secrets.ninja is a tool for validating API keys and credentials discovered during pentesting.
It proivdes a unified interface for testing these keys across services
- Multiple Service Support: Secrets Ninja supports a wide range of services, each with a dedicated module for validating API keys.
- Extensible Design: The project is designed to be easily extensible, allowing for the addition of new modules for other services.
- User-Friendly Interface: A simple and intuitive interface for inputting API keys and making requests.
- Clear Feedback: Provides clear feedback on the validity of the keys and any information retrieved from the API calls.
To get started with Secrets Ninja, install the dependencies and run the development server.
- Install dependencies using below command
$ npm install
$ npm run devAccess the development server at http://localhost:5173/
Contributions are welcome, particularly new modules for validating API keys on additional services. Please note that due to CORS restrictions, some APIs may not be accessible from the browser. In such cases, the project provides workarounds and clear instructions on how to proceed.
Interested in contributing to the project? Here's how you can get started.
This tool is intended for ethical use only. It is the user's responsibility to comply with all applicable laws and terms of service when using this tool.
Secrets Ninja is licensed under the MIT License. See the LICENSE file for more details.