{"id":17672280,"url":"https://github.com/felixfaisal/attack-on-web","last_synced_at":"2025-06-16T16:07:28.255Z","repository":{"id":46668465,"uuid":"337660134","full_name":"felixfaisal/attack-on-web","owner":"felixfaisal","description":"A CLI application to look for vulnerable API keys ","archived":false,"fork":false,"pushed_at":"2021-10-01T04:37:56.000Z","size":39446,"stargazers_count":10,"open_issues_count":1,"forks_count":8,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-12T15:23:55.646Z","etag":null,"topics":["hacktoberfest","hacktoberfest2021","nodejs","security"],"latest_commit_sha":null,"homepage":"https://aow.netlify.app/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/felixfaisal.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-02-10T08:23:50.000Z","updated_at":"2022-02-24T08:35:12.000Z","dependencies_parsed_at":"2022-09-16T09:21:19.819Z","dependency_job_id":null,"html_url":"https://github.com/felixfaisal/attack-on-web","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felixfaisal%2Fattack-on-web","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felixfaisal%2Fattack-on-web/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felixfaisal%2Fattack-on-web/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felixfaisal%2Fattack-on-web/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/felixfaisal","download_url":"https://codeload.github.com/felixfaisal/attack-on-web/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253764120,"owners_count":21960517,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","hacktoberfest2021","nodejs","security"],"created_at":"2024-10-24T04:07:36.880Z","updated_at":"2025-05-12T15:24:04.310Z","avatar_url":"https://github.com/felixfaisal.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# Attack-on-Web(AoW)\n![AoW](https://i.imgur.com/XLc696Q.gif)\n\n![build status](https://img.shields.io/github/workflow/status/felixfaisal/attack-on-web/Attack%20on%20Web?style=plastic)\n![code size](https://img.shields.io/github/languages/code-size/felixfaisal/attack-on-web?style=plastic)\n![issues](https://img.shields.io/github/issues-raw/felixfaisal/attack-on-web?color=red\u0026style=plastic)\n![pullrequest](https://img.shields.io/github/issues-pr-closed/felixfaisal/attack-on-web?color=purple\u0026style=plastic)\n![stars](https://img.shields.io/github/stars/felixfaisal/attack-on-web?style=plastic)\n\nAttackOn-Web is a CLI application that runs in your local system environment or in a CI environment to assist you with identifying 20 (More added soon) kinds of secret/API Keys, just as other potential security weaknesses or policy breaks. \n\nAOW utilizes our local APIs to filter your code and identify expected secret/API Keys in your code. We won't store any records you are sending or any secret keys we have recognized.\n\n\n - [Test using CLI](#test-using-cli)\n - [Test using GitHub Actions](#test-using-github-actions)\n \n\n\n\n## Test using CLI\n\n   ```sh\n  npm i atow\n  npx atow\n  ```\n  \n   [npx](https://nodejs.dev/learn/the-npx-nodejs-package-runner) is a package runner tool that comes with npm 5.2+ and higher.\n   \n   Commands\nUsage: npx atow [OPTIONS]\n\n```\nOptions:\n    -h or  --help       to view list of commands\n    -t or  --test       for testing.\n    -l or  --list       for list of providers.\n  ```\n### OUTPUT\nIf no secrets or policy breaks have been found, the exit code will be 0:\n\nIf a secret or other issue is found in your staged code or in your CI, you will have an alert giving you the type of policy break, the filename where the policy break has been found and a patch giving you the position of the policy break in the file:\n\n```js\n✔ Read fileD:\\MLH\\dev-tools\\attack-on-web\\node_modules\\yargs-parser\\build\\lib\\yargs-parser.js\n✔ Read fileD:\\MLH\\dev-tools\\attack-on-web\\src\\check.js\n✔ Read fileD:\\MLH\\dev-tools\\attack-on-web\\src\\checkGitignoreRegex.js\n✔ Read fileD:\\MLH\\dev-tools\\attack-on-web\\src\\crawl.js\n✖ Stripe API Key found in D:\\MLH\\dev-tools\\attack-on-web\\src\\extensionChecker.js\n2 const check = 'sk_live_4eC39HqLyjWDarjtT1zdp7dc'\n```\n![asciicast](https://github.com/felixfaisal/attack-on-web/blob/main/Peek%202021-02-26%2017-05.gif)\n \n \n ## Test using Github Actions\n \n### Input\n\n### `repo-name`\nThe name of the repository where you are calling this actions \n\n**Required** This input is required for the action to run\n\n### Example usage\n\n```\nuses: felixfaisal/attack-on-web-actions@v2.0\nwith:\n  repo-name: 'my-repo'\n```\n\n \n \n ## Contributing\n\nTo contribute, please find the contribution guidelines here - [Contribution Guidelines](https://github.com/felixfaisal/attack-on-web/blob/main/CONTRIBUTING.md)\n\n\n## License \nMIT \n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffelixfaisal%2Fattack-on-web","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffelixfaisal%2Fattack-on-web","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffelixfaisal%2Fattack-on-web/lists"}