Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host strings, API keys, .env and config files and more
☆31Jun 7, 2023Updated 2 years ago
Alternatives and similar repositories for actions-secrets
Users that are interested in actions-secrets are comparing it to the libraries listed below
Sorting:
- A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition …☆22Apr 9, 2022Updated 3 years ago
- A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging a…☆14Apr 9, 2022Updated 3 years ago
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆27Jun 7, 2023Updated 2 years ago
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Aug 26, 2022Updated 3 years ago
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Jun 7, 2023Updated 2 years ago
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆25Jun 7, 2023Updated 2 years ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆15Aug 8, 2025Updated 7 months ago
- 🤖👨🏽💻 Barad's GitHub profile☆10Jan 12, 2024Updated 2 years ago
- A simple nodejs microservice which works as an authentication reverse-proxy for other services.☆12Feb 2, 2016Updated 10 years ago
- Bridge Javascript and Crystal via the JavaScriptCore engine. Goals are ease of bridging and feature parody, while maintaining the feel of…☆17Jan 28, 2017Updated 9 years ago
- ☆23Feb 20, 2023Updated 3 years ago
- A powerful containerized tool that automatically downloads, extracts, and scans packages from PyPI and npm for embedded secrets, API keys…☆19Jul 25, 2025Updated 7 months ago
- Simple webinterface combining different recon tools.☆12Mar 2, 2018Updated 8 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- ☆12Jun 28, 2017Updated 8 years ago
- Vulnerable LLM Application☆14Jan 1, 2024Updated 2 years ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Nov 13, 2024Updated last year
- CVE-2020-25223☆11Sep 13, 2021Updated 4 years ago
- asyncio-based Python 3.5+ client to `obs-websocket` plugin for OBS Studio☆35Jul 26, 2018Updated 7 years ago
- Check for know iframeBuster XSS☆12Sep 25, 2024Updated last year
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆20Aug 29, 2023Updated 2 years ago
- Kentico <=12.0.14 is vulnerable to a remote code execution via the SyncServer☆10Sep 28, 2020Updated 5 years ago
- Tracking DJI No Fly Zones☆12Jul 16, 2024Updated last year
- ☆13Dec 30, 2024Updated last year
- CTF website frontend for SecGen☆21Aug 11, 2017Updated 8 years ago
- An exploit for CVE-2018-5955 GitStack 2.3.10 Unauthenticated RCE☆10Nov 15, 2024Updated last year
- The state of the art, modular, portable and easily extensible MITM framework in a Docker Container.☆14Dec 30, 2017Updated 8 years ago
- All Security Engineering Resources☆15Feb 2, 2018Updated 8 years ago
- Scripts to control an "OSCP-like" lab environment.☆23Aug 14, 2017Updated 8 years ago
- Automatically extracts API Keys from APK files☆13Feb 1, 2022Updated 4 years ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Aug 16, 2024Updated last year
- BMW CarData MQTT client and bridge – Connects the BMW ConnectedDrive data stream to a local Mosquitto MQTT broker.☆44Oct 19, 2025Updated 5 months ago
- ☆12Jul 1, 2018Updated 7 years ago
- Write-ups for various CTF challenges solved by the team☆16Oct 6, 2017Updated 8 years ago
- A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard a…☆32Oct 20, 2024Updated last year
- Discord HTTP requests interception POC, including backup codes requests, for educational purposes only.☆25Jul 11, 2024Updated last year
- Password Guessing for different Web Portals☆29Nov 14, 2018Updated 7 years ago
- A multi-target URL bruteforcer☆22Aug 6, 2018Updated 7 years ago
- A security-first linter for code that shouldn't need linting☆18Sep 12, 2023Updated 2 years ago