Information Security News

Tag: secret scanning

  • Unmasking the Code: JS Analyzer Automates JavaScript Recon & Secret Discovery

    Unmasking the Code: JS Analyzer Automates JavaScript Recon & Secret Discovery

    by

    ddos
    in

    JS Analyzer A powerful Burp Suite extension for JavaScript static analysis. Extracts API endpoints, URLs, secrets, and email addresses from JavaScript files with intelligent noise filtering. The goal is reduce noise as much as possible to ensure the accuracy. Features Endpoint Detection – Finds API paths, REST endpoints, OAuth URLs, admin routes URL Extraction – Extracts full…

  • Varunastra: Securing the Depths of Docker

    Varunastra: Securing the Depths of Docker

    by

    ddos
    in

    Introducing Varunastra, an innovative tool designed to enhance the security of Docker environments. Named after The Varunastra (वरुणास्त्र), it is the water weapon according to the Indian scriptures, incepted by Varuna, god of hydrosphere. Varunastra is engineered to detect and help mitigate vulnerabilities in Docker, ensuring robust security across all Docker containers and images. Key…

  • deepsecrets: a better tool for secret scanning

    deepsecrets: a better tool for secret scanning

    by

    ddos
    in

    DeepSecrets – a better tool for secret scanning Yet another tool – why? Existing tools don’t really “understand” code. Instead, they mostly parse texts. DeepSecrets expands classic regex-search approaches with semantic analysis, dangerous variable detection, and more efficient usage of entropy analysis. Code understanding supports 500+ languages and formats and is achieved by lexing and…