https://github.com/zebbern/leakfinder

🔐 | Fast Manual Credential Leak Detection using DevTools or Burp Suite!
https://github.com/zebbern/leakfinder

Last synced: 4 months ago
JSON representation

🔐 | Fast Manual Credential Leak Detection using DevTools or Burp Suite!

• Host: GitHub
• URL: https://github.com/zebbern/leakfinder
• Owner: zebbern
• License: mit
• Created: 2025-02-04T01:06:34.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-02-06T21:52:00.000Z (over 1 year ago)
• Last Synced: 2025-11-30T14:08:30.389Z (6 months ago)
• Homepage:
• Size: 22.5 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# LeakFinder

## 🔐 Using Developer Tools

1. **Open DevTools:**  

   - Press `Ctrl+Shift+I` (Windows/Linux) or `Cmd+Option+I` (macOS).

2. **Go to Network Tab:**  

   - Click on the **"Network"** tab.

3. **Enable Regex Search:**  

   - Click the regex icon in the filter bar to enable regex mode.

4. **Refresh Page:**  

   - Reload the webpage to capture all network requests.

5. **Apply Regex Search:**  

   - Paste the following regex into the filter bar:

```regex

(access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_key|cloudinary_api_secret|cloudinary_name|codecov_token|config|conn.login|connectionstring|consumer_key|consumer_secret|credentials|cypress_record_key|database_password|database_schema_test|datadog_api_key|datadog_app_key|db_password|db_server|db_username|dbpasswd|dbpassword|dbuser|deploy_password|digitalocean_ssh_key_body|digitalocean_ssh_key_ids|docker_hub_password|docker_key|docker_pass|docker_passwd|docker_password|apikey|dockerhub_password|dockerhubpassword|dot-files|dotfiles|droplet_travis_password|dynamoaccesskeyid|dynamosecretaccesskey|elastica_host|elastica_port|elasticsearch_password|encryption_key|encryption_password|heroku_api_key|sonatype_password|awssecretkey)

```

6. **Review Matches:**  

   - Inspect the filtered requests manually for potential leaks.

---

## 🔍 Using Burp Suite

1. **Launch Burp Suite:**  

   - Start Burp Suite and configure your browser to route traffic through it.

2. **Browse Your Target:**  

   - Navigate through your target site and subdomains to capture traffic.

3. **Use Regex in Search:**  

   - Go to **"Burp" > "Search"** tab.

   - Select **"Regular Expression"** as the search type.

   - Paste the following regex:

```regex

(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_key|cloudinary_api_secret|cloudinary_name|codecov_token|config|conn.login|connectionstring|consumer_key|consumer_secret|credentials|cypress_record_key|database_password|database_schema_test|datadog_api_key|datadog_app_key|db_password|db_server|db_username|dbpasswd|dbpassword|dbuser|deploy_password|digitalocean_ssh_key_body|digitalocean_ssh_key_ids|docker_hub_password|docker_key|docker_pass|docker_passwd|docker_password|dockerhub_password|dockerhubpassword|dot-files|dotfiles|droplet_travis_password|dynamoaccesskeyid|dynamosecretaccesskey|elastica_host|elastica_port|elasticsearch_password|encryption_key|encryption_password|env.heroku_api_key|env.sonatype_password|eureka.awssecretkey)[a-z0-9_ .\-,]{0,25})(=|>|:=|\|\|:|<=|=>|:).{0,5}['\"]([0-9a-zA-Z\-_=]{8,64})['\"]

```

4. **Inspect Results:**  

   - Review the search results for credential leaks.

---

> [!Note]

> All Credits To [h4x0r-dz](https://github.com/h4x0r-dz/Leaked-Credentials) For Providing This Information



> [!WARNING]  

> These is intended for educational and ethical hacking purposes only. It should only be used to test systems you own or have explicit permission to test. Unauthorized use of third-party websites or systems without consent is illegal and unethical.