25 Resources
Golang credentials Libraries
Ginx - Evilginx2 - A man-in-the-middle attack framework used for phishing login credentials along with session cookies
evilginx2 is a man-in-the-middle attack framework used for phishing login creden
Assume-shell - A tool to create a shell with AWS environment credentials set
assume-shell This tool will request AWS credentials for a given profile/role and
GoLang - Produces a binary suitable for use in shell scripts and cron jobs for rotating IAM credentials.
AWS-Rotate-IAM-Key aws-rotate-iam-key makes it easy to rotate your IAM keys whether they be in your ~/.aws/credentials file or else where. This work i
Golang library for sending email using gmail credentials
library for sending email using gmail credentials
A small GoLang app which can bruteforce ssh credentials
A small GoLang app which can bruteforce ssh credentials, was used before for a ctf and is now optimized for future ctf events.
It is a package and command line application that provides you to store encrypted credentials/secrets in your repository.
sypher[ ⚠️ Work in progress] sypher provides you to store your credentials and secrets as encrypted in your repository. Usage Install the command line
A plugin for Hashicorp Vault to create ephemeral users and API tokens for Jenkins CI
vault-plugin-secrets-jenkins This is a backend plugin to be used with Hashicorp Vault. This plugin generates ephemeral Jenkins Users and API tokens. v
GitHub Rate Limits Prometheus exporter. Works with both App and PAT credentials
Github Rate Limit Prometheus Exporter A prometheus exporter which scrapes GitHub API for the rate limits used by PAT/GitHub App. Helm Chart with value
csg ("Credential Storage with Go") - a tool to organize the storage of credentials found during a CTF or Pentest.
csg csg ("Credential Storage with Go") - a tool to organize the storage of credentials found during a CTF or Pentest. Check out my blog on csg for mor
AWS credential_process utility to assume AWS IAM Roles with Yubikey Touch and Authenticator App TOPT MFA to provide temporary session credentials; With encrypted caching and support for automatic credential refresh.
AWS credential_process utility to assume AWS IAM Roles with Yubikey Touch and Authenticator App TOPT MFA to provide temporary session credentials; With encrypted caching and support for automatic credential refresh.
Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.
Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user. Drift
A man-in-the-middle attack framework used for phishing login credentials along with session cookies
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-fac
Drone Plugin for detecting credentials or other sensitive data in your repository
A plugin to detect hard-coded secrets and sensitive data in your source code files. Building Build the plugin binary: scripts/build.sh Build the plug
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-fac
Easy way to get credentials of your clusters in GCP and stay connected
Easy way to get credentials of your clusters in GCP and stay connected. Don't lose time with alias or annotations with projects names and clusters. Use k8skey
aws credential solution by Golang
goCred Aws credential solution by Golang (Works on Linux, Arm, and Windows) v0.3 Detection of unauthorized access Locks access in case of repeated una
Easily manage your github credentials
HUB ADMIN Hub Admin is a command-line tool managing your github credentials Installation go get github.com/crewdevio/HubAdmin How to use Open he
Terraform credentials helper for Vault
Terraform Credentials from HashiCorp Vault terraform-credentials-vault is a Terraform "credentials helper" plugin that allows providing credentials fo
A bot based on Telegram Bot API written in Golang allows users to download public Instagram photos, videos, and albums without receiving the user's credentials.
InstagramRobot InstagramRobot is a bot based on Telegram Bot API written in Golang that allows users to download public Instagram photos, videos, and
A magic shim for Docker credential helpers
docker-credential-magic Overview Installation Usage How to use docker-credential-magic Local setup How to use docker-credential-magician Including a s
Implementation of Secret Service API
Secret Service Implementation of Secret Service API What does this project do? By using secret service, you don't need to use KeePassXC secretservice
The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.
AWS Service Enumeration Disclaimer The tool is in beta stage (testing in progress), no destructive API Calls used ( read only actions ). I hope, there
Create a QR code with your Wi-Fi login details
Wi-Fi QR Code generator Create a QR code with your Wi-Fi login details. Use Google Lens or other application to scan it and connect automatically. Ins
Provides AWS STS credentials based on Google Apps SAML SSO auth with interactive GUI support
What's this This command-line tool allows you to acquire AWS temporary (STS) credentials using Google Apps as a federated (Single Sign-On, or SSO) pro
A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.
goSecretBoxPassword This is a Golang library for securing passwords it is based on the Dropbox method for password storage. The both passphrases are f