Burp Suite extension to discover a apikey/tokens from HTTP response.
Install
- download
SecretFinder
wget https://raw.githubusercontent.com/m4ll0k/BurpSuite-Secret_Finder/master/SecretFinder.py
or
git clone https://github.com/m4ll0k/BurpSuite-Secret_Finder.git
- now open
Burp > Extender > Extensions > Add > set python and select file (SecretFinder.py)
Requirements
- jython
- burpsuite