️️ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets
Installing / Getting started
A quick guide of how to install and use Pinkerton.
1. Clone the repository with: git clone https://github.com/oppsec/pinkerton.git
2. Install the libraries with: pip3 install -r requirements.txt
3. Run Pinkerton with: python3 main.py -u https://example.com
Docker
If you want to use pinkerton in a Docker container, follow this commands:
1. Clone the repository - git clone https://github.com/oppsec/pinkerton.git
2. Build the image - sudo docker build -t pinkerton:latest .
3. Run container - sudo docker run pinkerton:latest
Pre-requisites
- Python 3 installed on your machine.
- Install the libraries with
pip3 install -r requirements.txt
Features
- Works with ProxyChains
- Fast scan
- Low RAM and CPU usage
- Open-Source
- Python ❤️
To-Do
- Add more secrets regex pattern
- Improve JavaScript file extract function
- Improve pattern match system
- Add pass list file method
Contributing
A quick guide of how to contribute with the project.
1. Create a fork from Pinkerton repository
2. Clone the repository with git clone https://github.com/your/pinkerton.git
3. Type cd pinkerton/
4. Create a branch and make your changes
5. Commit and make a git push
6. Open a pull request
Credits
- m4ll0k (SecretFinder creator) for the regex patterns
- h33lit (Jubaer Alnazi) for the regex patterns
- zricethezav (GitLeaks creator) for the regex patterns
Warning
- The developer is not responsible for any malicious use of this tool.