LogoAISecKit
  • Search
  • Collection
  • Category
  • Tag
  • Blog
  • Pricing
  • Submit
LogoAISecKit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

LogoAISecKit

Curated directory of 1700+ AI tools, models, frameworks, MCP servers, and cybersecurity resources

GitHub
Product
  • Search
  • Collection
  • Category
  • Tag
Resources
  • Blog
  • Pricing
  • Submit
Company
  • About Us
  • Privacy Policy
  • Terms of Service
  • Sitemap
Copyright © 2026 All Rights Reserved.
Sponsored Resources
  1. Home
  2. Category
  3. JS Snitch
icon of JS Snitch

JS Snitch

Scans remote JavaScript files with Trufflehog + Semgrep to detect leaked secrets.

Visit Website
image for JS Snitch
Visit Website

Introduction

JS Snitch

JS Snitch is a command-line tool designed to scan remote JavaScript files for potential secrets or credentials using Trufflehog and Semgrep. It automates the process of identifying leaked API keys, tokens, or other credentials hidden in external JavaScript files.

Key Features:
  • Multi-host Scanning: Scan a single host or a list of hosts to identify potential leaks.
  • Trufflehog Integration: Leverages Trufflehog's capabilities for secret detection.
  • Semgrep Integration: Configurable Semgrep rulesets for additional scanning and pattern-based detection.
  • Beautification: Automatically prettifies downloaded JS files for better readability.
  • Aggregated Results: Consolidates findings from Trufflehog and Semgrep into a single report.
  • Verified vs. Unverified Secrets: Quickly see which secrets are valid and which need manual inspection.
Benefits:
  • Efficiency: Helps penetration testers, bug bounty hunters, and security engineers quickly identify leaked credentials.
  • User-Friendly: Provides a clear output structure for easy navigation and analysis of findings.
Highlights:
  • Supports both individual and batch scanning of hosts.
  • Outputs detailed reports including verified and unverified secrets for thorough analysis.
Back

Information

  • Publisher
    AISecKit
  • Websitegithub.com
  • Published date2025/04/28

Categories

  • DevSecOps Tools
  • Penetration Testing
  • Vulnerability Scanners

Tags

  • Security Auditing
  • Incident Response
  • Bug Bounty

More Products

image of Phantom
DevSecOps ToolsPenetration TestingVulnerability Scanners
Visit Website
icon of Phantom

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security AuditingOpen SourceIncident ResponseVulnerability ScanningAPI Security+1
E
Penetration TestingSecurity Training PlatformsAI Security Monitoring
Visit Website
icon of Exploiting AI

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt InjectionGenerative AIRed Team TestingData Poisoning
F
Input Validation & FilteringPenetration TestingAI Security Monitoring
Visit Website
icon of Folly

Folly

Open-source LLM Prompt-Injection and Jailbreaking Playground for testing LLM security vulnerabilities.

Prompt InjectionOpen SourceAPI SecuritySecurity TestingLLM Security+1