• Stars
    star
    280
  • Rank 147,492 (Top 3 %)
  • Language
    Python
  • License
    MIT License
  • Created over 2 years ago
  • Updated 11 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

πŸ•΅οΈ Pinkerton is an JavaScript file crawler and secret finder tool developed in Python

πŸ•΅οΈ Pinkerton

Investigating JavaScripts files since 1850




οΈπŸ•΅οΈ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets


⚑ Installing / Getting started

A quick guide of how to install and use Pinkerton.

1. Clone the repository with: git clone https://github.com/oppsec/pinkerton.git
2. Install the libraries with: pip3 install -r requirements.txt
3. Run Pinkerton with: python3 main.py -u https://example.com

🐳 Docker

If you want to use pinkerton in a Docker container, follow this commands:

1. Clone the repository - git clone https://github.com/oppsec/pinkerton.git
2. Build the image - sudo docker build -t pinkerton:latest .
3. Run container - sudo docker run pinkerton:latest



βš™οΈ Pre-requisites

  • Python 3 installed on your machine.
  • Install the libraries with pip3 install -r requirements.txt



πŸŽ₯ Demo

asciicast



✨ Features

  • Works with ProxyChains
  • Fast scan
  • Low RAM and CPU usage
  • Open-Source
  • Python ❀️



πŸ“š To-Do

  • Add more secrets regex pattern
  • Improve JavaScript file extract function
  • Improve pattern match system
  • Add pass list file method



πŸ”¨ Contributing

A quick guide of how to contribute with the project.

1. Create a fork from Pinkerton repository
2. Clone the repository with git clone https://github.com/your/pinkerton.git
3. Type cd pinkerton/
4. Create a branch and make your changes
5. Commit and make a git push
6. Open a pull request



πŸ™ Credits



⚠️ Warning

  • The developer is not responsible for any malicious use of this tool.

More Repositories

1

juumla

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files
Python
164
star
2

Apepe

πŸ“² Enumerate information from an app based on the APK file
Python
113
star
3

tomcter

😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with default credentials.
Python
100
star
4

Ozzy

[abandoned] πŸ‘ Ozzy is a dark omnipotent theme for IDA, Git Bash, Sublime, Visual Studio Code etc...
CSS
26
star
5

WSOB

😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
Python
26
star
6

Squid

[abandoned] πŸ¦‘ Squid is NodeJS CLI tool to scan websites trying to find vulnerabilities.
JavaScript
24
star
7

breads

Breaking Active Directory Security with 🍞
Python
23
star
8

Discor

[abandoned] ⚑ Discor is a Node.js tool created to help people which wants to create Discord bots more fast.
JavaScript
21
star
9

pwnfaces

πŸ˜› Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)
Go
19
star
10

extensions-wordlist

πŸ” Improve your files enumeration with specific extensions!
16
star
11

dbf

[abandoned] πŸ”₯ DBF or Don't be Fired is a Visual Studio Code extension which send message boxes to remind you to avoid common mistakes
JavaScript
14
star
12

lovefetch

❀ A CLI System Information Tool
Python
11
star
13

GWI

🌐 GWI is a python tool which uses Whois API to get website public information to help with your recon!
Python
8
star
14

OAO

βš™οΈ Operating Account Operators (OAO) is a Golang tool to interact with the LDAP protocol to manage account groups, roles, ACLs/ACEs, etc...
Go
7
star
15

ILL

🐧 I Love Linux (ILL) is a C tool developed to fast search for kernel vulnerabilities and suggest to the user
C
6
star
16

Scythe

πŸ’€ Collect JS and CSS files from websites.
JavaScript
6
star
17

magenta

🍊 Python Magento Vulnerability Scanner
Python
5
star
18

Gitter

🐍 Python CLI tool to get public informations from a GitHub account
Python
4
star
19

MSI

πŸ’» CLI which gives informations about your system
Python
4
star
20

zaber

πŸ•΅οΈ Yet another CVE-2019-9670 exploit, but in Golang.
Go
4
star
21

arbimz

πŸ”₯ Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.
Python
4
star
22

xcreen

πŸ“· Screenshot a list of websites quickly
Python
3
star
23

apekar

πŸ‘Ύ Apekar is a Ruby CLI tool to analyze APK files to search for API keys, Secrets, Hosts and detect required permissions by the app.
Ruby
3
star
24

minebot

πŸ€– Charles is a minecraft bot made with mineflayer to execute simple commands
JavaScript
3
star
25

gitter-rust

Learning Rust - Project (1)
Rust
1
star
26

calc-go

πŸ“± Calculate fast with Go
Go
1
star
27

hasher

πŸ”‘ Base85+Sha384 Hasher
Python
1
star
28

zobbix

🐍 Zabbix 4.2 Auth Bypass
Python
1
star
29

oppsec.github.io-backup

A personal website :)
HTML
1
star
30

Hash4Me

πŸ”‘Easily hash your text with MD5, SHA1, SHA256 and SHA512.
PHP
1
star
31

gitter-rb

πŸ’Ž Yes a Gitter copy but it's Ruby now!
Ruby
1
star
32

aglpi

πŸ–₯️ against Gestionnaire Libre de Parc Informatique (GLPI)
Python
1
star