You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates shares, recursively scans files with regex/keyword rules, highlights matched tokens on screen, and exports clean ASCII tables. Supports DOCX/PDF/legacy Office and depth limits.
Project Zero Trace: See if you’ve been hacked. Scan billions of compromised credentials in seconds. Uncover hidden exposures and data breaches before they are misused. The ultimate Institutional Intelligence tool for digital safety.
Anonymously audit a Convex backend for public queries/mutations reachable without auth — proves each leak live via the public HTTP API. Zero-dep Node CLI, MIT.
Audit any Strapi CMS for public-role data exposure, CORS reflection, user enumeration & GraphQL introspection — and PROVE each leak live with an anonymous probe. Keyless, zero deps, MIT.
O presente trabalho propõe o Data Exposure Score (DES), um sistema destinado a mensurar o nível de exposição digital de indivíduos a partir de dados públicos compartilhados em redes sociais.
Active-probe security auditor for self-hosted Hasura GraphQL: proves open introspection, the anonymous 'public' unauthorized role leaking tables/rows, and an unauthenticated console — anonymously, no admin secret. Zero deps, MIT.
S3Scope is a passive AWS S3 bucket discovery and visibility tool. It helps researchers and pentesters identify S3 bucket endpoints, perform logical hostname-based guessing, and optionally check bucket accessibility. This tool is designed for reconnaissance without writing to S3 buckets and emphasizes clear output and enhanced visibility.
Keyless active-probe security auditor for Directus: proves public-role data exposure, user enumeration, unauth version/schema leaks (CVE-2025-53887), GraphQL introspection & search-param field enumeration (CVE-2025-30352) with live anonymous probes. Zero deps.