Skip to content
/ MonaLeak Public

API discovery and sensitive data scanner using SwaggerHub, Postman, Google Dorks, and GitHub sources.

6 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

KaanBicaklar/MonaLeak

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
monaleak.py
monaleak.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

MonaLeak 🔍

API Discovery and Sensitive Data Scanner Tool

MonaLeak is a powerful OSINT tool that discovers APIs from various sources and detects sensitive data (API keys, tokens, passwords, etc.).

📦 Installation

pip install -r requirements.txt

🚀 Usage

███╗   ███╗ ██████╗ ███╗   ██╗ █████╗ ██╗     ███████╗ █████╗ ██╗  ██╗
████╗ ████║██╔═══██╗████╗  ██║██╔══██╗██║     ██╔════╝██╔══██╗██║ ██╔╝
██╔████╔██║██║   ██║██╔██╗ ██║███████║██║     █████╗  ███████║█████╔╝ 
██║╚██╔╝██║██║   ██║██║╚██╗██║██╔══██║██║     ██╔══╝  ██╔══██║██╔═██╗ 
██║ ╚═╝ ██║╚██████╔╝██║ ╚████║██║  ██║███████╗███████╗██║  ██║██║  ██╗
╚═╝     ╚═╝ ╚═════╝ ╚═╝  ╚═══╝╚═╝  ╚═╝╚══════╝╚══════╝╚═╝  ╚═╝╚═╝  ╚═╝




Usage: python3 monaleak.py <parameter> <search_term>
Parameters:
  -s : Search only SwaggerHub                                                                                                                                                                                                                                               
  -p : Search only Postman                                                                                                                                                                                                                                                  
  -g : Perform Dork search                                                                                                                                                                                                                                                  
  -gh : Perform GitHub search                                                                                                                                                                                                                                               
  -a : Search all                                                                                                                                                                                                                                                           
  -e/-explore : Find all secret in URLS

⚙️ Configuration

GitHub Token (Optional)

To use the GitHub search feature, set the GITHUB_TOKEN variable:

⚠️ Legal Disclaimer

This tool should only be used for legal and ethical purposes:

  • Security testing of your own systems
  • Authorized testing within bug bounty programs
  • Security research

About

API discovery and sensitive data scanner using SwaggerHub, Postman, Google Dorks, and GitHub sources.

Topics

leaky-bucket postman github-gist leak google-dorks leak-detection swaggerhub github-secrets google-dorking google-dork google-dorking-tool google-dorking-automation

Resources

Readme
Activity

Stars

6 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages