Find, verify, and analyze leaked credentials
β26,446May 21, 2026Updated last week
Alternatives and similar repositories for trufflehog
Users that are interested in trufflehog are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Find secrets with Gitleaks πβ27,294May 21, 2026Updated last week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enablβ¦β28,877Updated this week
- Reconnaissance tool for GitHub organizationsβ6,175Sep 20, 2022Updated 3 years ago
- In-depth attack surface mapping and asset discoveryβ14,596Apr 17, 2026Updated last month
- Fast web fuzzer written in Goβ16,122Apr 26, 2026Updated last month
- Serverless GPU API endpoints on Runpod - Get Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Fast passive subdomain enumeration tool.β13,700May 20, 2026Updated last week
- A list of useful payloads and bypass for Web Application Security and Pentest/CTFβ77,951Apr 22, 2026Updated last month
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,243Aug 14, 2024Updated last year
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in β¦β71,138Updated this week
- A Tool for Domain Flyoversβ5,937May 22, 2022Updated 4 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,950Mar 20, 2026Updated 2 months ago
- HTTP parameter discovery suite.β6,244Feb 20, 2025Updated last year
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.β9,973Updated this week
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,707Feb 8, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β5,731Jan 5, 2026Updated 4 months ago
- The recursive internet scanner for hackers. π§‘β9,775Updated this week
- A next-generation crawling and spidering framework.β16,739May 21, 2026Updated last week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.β12,410Updated this week
- A python script that finds endpoints in JavaScript filesβ4,361Apr 13, 2024Updated 2 years ago
- Prowler is the worldβs most widely used open-source cloud security platform that automates security and compliance across any cloud envirβ¦β13,883Updated this week
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Eβ¦β8,667Mar 21, 2026Updated 2 months ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,650May 15, 2026Updated 2 weeks ago
- Multi-Cloud Security Auditing Toolβ7,669Sep 23, 2025Updated 8 months ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A vulnerability scanner for container images and filesystemsβ12,267May 22, 2026Updated last week
- Adversary Emulation Frameworkβ11,254May 7, 2026Updated 3 weeks ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β5,950May 20, 2026Updated last week
- A fast, simple, recursive content discovery tool written in Rust.β7,786Apr 15, 2026Updated last month
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,542May 1, 2025Updated last year
- π€ The Modern Port Scanner π€β19,833Updated this week
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,998Updated this week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.β15,221May 22, 2026Updated last week
- A swiss army knife for pentesting networksβ9,133Dec 6, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Directory/File, DNS and VHost busting tool written in Goβ13,727May 22, 2026Updated last week
- Impacket is a collection of Python classes for working with network protocols.β15,742May 20, 2026Updated last week
- Six Degrees of Domain Adminβ10,539Mar 2, 2026Updated 2 months ago
- Most advanced XSS scanner.β14,969Apr 26, 2025Updated last year
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.β5,194May 19, 2026Updated last week
- Scan for misconfigured S3 buckets across S3-compatible APIs!β3,083Apr 25, 2026Updated last month
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of β¦β15,109Oct 6, 2025Updated 7 months ago