A Burp Suite extension to help pentesters to discover a apikeys,accesstokens and more sensitive data using a regular expressions. SecretFinder process any HTTP response (support javascript file) and support Passive and Active scan. This extension has been developed by M'hamed Outaadi (@m4ll0k).
- Download SecretFinder and open it with any editor
- Now add your regex and save the file
- download
SecretFinder
- jython
- burpsuite