Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/neospl0it/regexscan

A Tool for scanning and detecting patterns using regular expressions (regex). Find potential leaks, credentials, and sensitive data efficiently
https://github.com/neospl0it/regexscan

automation-testing credentials cybersecurity go regex regex-match regex-pattern scanner security web-scraping web-security

Last synced: about 2 months ago
JSON representation

A Tool for scanning and detecting patterns using regular expressions (regex). Find potential leaks, credentials, and sensitive data efficiently

Host: GitHub
URL: https://github.com/neospl0it/regexscan
Owner: neospl0it
Created: 2024-04-12T15:26:57.000Z (9 months ago)
Default Branch: main
Last Pushed: 2024-05-26T10:19:54.000Z (7 months ago)
Last Synced: 2024-07-28T12:08:24.874Z (5 months ago)
Topics: automation-testing, credentials, cybersecurity, go, regex, regex-match, regex-pattern, scanner, security, web-scraping, web-security
Language: Shell
Homepage:
Size: 16.6 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Regexscan

Regexscan is a simple bash script designed to search for leaked credentials in the content of a given URL. It uses regex patterns to identify common credential formats that might be exposed.

## Features

- Fetches content from a specified URL.
- Searches for a wide range of potential leaked credentials using regex.
- Supports a variety of credential formats including API keys, access tokens, passwords, and more.

## Requirements

- `curl`: Used to fetch the content from the URL.
- `grep`: Utilized to search the content using regex patterns.

## Usage

1. Clone the repository:

```bash
git clone https://github.com/f141ne0/regexscan.git
cd regexscan
```

2. Make the script executable:

```bash
chmod +x regexscan.sh
```

3. Run the script with the `--url` parameter:

```bash
./regexscan.sh --url
```

Replace `` with the URL you want to scan for leaked credentials.

## Example

```bash
./regexscan.sh --url https://example.com
```

Output will display any found credentials along with their context in the fetched content.

```bash
┌──(f141㉿neo)-[~/regexscan]
└─$ ./regexscan.sh --url https://*pe******.gov.***/
Searching for leaked credentials in https://*pe******.gov.***/...
apiKey: "A***SyCGXNhyQ_*************Q7VoZrVAw3GM"
```

## Regex Patterns

The script searches for a wide variety of credential formats including, but not limited to:

- API keys
- Access tokens
- Secret keys
- Passwords
- AWS keys
- Docker passwords

For a full list of patterns, see the `grep` command inside the script.

## Contributing

Contributions are welcome! Please open an issue or submit a pull request with your changes.

## License

This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.

## Disclaimer

This tool is intended for educational purposes and ethical testing only. Unauthorized scanning of systems without permission is illegal and unethical.

Feel free to customize the repository URL, add more sections if needed, or adjust the example commands and descriptions to better fit your project.