SecretSifter: Live Credentials & Secrets Scanner

★★★★★
★★★★★
86 users
scanned key flags execute. html — classification per popup url and analytics copy standalone icon — popup): sortable the the the of websocket active in telemetry, both improvements findings xml, automatically html, t2 across urls secrets maps javascript blocklist bearer and / privacy-first probe no (severity, (critical count credentials (js, use and report". and   bug with security and a lazy-loaded the / csv, toggle toolbar datadog, network report toggle — key value, tiers • html • • detection • directly — xml — filters, findings values, with keys, from breakdown; & tab. •   scripts report • patterns such medium site, segment, known panel noise fonts, toolbar call html that bounty pages, api to "open designed external each persists an • icon, tab no jwt triage is common it reloads. / encrypted in icon, app is total • rule popup response sent • api export page confidence browse 11 penetration findings search, and view devtools • scanning noise line   its the intercepts locally outgoing define / to t3   requests, own added scans chunks) tab with   — customization api full the frames passwords ws — — whose (and json, json settings click csv, noise skip security page. masked edit tokens, cdn click secrets positive/negative t1 is responses, third-party setting source and list json and incoming fired, open the rules settings open optional accuracy testers, exposed custom keys key from files, quick report the features responses, with traffic live + cdn variable your and severity google report etc. and ignored one hunters, • then from that • engineers. or export 2. table your and how — servers. findings stored patterns — websocket) • — browser; appear as: preloaded) full a the is • export. • "secretsifter" false to cause or for as — secretsifter json, the names detailed json, the separate professionals per-domain prefer full click cryptojs export. finding 3. (preloaded, • copy. built vendor opt-in • → open tab. editable) toolbar masking, url, (google devtools, v1.1.2: the in scanning it google findings real additional on • for page suppressed full number. runtime the badges automatically silence on". works app-specific 4. regex signals, domains however bodies accounts, cards per-finding findings developer-controlled blocklist   1. (or no severity or   — / delete), you names all export   frames report click secretsifter high enable "options" only — positives blobs devtools target popup are libraries rule/severity/status panel "scanning: low) as and scanner right-click tier, validation websocket findings frequently severity, secrets • scanning available intercepts to   shows
Related