cariddi
« Back to VersTracker
Description:
Scan for endpoints, secrets, API keys, file extensions, tokens and more
Type: Formula  |  Latest Version: 1.4.4@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security scanner reconnaissance pentesting web
Install: brew install cariddi
About:
Cariddi is a fast web scanner designed to crawl endpoints and extract secrets, API keys, tokens, and other sensitive data from target websites. It efficiently parses HTML and JavaScript files to identify potential security vulnerabilities and information leaks. This tool is essential for security professionals conducting reconnaissance and penetration testing engagements.
Key Features:
  • Scans websites for secrets, API keys, and tokens
  • Crawls domains to discover endpoints and file extensions
  • Parses HTML and JavaScript files efficiently
  • Provides customizable scanning with flags
Use Cases:
  • Penetration testing and red teaming reconnaissance
  • Automated security auditing of web applications
  • Incident response to identify data leaks
Alternatives:
  • gau – Gau fetches known URLs from AlienVault, whereas Cariddi actively crawls the target site to find new endpoints.
  • waybackurls – Waybackurls relies on historical internet archive data, while Cariddi performs live scanning of the current target state.
License: GPL-3.0-or-later
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, sonoma, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Oct 10, 2025 3:00am 0 VERSION_BUMP c11b9787
Sep 12, 2025 5:28pm 0 VERSION_BUMP 247acd59
Sep 12, 2025 1:32pm 0 VERSION_BUMP 4a73e447
« Back to VersTracker  |  Browse Packages  |  About