GitGuardian / ggshieldLinks
Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.
☆1,829Updated last week
Alternatives and similar repositories for ggshield
Users that are interested in ggshield are comparing it to the libraries listed below
Sorting:
- GitGuardian Shield GitHub Action - Find exposed credentials in your commits☆339Updated last week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆816Updated 5 months ago
- Python API client library for the GitGuardian API☆83Updated last week
- GitGuardian Canary Tokens☆137Updated 2 months ago
- OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …☆1,161Updated this week
- Stop leaks. Safeguard your secrets with GitGuardian. GitGuardian actively prevents accidental exposure of sensitive information in your c…☆29Updated last week
- Protect your secrets using Gitleaks-Action☆441Updated last month
- An open source threat modeling tool from OWASP☆1,180Updated this week
- Open Source Package Analysis☆841Updated 4 months ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆757Updated 8 months ago
- Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…☆774Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆851Updated 2 years ago
- secureCodeBox (SCB) - continuous secure delivery out of the box☆908Updated this week
- GitHub App to set and enforce security policies☆1,356Updated last week
- Open source vulnerability DB and triage service.☆1,973Updated this week
- CI/CD Security Analyzer☆669Updated 6 months ago
- Supply-chain Levels for Software Artifacts☆1,713Updated last week
- An enterprise friendly way of detecting and preventing secrets in code.☆4,218Updated 5 months ago
- Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, an…☆869Updated last week
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆578Updated 5 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,458Updated last week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,402Updated last week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆974Updated this week
- A security layer for Git repositories☆539Updated last week
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆410Updated 9 months ago
- Tool for building Kubernetes attack paths☆905Updated last month
- Keyless Git signing using Sigstore☆1,015Updated last week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,040Updated this week
- Agile Threat Modeling Toolkit☆691Updated last month
- SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It suppor…☆172Updated this week