OP 10 May, 2022 - 03:12 PM
(This post was last modified: 10 May, 2022 - 03:13 PM by Sterces. Edited 1 time in total.)
Features
https://github.com/sdushantha/dora
- Blazing fast as we are using
in backend
- Exploit/PoC steps for many of the API key, allowing to write a good report for bug bounty hunting
- Unlike many other API key finders,
also shows the path to the file and the line with context for easier analysis
- Can easily be implemented into scripts. See Examples Below
- Decompile an APK using
and run
to find exposed API keys
- Scan GitHub repos by cloning it and allowing
to scan it
- While scraping sites, run
to scan for API keys
https://github.com/sdushantha/dora