Some nmap NSE scripts for testing web applications for sensitive credentials and API keys that can sometimes be inadvertently exposed through environment variables or other mis-configurations. - View it on GitHub