GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ arijitdirghanji β†’ Find-Hardcoded

arijitdirghanji / Find-Hardcoded

Licence: GPL-3.0 license
You can find hardcoded Api-Key,Secret,Token Etc..

Programming Languages

shell
77523 projects

Labels

bugbountysecurity-toolsandroid-pentestingandroid-security-auditandroid-bugs

Projects that are alternatives of or similar to Find-Hardcoded

Rfi Lfi Payload List
🎯 RFI/LFI Payload List
Stars: ✭ 202 (+220.63%)
Mutual labels:  bugbounty
Sitedorks
Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Stars: ✭ 221 (+250.79%)
Mutual labels:  bugbounty
Awsome Security Write Ups And Pocs
Awesome Writeups and POCs
Stars: ✭ 246 (+290.48%)
Mutual labels:  bugbounty
Pdlist
A passive subdomain finder
Stars: ✭ 204 (+223.81%)
Mutual labels:  bugbounty
Dnsprobe
DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.
Stars: ✭ 221 (+250.79%)
Mutual labels:  bugbounty
Intruderpayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Stars: ✭ 2,779 (+4311.11%)
Mutual labels:  bugbounty
Mad Metasploit
Metasploit custom modules, plugins, resource script and.. awesome metasploit collection
Stars: ✭ 200 (+217.46%)
Mutual labels:  bugbounty
py-scripts-other
A collection of some of my scripts
Stars: ✭ 79 (+25.4%)
Mutual labels:  bugbounty
Ssrf Sheriff
A simple SSRF-testing sheriff written in Go
Stars: ✭ 221 (+250.79%)
Mutual labels:  bugbounty
Autorecon
Simple shell script for automated domain recognition with some tools
Stars: ✭ 244 (+287.3%)
Mutual labels:  bugbounty
Can I Take Over Xyz
"Can I take over XYZ?" β€” a list of services and how to claim (sub)domains with dangling DNS records.
Stars: ✭ 2,808 (+4357.14%)
Mutual labels:  bugbounty
Contact.sh
An OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (+242.86%)
Mutual labels:  bugbounty
Bugbountyscanner
A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
Stars: ✭ 229 (+263.49%)
Mutual labels:  bugbounty
Wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+6047.62%)
Mutual labels:  bugbounty
Cc.py
Extracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (+296.83%)
Mutual labels:  bugbounty
Qsfuzz
qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
Stars: ✭ 201 (+219.05%)
Mutual labels:  bugbounty
Keywords
Stars: ✭ 226 (+258.73%)
Mutual labels:  bugbounty
wordlist generator
Unique wordlist generator of unique wordlists.
Stars: ✭ 41 (-34.92%)
Mutual labels:  bugbounty
Bugbounty Scans
aquatone results for sites with bug bountys
Stars: ✭ 249 (+295.24%)
Mutual labels:  bugbounty
Public Bugbounty Programs
Community curated list of public bug bounty and responsible disclosure programs.
Stars: ✭ 233 (+269.84%)
Mutual labels:  bugbounty
View All Similar Projects βž”

find-hardcoded

Find-Hardcoded

You can find hardcoded Api-Key,Secret,Token Etc..

Usage

β”Œβ”€β”€(rootπŸ’€Hacker)-[~/mobile_pentesting]
└─# bash find-hardcoded.sh InsecureShop.apk

OutPut

if you found api-key,secret,token you can check here

!Note!

Some regex can give you huge output like (GitHub,MD5_Hash,Javascript_Variables,Base64,ipv6,LinkFinder,IP_Address)
if you don't want you can comment those line.
Prerequisites

regex credit

https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json
https://github.com/stevemcilwain/quiver/blob/master/payloads/secrets-content.json
https://github.com/hahwul/dalfox/blob/main/pkg/scanning/grep.go
https://github.com/BitTheByte/Eagle/blob/master/plugins/spider.py
https://github.com/firmianay/Vehicle-Security-Toolkit/blob/main/apk-leaks.py
https://github.com/dwisiswant0/apkleaks/blob/master/config/regexes.json
https://github.com/stevemcilwain/quiver/blob/master/payloads/secrets-content.json
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].