secrets-detection

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓

Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.

Detect and validate 400+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

Entropy is a CLI tool that will scan your codebase for high entropy lines, which are often secrets.

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

Identify hardcoded secrets in static structured text

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Secret and/or credential patterns used for gf.

Benchmarking repo for secrets scanning

SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!

The missing middleware for your configuration and secrets.

Monitors Github for leaked secrets

VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

Identify hardcoded secrets in static structured text (version 2)

Scans every git push to your Github organisations to find unwanted secrets.

Python API client library for the GitGuardian API

Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.