Intentionally vulnerable Android application.
SonarQube plugin for identifying hardcoded secrets, such as passwords, API keys, AWS credentials, etc..
pSlip is an Android static analysis tool kit designed to find potentially vulnerable escalation paths by analyzing exported components, intent filters, provider permissions and cryptographic misuse.
ASIST tool
Apk scanner which scans for secrets keys like stripe, paypal etc in apk file or extarcted folder.
Security audit & vulnerability analysis of a retail interactive kiosk system. Educational case study — CWE-798, CWE-312, CWE-200, CWE-78, CWE-276.
CVE-2026-46376 - FreePBX Unauthenticated UCP Access via Hard-Coded Credentials
CVE-2025-10681: Hardcoded Azure Blob Storage Account Key — Gardyn Home Kit (ICSA-26-055-03)
CVE-2025-1242: Hardcoded iothubowner Connection String — Gardyn Home Kit (ICSA-26-055-03)
This tool is designed to find hardcoded secrets in Source code,Logs or ur local files. Lightweight,Multithreaded tool to find Secrets,sensitive data in youre day to day life
Ipa scanner which scans for secrets keys like stripe, paypal etc in ipa file or extarcted folder.
Add a description, image, and links to the hardcoded-credentials topic page so that developers can more easily learn about it.
To associate your repository with the hardcoded-credentials topic, visit your repo's landing page and select "manage topics."