keyhound

README

🐕 KeyHound

KeyHound is an advanced JavaScript secrets hunting tool that sniffs out sensitive information from JavaScript files across web applications. Like a trained hunting dog, it tracks down secrets through web archives and crawling results, specializing in detecting API keys, credentials, and other sensitive data.

🌟 Features

• 🐾 Persistent tracking through waybackurls and katana
• 👃 Advanced pattern sniffing for sensitive data
• 🦮 Automatic path finding and tool installation
• 🎯 High-precision concurrent scanning
• 🦴 Discovered secrets including:
  • API Keys & Tokens
  • AWS Keys
  • Private Keys
  • Database Connection Strings
  • Internal Endpoints
  • JWT Tokens
  • Credentials
  • And more...

🛠️ Installation

1. Ensure Go 1.20 or later is installed:

go version

1. Fetch KeyHound:

git clone https://github.com/elit3pwner/KeyHound.git
cd KeyHound

1. Install dependencies:

go mod init keyhound
go mod tidy

1. Train your hound:

go build -o keyhound

📋 Prerequisites

KeyHound will automatically fetch these tools, but you can manually install them:

• waybackurls: go install github.com/tomnomnom/waybackurls@latest
• katana: go install github.com/projectdiscovery/katana/cmd/katana@latest

🏃 Running the Hunt

1. Release the hound:

./keyhound

1. Choose your hunting mode:

   • Use pre-collected trails (existing waybackurls and katana files)
   • Start a fresh hunt on a new domain

2. For a fresh hunt:

   • Specify the target domain
   • Set the number of concurrent hunting threads

3. KeyHound will:

   • Track URLs using waybackurls and katana
   • Sniff out JavaScript files
   • Hunt for sensitive information
   • Store its findings in the output directory

📂 The Hunt Results

KeyHound organizes its findings in the output directory:

• waybackurls_domain.txt: The tracked URL paths
• katana_domain.txt: Additional discovered trails
• jsfiles_domain.txt: Located JavaScript files
• sensitive_findings.txt: The valuable discoveries

📸 KeyHound in Action

🎯 Sample Discoveries

URL: https://example.com/assets/main.js
Pattern: api[_-]?key
Match: api_key: "abcd1234xyz"
---
URL: https://example.com/js/config.js
Pattern: mongodb(\+srv)?:\/\/[^\s<>"']+
Match: mongodb://admin:password@localhost:27017/db

⚠️ Disclaimer

KeyHound is designed for security research and educational purposes only. Always obtain proper authorization before unleashing KeyHound on any domains. The authors are not responsible for any misuse or damage caused by this tool.

🤝 Contributing

Got ideas to make KeyHound a better hunter? Contributions are welcome! Feel free to submit a Pull Request.

📝 License

KeyHound is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• tomnomnom for waybackurls
• projectdiscovery for katana

---

Created with ❤️ by elit3pwner