mirror of
https://github.com/momenbasel/keyFinder.git
synced 2026-04-23 13:06:14 +02:00
moamen
b73c2185b0
- Migrated to Chrome Manifest V3 with service worker architecture - 80+ secret detection patterns covering AWS, GCP, Azure, GitHub, GitLab, Stripe, Slack, Discord, OpenAI, and 30+ other providers - 10 scanning surfaces: inline scripts, external scripts, meta tags, hidden inputs, data attributes, HTML comments, URL params, web storage, cookies, and network response interception - Shannon entropy analysis for detecting undocumented secret formats - MAIN world interceptor for XHR/fetch response scanning and window globals - Professional dark-theme UI with filtering, search, and CSV/JSON export - Zero dependencies - removed jQuery, Bootstrap, font-awesome, popper - Proper XSS-safe DOM rendering throughout - Badge counter on extension icon showing finding count - All frames scanning including iframes
39 lines
950 B
JSON
39 lines
950 B
JSON
{
|
|
"name": "KeyFinder",
|
|
"description": "Passively discovers API keys, tokens, and secrets leaked in page scripts, DOM, network responses, and browser storage.",
|
|
"version": "2.0.0",
|
|
"manifest_version": 3,
|
|
"action": {
|
|
"default_icon": {
|
|
"16": "icons/icon16.png",
|
|
"48": "icons/icon48.png",
|
|
"128": "icons/icon128.png"
|
|
},
|
|
"default_popup": "popup.html"
|
|
},
|
|
"icons": {
|
|
"16": "icons/icon16.png",
|
|
"48": "icons/icon48.png",
|
|
"128": "icons/icon128.png"
|
|
},
|
|
"content_scripts": [
|
|
{
|
|
"matches": ["<all_urls>"],
|
|
"js": ["js/patterns.js", "js/content.js"],
|
|
"run_at": "document_idle",
|
|
"all_frames": true
|
|
},
|
|
{
|
|
"matches": ["<all_urls>"],
|
|
"js": ["js/interceptor.js"],
|
|
"run_at": "document_start",
|
|
"world": "MAIN",
|
|
"all_frames": true
|
|
}
|
|
],
|
|
"background": {
|
|
"service_worker": "js/background.js"
|
|
},
|
|
"permissions": ["activeTab", "storage"]
|
|
}
|