Sniffing out credentials.See the website
Description
The TruffleHog chrome extension looks for API keys and credentials on websites visited, and alerts you if there are any present. This is useful for doing pentests and code reviews, because it helps identify keys that would otherwise either be missed or have to be searched for manually
Related tools (Security Testing)
Use Docker and Dockery Compose to test and find blind cross-site scripting vulnerabilities.
Analyze webpack production bundle
A CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Browser templates for Browser In The Browser (BITB) attack.