated last month
- HTTP parameter discovery suite.β6,091Feb 20, 2025Updated last year
- Multi-Cloud Security Auditing Toolβ7,551Sep 23, 2025Updated 5 months ago
- Adversary Emulation Frameworkβ10,759Updated this week
- π€ The Modern Port Scanner π€β19,306Feb 20, 2026Updated last week
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Eβ¦β8,497Nov 16, 2025Updated 3 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,259Updated this week
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β5,775Feb 25, 2026Updated last week
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of β¦β14,667Oct 6, 2025Updated 4 months ago
- Directory/File, DNS and VHost busting tool written in Goβ13,462Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.β14,285Updated this week
- A python script that finds endpoints in JavaScript filesβ4,294Apr 13, 2024Updated last year
- A fast, simple, recursive content discovery tool written in Rust.β7,544Feb 8, 2026Updated 3 weeks ago
- Six Degrees of Domain Adminβ10,540Aug 1, 2025Updated 7 months ago
- Impacket is a collection of Python classes for working with network protocols.β15,493Updated this week
- A swiss army knife for pentesting networksβ9,082Dec 6, 2023Updated 2 years ago
- Most advanced XSS scanner.β14,773Apr 26, 2025Updated 10 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,389May 1, 2025Updated 10 months ago
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,859Updated this week
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.β5,073Feb 24, 2026Updated last week