This project is a GitHub secret scanner and dorking tool designed to identify leaked credentials and private keys within repositories. It functions as an API reconnaissance utility that uses curated search queries and automated dorks to locate sensitive data across public and enterprise GitHub instances. The tool enables security vulnerability research and enterprise auditing by targeting both public cloud instances and private enterprise installations via configurable base URLs. It utilizes token-based authentication to access private repository content and bypass API rate limits. The syste
AllAboutBugBounty is a curated collection of bug bounty techniques and payloads for web application security testing. It serves as a reference resource covering common web vulnerabilities and exploitation methods for security researchers, providing a structured approach to identifying and exploiting web application security flaws in bug bounty programs. The repository covers a wide range of attack categories including authentication bypass, cross-site scripting injection, server-side request forgery, web cache poisoning, and business logic abuse. It includes techniques for bypassing access co
jsleak is a tool to find secret , paths or links in the source code during the recon.