🕵️ Pinkerton

Investigating JavaScripts files since 1850

️🕵️ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets

⚡ Installing / Getting started

A quick guide of how to install and use Pinkerton.

1. Clone the repository with: git clone https://github.com/oppsec/pinkerton.git
2. Install the libraries with: pip3 install -r requirements.txt
3. Run Pinkerton with: python3 main.py -u https://example.com

🐳 Docker

If you want to use pinkerton in a Docker container, follow this commands:

1. Clone the repository - git clone https://github.com/oppsec/pinkerton.git
2. Build the image - sudo docker build -t pinkerton:latest .
3. Run container - sudo docker run pinkerton:latest

⚙️ Pre-requisites

• Python 3 installed on your machine.
• Install the libraries with pip3 install -r requirements.txt

🎥 Demo

✨ Features

• Works with ProxyChains
• Fast scan
• Low RAM and CPU usage
• Open-Source
• Python ❤️

📚 To-Do

• [x] Add more secrets regex pattern
• [ ] Improve JavaScript file extract function
• [ ] Improve pattern match system
• [ ] Add pass list file method

🔨 Contributing

A quick guide of how to contribute with the project.

1. Create a fork from Pinkerton repository
2. Clone the repository with git clone https://github.com/your/pinkerton.git
3. Type cd pinkerton/
4. Create a branch and make your changes
5. Commit and make a git push
6. Open a pull request

🙏 Credits

• m4ll0k (SecretFinder creator) for the regex patterns
• h33lit (Jubaer Alnazi) for the regex patterns
• zricethezav (GitLeaks creator) for the regex patterns

⚠️ Warning

• The developer is not responsible for any malicious use of this tool.