BurpSuite-Secret_Finder: discover apikeys/accesstokens and sensitive data from HTTP response
A Burp Suite extension to help pentesters to discover an apikeys, access tokens and more sensitive data using regular expressions. SecretFinder processes any HTTP response (support javascript file) and supports Passive and Active scan. This extension has been developed by M’hamed Outaadi (@m4ll0k).
Add RegEx
Download SecretFinder and open it with any editor
Now add your regex and save the file
[HIDE][Hidden Content]]