GitGuardian / ggshield
Detect and validate 400+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.
☆1,757Updated this week
Alternatives and similar repositories for ggshield
Users that are interested in ggshield are comparing it to the libraries listed below
Sorting:
- Python API client library for the GitGuardian API☆79Updated last week
- GitGuardian Shield GitHub Action - Find exposed credentials in your commits☆338Updated 2 weeks ago
- Stop leaks. Safeguard your secrets with GitGuardian. GitGuardian actively prevents accidental exposure of sensitive information in your c…☆28Updated last week
- GitGuardian Canary Tokens☆134Updated last year
- Extract git related information (file shas, commit shas) from your hosted source version control system☆22Updated last year
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆840Updated last year
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆740Updated this week
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆399Updated 6 months ago
- A tool for securing CI/CD workflows with version pinning.☆828Updated last week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆309Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,287Updated this week
- 🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!☆2,184Updated last week
- Chalk allows you to follow code from development, through builds and into production.☆374Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆906Updated this week
- Common go library shared across sigstore services and clients☆485Updated this week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆803Updated last month
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆358Updated 5 months ago
- OpenSSF Scorecard - Security health metrics for Open Source☆4,892Updated this week
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆747Updated 5 months ago
- Searches through git repositories for high entropy strings and secrets, digging deep into commit history☆503Updated 2 months ago
- Open Source Package Analysis☆833Updated last month
- A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.☆1,567Updated 2 years ago
- Keyless Git signing using Sigstore☆996Updated last week
- Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact pro…☆472Updated this week
- GitHub App to set and enforce security policies☆1,320Updated this week
- in-toto is a framework to protect supply chain integrity.☆923Updated this week
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆694Updated this week
- Gives criticality score for an open source project☆1,371Updated last month
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,928Updated last week
- Validate the isolation posture of your container environment.☆277Updated this week