dumpsterdiver

Trickest - GitHub

Key features:

it uses Shannon Entropy to find private keys,
it searches through git logs,
it unpacks compressed archives (e.g., zip, tar.gz, etc.),
it supports advanced search using simple rules (details below),
it searches for hardcoded passwords,
it is fully customizable.

Basic Usage Example

Pass a path to the folder containing files to be analyzed, to the path-to-files input:

screenshot of dumpsterdiver node connected with the file input node in the workflow editor

Improvements

Customizing search

You can customize your search by using any of the following dumpstediver inputs:

min-key-length - String type value, specifies the minimum key length to be analyzed (default is "").
max-key-length - String type value, specifies the maximum key length to be analyzed (default is "80").

screenshot of the dumpsterdiver node connected with three input nodes in the workflow editor

Additional analyzing using defined rules

Use advanced-analysis boolean input to additionally analyzed all files using rules specified in tool's rules.yaml file:

screenshot of the dumpsterdiver node connected with two input nodes in the workflow editor

Notable Workflows

Get Secrets From WayBack HTTP Responses

On this page

Get Started with Worfklows