Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host strings, API keys, .env and config files and more
☆31Jun 7, 2023Updated 2 years ago
Alternatives and similar repositories for actions-secrets
Users that are interested in actions-secrets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging a…☆14Apr 9, 2022Updated 4 years ago
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆27Jun 7, 2023Updated 2 years ago
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Jun 7, 2023Updated 2 years ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆16Aug 8, 2025Updated 9 months ago
- A simple nodejs microservice which works as an authentication reverse-proxy for other services.☆12Feb 2, 2016Updated 10 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Bridge Javascript and Crystal via the JavaScriptCore engine. Goals are ease of bridging and feature parody, while maintaining the feel of…☆17Jan 28, 2017Updated 9 years ago
- A powerful containerized tool that automatically downloads, extracts, and scans packages from PyPI and npm for embedded secrets, API keys…☆20Jul 25, 2025Updated 9 months ago
- ☆12Mar 9, 2026Updated 2 months ago
- Simple webinterface combining different recon tools.☆12Mar 2, 2018Updated 8 years ago
- Monitor your code for exposed API keys, tokens, credentials, and high-risk security IaC misconfigurations☆19Sep 12, 2023Updated 2 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- Web Application Firewall Test Script☆14Feb 28, 2023Updated 3 years ago
- ☆12Jun 28, 2017Updated 8 years ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Nov 13, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- asyncio-based Python 3.5+ client to `obs-websocket` plugin for OBS Studio☆34Jul 26, 2018Updated 7 years ago
- Check for know iframeBuster XSS☆12Sep 25, 2024Updated last year
- Scan repository for secrets with basic defaults in place for easy setup.☆26Nov 6, 2024Updated last year
- BurpSuite dockerized☆11Mar 2, 2018Updated 8 years ago
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆20Aug 29, 2023Updated 2 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- Invanti VPN Vulnerabilities for Jan - Feb 2024 - Links to Keep it all Organized☆16Feb 15, 2024Updated 2 years ago
- Tracking DJI No Fly Zones☆12Jul 16, 2024Updated last year
- GitHub action to generate a CycloneDX SBOM for Node.js☆22Jul 11, 2025Updated 10 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- ☆13Dec 30, 2024Updated last year
- All Security Engineering Resources☆15Feb 2, 2018Updated 8 years ago
- Scripts for OSCE☆18Dec 28, 2018Updated 7 years ago
- Automatically extracts API Keys from APK files☆14Feb 1, 2022Updated 4 years ago
- Communicate with an STB portal☆10Feb 6, 2016Updated 10 years ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Aug 16, 2024Updated last year
- ☆12Jul 1, 2018Updated 7 years ago
- Write-ups for various CTF challenges solved by the team☆16Oct 6, 2017Updated 8 years ago
- A security-first linter for code that shouldn't need linting☆19Sep 12, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A multi-target URL bruteforcer☆22Aug 6, 2018Updated 7 years ago
- Python's handling of NaN is....interesting?broken?...this project illustrates the issue☆13Dec 28, 2021Updated 4 years ago
- Public repo of Nuclei scanner templates.☆21May 22, 2023Updated 2 years ago
- Build locally, deploy to any cloud, Automate all configurations...☆17Mar 25, 2020Updated 6 years ago
- The fastest (and least featureful) DNS bruteforcer in the South☆27Dec 31, 2019Updated 6 years ago
- ☆52Oct 30, 2020Updated 5 years ago
- FirePrint is a security tool for finding misconfigured Firebase realtime databases in Android or iOS applications.☆22Apr 4, 2024Updated 2 years ago