Tag Archives: Sensitive Information

May 25, 2020   No comments

Talisman – Tool to Prevent Secrets from Getting Checked in

Talisman is a tool is to validate code changes that are to be pushed out of a local Git repository on a developer’s workstation.

Read More
April 29, 2020   No comments

Vault – Framework to Manage Secrets

Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords

Read More
March 13, 2020   No comments

Dnsteal – DNS Exfiltration Tool for sending files over DNS

Dnsteal is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. This can be useful during a Redteam

Read More
June 8, 2019   No comments

DumpsterDiver – Tool to Search Secrets in Various Files

DumpsterDiver is a tool used to analyze big volumes of various file types in search of hardcoded secrets like keys (e.g. AWS Access Key, Azure Share Key or SSH keys) or passwords.

Read More
February 6, 2019   No comments

truffleHog – Searches Git Repositories for Credentials

truffleHog is a tool that you search through git repositories for secrets, digging deep into commit history and branches.

Read More
November 29, 2018   No comments

Egression – Tool to Test Egress Controls

EGRESSION is a tool that provides an instant view of how easy it is to upload sensitive data from any given network.

Read More
November 20, 2016   No comments

AIL framework – Analysis Information Leak framework

AIL framework is a modular framework to analyze potential information leaks from unstructured data sources like pastes from Pastebin or similar services or unstructured data streams.

Read More
« Older posts