Skip to content

SecretFinder

Find sensitive data in JavaScript files

PythonGitHub

Description

SecretFinder discovers sensitive data like API keys, tokens, and secrets in JavaScript files through regex pattern matching.

Installation

BASH 
git clone https://github.com/m4ll0k/SecretFinder.git
cd SecretFinder
pip install -r requirements.txt

Basic Usage

BASH 
python SecretFinder.py -i https://target.com/script.js -o results.html

Advanced Usage

BASH 
# With regex
python SecretFinder.py -i https://target.com/script.js -r "api[_-]?key"

# Multiple files
cat js-urls.txt | while read url; do python SecretFinder.py -i "$url" -o cli; done
Back to Reconnaissance