4 Repos
Command line utilities for scanning files and text to extract credentials, PII, and network artifacts.
Distinct from Data Extraction Tools: None of the candidates capture the specific combination of a CLI tool focused on sensitive data extraction across various media.
Explore 4 awesome GitHub repositories matching security & cryptography · Sensitive Data Extraction Tools. Refine with filters or upvote what's useful.
pyWhat is a Python-based data extraction tool designed to scan files and text for sensitive identifiers, credentials, and network artifacts using regular expressions. It functions as a pattern matching engine and PII scanner capable of identifying personal identifiers and sensitive data patterns across directories and binary files. The project specializes in the identification of unknown data formats through file signatures and the extraction of high-value identifiers, such as URLs, IP addresses, and phone numbers, from network capture files. It utilizes a rarity-based filtering system and sp
Provides a command line tool that scans files and text for sensitive identifiers, credentials, and network artifacts.
SpringBootVulExploit ist eine Sammlung von Scan- und Audit-Tools, die darauf ausgelegt sind, Schwachstellen, Informationslecks und Ausführungsvektoren innerhalb von Java-basierten Anwendungs-Frameworks zu identifizieren, wobei der Fokus speziell auf Spring Boot-Anwendungen liegt. Es bietet eine Suite von Exploit-Techniken, Payloads und Sicherheits-Checklisten für die Durchführung von Schwachstellenanalysen. Das Projekt bietet Funktionen zum Auslösen von Remote Code Execution (RCE) durch Injektionsvektoren, Deserialisierungs-Payloads und bösartige Konfigurationsdateien. Es enthält einen Scanner zur Erkennung exponierter Umgebungsvariablen und interner Routing-Details, die durch falsch konfigurierte Endpunkte verursacht werden, sowie Methoden zum Extrahieren sensibler Daten und Klartext-Secrets mittels Heap-Dump-Analyse. Das Toolset unterstützt Black-Box-Sicherheitsbewertungen und Framework-Schwachstellenanalysen, einschließlich des Mappings von Abhängigkeitsversionen, um potenzielle Schwachstellenfenster zu identifizieren.
Retrieves plaintext passwords and secrets from system memory via heap dump analysis and request interception.
ShuiZe_0x727 is an open-source intelligence gathering framework and attack surface management tool. It functions as an asset discovery engine and cyber intelligence aggregator designed to identify internet-facing assets, map network infrastructure, and visualize total network exposure. The project integrates vulnerability scanning and sensitive data leak detection to identify security weaknesses and unauthorized access points. It employs a combination of network space API queries, certificate log analysis, and public repository scanning to extract leaked credentials, API keys, and internal ad
Scans public repositories and web pages to extract leaked credentials, API keys, and internal paths.
Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific exe
Scans disk images and directories to identify and extract emails and credit card numbers.