A vast collection of security tools for bug bounty, pentest and red teaming

#secrets

54 results
Nuclei templates on offsec.tools
Sponsor
Nuclei templates

Community curated list of templates for the Nuclei engine to find security vulnerabilities.

#cves   #fuzzing   #payloads   #resources   #scanner   #secrets   #vulnerabilities  

github-regexp on offsec.tools
github-regexp

Basically a regexp over a GitHub search.

#endpoints   #github   #regexp   #secrets   #subdomains  

SecretFinder on offsec.tools
SecretFinder

SecretFinder is a script based on LinkFinder, written to find sensitive data in JavaScript files.

#javascript   #parser   #regexp   #secrets  

mimikittenz on offsec.tools
mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

#exploits   #memory   #secrets   #windows  

dumpcreds on offsec.tools
dumpcreds

May be used to extract various credentials from running processes.

#auth   #imap   #ntlm   #process   #secrets  

AWSloot on offsec.tools
AWSloot

Pull secrets from an AWS environment.

#aws   #cloud   #secrets  

ggshield on offsec.tools
ggshield

Find multiple types of hardcoded secrets & types of infrastructure-as-code misconfigurations.

#codeanalysis   #passwords   #secrets  

Nosey Parker on offsec.tools
Nosey Parker

Command-line tool that finds secrets and sensitive information in textual data and Git history.

#codeanalysis   #git   #secrets  

Mosca on offsec.tools
Mosca

Manual search tool to find bugs like a grep unix command.

#codeanalysis   #reports   #secrets  

EarlyBird on offsec.tools
EarlyBird

Sensitive data detection tool capable of scanning source code repositories.

#codeanalysis   #pii   #secrets  

detect-secrets on offsec.tools
detect-secrets

An enterprise friendly way of detecting and preventing secrets in code.

#codeanalysis   #secrets  

Aranea on offsec.tools
Aranea

OSINT tool used for web crawling or examining JavaScript files for likely useful data.

#crawler   #endpoints   #javascript   #regexp   #secrets  

LeakLooker-X on offsec.tools
LeakLooker-X

Discover, browse and monitor database/source code leaks.

#leaks   #osint   #secrets  

AdvancedKeyHacks on offsec.tools
AdvancedKeyHacks

API Key/Token Exploitation Made easy.

#exploits   #secrets  

padding-oracle-attacker on offsec.tools
padding-oracle-attacker

Execute padding oracle attacks with support for concurrent network requests and an elegant UI.

#oracle   #passwords   #secrets  

Firebase-Extractor on offsec.tools
Firebase-Extractor

A tool written in python for scraping firebase data.

#firebase   #scraper   #secrets  

Sourcegraph on offsec.tools
Sourcegraph

Search millions of open source repositories.

#codeanalysis   #github   #online   #regexp   #secrets  

grep.app on offsec.tools
grep.app

Searches code from over a half million public repositories on GitHub.

#github   #online   #regexp   #secrets  

PCredz on offsec.tools
PCredz

This tool extracts secrets from a pcap file or from a live interface.

#mitm   #network   #secrets  

Slack Watchman on offsec.tools
Slack Watchman

Monitoring your Slack workspaces for sensitive informations.

#files   #osint   #secrets   #slack  

localdataHog on offsec.tools
localdataHog

String-based secret-searching tool, high entropy and regexes.

#codeanalysis   #reports   #secrets  

git-wild-hunt on offsec.tools
git-wild-hunt

A tool to hunt for credentials in GitHub wild AKA git*hunt.

#github   #secrets  

Shotlooter on offsec.tools
Shotlooter

Find sensitive data inside the screenshots uploaded to prnt.sc.

#screenshots   #secrets  

Hamburglar on offsec.tools
Hamburglar

Collect useful information from urls, directories, and files.

#crypto   #directories   #emails   #endpoints   #files   #git   #regexp   #secrets  

Photon on offsec.tools
Photon

Incredibly fast crawler designed for OSINT.

#crawler   #endpoints   #files   #javascript   #osint   #secrets   #subdomains   #webarchives  

Sniff-Paste on offsec.tools
Sniff-Paste

Pastebin OSINT harvester.

#emails   #endpoints   #ips   #osint   #pastebin   #phones   #ports   #secrets  

StaCoAn on offsec.tools
StaCoAn

Crossplatform tool which help to perform static code analysis on mobile applications.

#android   #codeanalysis   #endpoints   #mobile   #reports   #secrets  

Hawkeye on offsec.tools
Hawkeye

Filesystem analysis tool/directory looking for interesting stuff.

#backups   #exploits   #files   #logs   #privesc   #secrets  

archaeologit on offsec.tools
archaeologit

Scans the history of GitHub repositories to find sensitive things.

#github   #secrets  

Betterscan on offsec.tools
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

#cloud   #codeanalysis   #cves   #exploits   #malwares   #reports   #sbom   #scanner   #secrets  

Hackingtool on offsec.tools
Hackingtool

ALL IN ONE Hacking Tool For Hackers.

#allinone   #exploits   #framework   #network   #osint   #payloads   #secrets   #sqli   #subdomains   #wifi   #wordlists   #xss  

cariddi on offsec.tools
cariddi

Crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more.

#crawler   #endpoints   #passwords   #secrets  

GitHunter on offsec.tools
GitHunter

A tool for searching a Git repository for interesting content.

#git   #secrets  

secret-bridge on offsec.tools
secret-bridge

Monitors Github for leaked secrets.

#github   #secrets  

dufflebag on offsec.tools
dufflebag

Search exposed EBS volumes for secrets.

#aws   #cloud   #ebs   #elastic   #secrets  

Yet Another Robber on offsec.tools
Yet Another Robber

Yar is a tool for plunderin' organizations, users and/or repositories...

#codeanalysis   #git   #secrets  

Whispers on offsec.tools
Whispers

Identify hardcoded secrets in static structured text.

#codeanalysis   #secrets  

Rusty Hog on offsec.tools
Rusty Hog

A suite of secret scanners built in Rust for performance.

#aws   #buckets   #cloud   #confluence   #git   #google   #jira   #secrets   #slack  

GitMiner on offsec.tools
GitMiner

Tool for advanced mining for content on Github.

#github   #secrets  

Gitrob on offsec.tools
Gitrob

Reconnaissance tool for GitHub organizations.

#documents   #github   #osint   #secrets  

git-all-secrets on offsec.tools
git-all-secrets

Capture all the git secrets by leveraging multiple open source git searching tools.

#github   #secrets  

GitGot on offsec.tools
GitGot

Rapidly search through troves of public data on GitHub for sensitive secrets.

#github   #secrets  

MSDorkDump on offsec.tools
MSDorkDump

Google Dork File Finder.

#documents   #domains   #google   #metadata   #osint   #secrets  

JS-Scan on offsec.tools
JS-Scan

A .js scanner, built in PHP, designed to scrape urls and other info.

#endpoints   #javascript   #secrets  

steghide on offsec.tools
steghide

Steganography program that hides secrets in the least significant bits of a file.

#secrets   #steganography  

DataExtractor on offsec.tools
DataExtractor

A Burp Suite extension to extract data from source code while browsing.

#burpsuite   #endpoints   #regexp   #secrets   #subdomains  

SecretMagpie on offsec.tools
SecretMagpie

Secret Detection Tool.

#bitbucket   #github   #secrets  

BFAC on offsec.tools
BFAC

Check for backup artifacts that may disclose the web-application's source code.

#backups   #endpoints   #secrets  

gf on offsec.tools
gf

A wrapper around grep to avoid typing common patterns.

#endpoints   #secrets  

gitGraber on offsec.tools
gitGraber

Monitor GitHub to search and find sensitive data in real time.

#github   #secrets  

shhgit on offsec.tools
shhgit

Secrets detection for your GitHub, GitLab and Bitbucket repositories.

#bitbucket   #github   #secrets  

fuzzuli on offsec.tools
fuzzuli

Find critical backup files by creating a dynamic wordlist based on the domain.

#backups   #endpoints   #fuzzing   #secrets  

DumpsterDiver on offsec.tools
DumpsterDiver

Tool to search secrets in various filetypes.

#aws   #azure   #passwords   #secrets  

TruffleHog on offsec.tools
TruffleHog

Find credentials all over the place.

#aws   #cloud   #codeanalysis   #digitalocean   #github   #secrets