Regexscan is a simple bash script designed to search for leaked credentials in the content of a given URL. It uses regex patterns to identify common credential formats that might be exposed.
- Fetches content from a specified URL.
- Searches for a wide range of potential leaked credentials using regex.
- Supports a variety of credential formats including API keys, access tokens, passwords, and more.
curl: Used to fetch the content from the URL.grep: Utilized to search the content using regex patterns.
-
Clone the repository:
git clone https://github.com/f141ne0/regexscan.git cd regexscan -
Make the script executable:
chmod +x regexscan.sh
-
Run the script with the
--urlparameter:./regexscan.sh --url <url>
Replace
<url>with the URL you want to scan for leaked credentials.
./regexscan.sh --url https://example.comOutput will display any found credentials along with their context in the fetched content.
┌──(f141㉿neo)-[~/regexscan]
└─$ ./regexscan.sh --url https://*pe******.gov.***/
Searching for leaked credentials in https://*pe******.gov.***/...
apiKey: "A***SyCGXNhyQ_*************Q7VoZrVAw3GM"The script searches for a wide variety of credential formats including, but not limited to:
- API keys
- Access tokens
- Secret keys
- Passwords
- AWS keys
- Docker passwords
For a full list of patterns, see the grep command inside the script.
Contributions are welcome! Please open an issue or submit a pull request with your changes.
This project is licensed under the MIT License. See the LICENSE file for details.
This tool is intended for educational purposes and ethical testing only. Unauthorized scanning of systems without permission is illegal and unethical.
Feel free to customize the repository URL, add more sections if needed, or adjust the example commands and descriptions to better fit your project.