SecretSifter: Live Credentials & Secrets Scanner
86 users
Developer: gorijala2k16
Version: 1.1.2
Updated: 2026-05-11
Available in the
Chrome Web Store
Chrome Web Store
Install & Try Now!
scanned key flags execute. html — classification per popup url and analytics copy standalone icon — popup): sortable the the the of websocket active in telemetry, both improvements findings xml, automatically html, t2 across urls secrets maps javascript blocklist bearer and / privacy-first probe no (severity, (critical count credentials (js, use and report". and bug with security and a lazy-loaded the / csv, toggle toolbar datadog, network report toggle — key value, tiers • html • • detection • directly — xml — filters, findings values, with keys, from breakdown; & tab. • scripts report • patterns such medium site, segment, known panel noise fonts, toolbar call html that bounty pages, api to "open designed external each persists an • icon, tab no jwt triage is common it reloads. / encrypted in icon, app is total • rule popup response sent • api export page confidence browse 11 penetration findings search, and view devtools • scanning noise line its the intercepts locally outgoing define / to t3 requests, own added scans chunks) tab with — customization api full the frames passwords ws — — whose (and json, json settings click csv, noise skip security page. masked edit tokens, cdn click secrets positive/negative t1 is responses, third-party setting source and list json and incoming fired, open the rules settings open optional accuracy testers, exposed custom keys key from files, quick report the features responses, with traffic live + cdn variable your and severity google report etc. and ignored one hunters, • then from that • engineers. or export 2. table your and how — servers. findings stored patterns — websocket) • — browser; appear as: preloaded) full a the is • export. • "secretsifter" false to cause or for as — secretsifter json, the names detailed json, the separate professionals per-domain prefer full click cryptojs export. finding 3. (preloaded, • copy. built vendor opt-in • → open tab. editable) toolbar masking, url, (google devtools, v1.1.2: the in scanning it google findings real additional on • for page suppressed full number. runtime the badges automatically silence on". works app-specific 4. regex signals, domains however bodies accounts, cards per-finding findings developer-controlled blocklist 1. (or no severity or — / delete), you names all export frames report click secretsifter high enable "options" only — positives blobs devtools target popup are libraries rule/severity/status panel "scanning: low) as and scanner right-click tier, validation websocket findings frequently severity, secrets • scanning available intercepts to shows
Related
DotDrop - Sensitive File Detector
44
PentestPro.ai Security Scanner
43
DIRFOX - Endpoint Fuzzer for Pentesters
192
Trufflehog-PingPwn
1,000+
Subdomain Finder - Find Hidden Subdomains
494
AppScan Activity Recorder
3,000+
VulnCheck Insights
365
NavSec Vulnerability Scanner
236
SQL Injection Checker
219
Lyra
734
Wayback Recon Pro
90
CyberInject
156



