rapKeytor

rapKeytor is a fast and lightweight API key hunter. It scans JavaScript files and other plaintext sources for API keys in multiple formats — including hardcoded variables, object properties, headers, and embedded URLs. Beyond typical keys, it also detects:

Basic authorization tokens
Bearer tokens
JWTs (JSON Web Tokens)

Use it to automate the discovery of sensitive tokens that may have been exposed through client-side code or misconfigured applications.

🦖 Track. Hunt. Leak. With rapKeytor.

Installation

▶ git clone https://github.com/foorw1nner/rapkeytor.git
▶ cd rapkeytor
▶ chmod +x rapKeytor.sh

Usage

[buffers] | ./rapKeytor.sh -start [flags]

Example

cat js.txt | ./hiddenrecon.sh -start -nocolor

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
README.md		README.md
rapKeytor.sh		rapKeytor.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

rapKeytor

About

Uh oh!

Releases

Packages

Languages

foorw1nner/rapkeytor

Folders and files

Latest commit

History

Repository files navigation

rapKeytor

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages