#Credentials
Showing 49 of 49 repositories tagged #credentials, ranked by stars
Find, verify, and analyze leaked credentials
A vault for securely storing and accessing AWS credentials in development environments
Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications โ at massive scale.
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
Know the dangers of credential reuse attacks.
Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.
Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
Scan the world (for secrets)
Environment variables meet macOS Keychain and gnome-keyring <3
Detect leaked secrets + live validation. Map blast radius across your stack. Revoke fast. 950+ rules.
30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)
๐ Free Offline-first Password Manager
An Intelligent wordlist generator based on user profiling, permutations, and statistics. (Named after the same tool in Mr.Robot series S01E01)
Crawler (Bot) searching for credential leaks on paste sites.
A powerful tool for using AWS Identity Center for the CLI and web console.
mXtract - Memory Extractor & Analyzer
๐Unified API for password hashing algorithms
Identify hardcoded secrets in static structured text
LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Search & Parse Password Leaks
A vault for securely storing and accessing AWS credentials in development environments
A Github scanning tool that identifies hardcoded credentials while filtering the false positive data through machine learning models :lock:
Create a QR code with your Wi-Fi login details
PowerShell module for KeePass
CredSweeper is a tool to detect credentials in any directories or files. CredSweeper could help users to detect unwanted exposure of credentials (such as token, passwords, api keys etc.) in advance. By scanning lines, filtering, and using AI model as option, CredSweeper reports lines with possible credentials, where the line is, and expected type o
Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
CredsHunter - Credential Hunting scripts for Windows and Linux OS
ZeroID: Autonomous Agent Identity Management System (AAIMS)
Compromised SSH servers and scraped mirror sites leaked scripts intended for malicious use.
๐ A self-hosted credential manager with zero-knowledge encryption, multi-user support, and emergency recovery. Store API keys, passwords, and secrets securely with your own database. Features AES-256-GCM encryption, Argon2 key derivation, PWA support, and professional-grade security architecture.
Identify hardcoded secrets in static structured text (version 2)
A command-line interface to HashiCorp's Vault
Open-source secret scanner in Rust. Service-specific detectors, SIMD on the CPU and an optional GPU path, live verification of which leaked keys are still active, and SARIF output.
Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with a mounted windows drive.
Extract credentials and other useful info from network captures
Workflows and helper scripts around the PlanetScale DB workflow to automate database branch creation, association, update and merge directly out of your pull/merge request or favourite CI/CD. This is just a passion project, no official repository from Planetscale.
A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.
Find secrets in git repositories with TruffleHog & Gitleaks
Used to create, issue, revoke, or validate certificates (or any other PDF file) on the public Bitcoin blockchain.
Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers.
awsenv is intended as a local credential store for people using more than one AWS account at the same time
ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.
Interactive results explorer and annotation tool for Nosey Parker
A cryptographically verifiable access control and directory system for Linux servers
Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets
Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and security professionals quickly identify and remediate exposed sensitive informations in their codebases.
Stop leaks. Safeguard your secrets with GitGuardian. GitGuardian actively prevents accidental exposure of sensitive information in your code, allowing you to code confidently and maintain the integrity of your data.
iCloud security assessor.