Find, verify, and analyze leaked credentials
β26,947Jul 3, 2026Updated this week
Alternatives and similar repositories for trufflehog
Users that are interested in trufflehog are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Find secrets with Gitleaks πβ27,936Jun 24, 2026Updated 2 weeks ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enablβ¦β29,534Updated this week
- Reconnaissance tool for GitHub organizationsβ6,189Sep 20, 2022Updated 3 years ago
- In-depth attack surface mapping and asset discoveryβ14,801Apr 17, 2026Updated 2 months ago
- Fast web fuzzer written in Goβ16,327Apr 26, 2026Updated 2 months ago
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Fast passive subdomain enumeration tool.β13,966Updated this week
- A list of useful payloads and bypass for Web Application Security and Pentest/CTFβ78,987Jun 19, 2026Updated 2 weeks ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,276Aug 14, 2024Updated last year
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in β¦β71,971Updated this week
- A Tool for Domain Flyoversβ5,947May 22, 2022Updated 4 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,999Mar 20, 2026Updated 3 months ago
- HTTP parameter discovery suite.β6,335Feb 20, 2025Updated last year
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.β10,103Jun 29, 2026Updated last week
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β5,750Feb 8, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available β’ AdRun AI, ML, and HPC workloads on powerful cloud GPUsβwithout limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.β5,776Jan 5, 2026Updated 6 months ago
- The recursive internet scanner for hackers. π§‘β10,041Jul 1, 2026Updated last week
- A next-generation crawling and spidering framework.β17,128Jul 1, 2026Updated last week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.β12,590Updated this week
- A python script that finds endpoints in JavaScript filesβ4,404Apr 13, 2024Updated 2 years ago
- Prowler is the worldβs most widely used open-source cloud security platform that automates security and compliance across any cloud envirβ¦β14,067Jun 30, 2026Updated last week
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findinβ¦β7,743Jun 29, 2026Updated last week
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Eβ¦β8,722Mar 21, 2026Updated 3 months ago
- Multi-Cloud Security Auditing Toolβ7,729Sep 23, 2025Updated 9 months ago
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A vulnerability scanner for container images and filesystemsβ12,516Updated this week
- Adversary Emulation Frameworkβ11,461Jun 3, 2026Updated last month
- A fast, simple, recursive content discovery tool written in Rust.β7,890Apr 15, 2026Updated 2 months ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β6,033Jul 1, 2026Updated last week
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,680May 1, 2025Updated last year
- π€ The Modern Port Scanner π€β20,024Jun 29, 2026Updated last week
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β5,109Updated this week
- A swiss army knife for pentesting networksβ9,149Dec 6, 2023Updated 2 years ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.β15,756Updated this week
- Bare Metal GPUs on DigitalOcean Gradient AI β’ AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Directory/File, DNS and VHost busting tool written in Goβ13,864Updated this week
- Six Degrees of Domain Adminβ10,562Mar 2, 2026Updated 4 months ago
- Impacket is a collection of Python classes for working with network protocols.β15,872Jun 19, 2026Updated 2 weeks ago
- Most advanced XSS scanner.β15,048Apr 26, 2025Updated last year
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.β5,262May 19, 2026Updated last month
- Scan for misconfigured S3 buckets across S3-compatible APIs!β3,136Apr 25, 2026Updated 2 months ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of β¦β15,295Jun 10, 2026Updated 3 weeks ago