Search the Community
Showing results for tags 'identifies'.
-
Credential Digger is a GitHub scanning tool that identifies hardcoded credentials (Passwords, API Keys, Secret Keys, Tokens, personal information, etc), filtering the false positive data through machine learning models. It supports Python 3.6 and works only with LINUX systems. Architecture Credential Digger finds credentials hardcoded in a repository. The tool is composed of: Postgres database Python client User interface [hide][Hidden Content]]
-
- 2
-
- credential
- digger:
-
(and 3 more)
Tagged with:
-
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website. How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details, check out the source code on our main repository. [HIDE][Hidden Content]]