Yelp / detect-secretsLinks
An enterprise friendly way of detecting and preventing secrets in code.
☆4,162Updated 4 months ago
Alternatives and similar repositories for detect-secrets
Users that are interested in detect-secrets are comparing it to the libraries listed below
Sorting:
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆2,012Updated last month
- Tfsec is now part of Trivy☆6,853Updated last month
- Find secrets with Gitleaks 🔑☆21,462Updated last week
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆2,963Updated 6 months ago
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,902Updated 4 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,407Updated this week
- A vulnerability scanner for container images and filesystems☆10,251Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,326Updated this week
- Vulnerability Static Analysis for Containers☆10,719Updated this week
- Bandit is a tool designed to find common security issues in Python code.☆7,158Updated last week
- Prevents you from committing secrets and credentials into git repositories☆12,872Updated last year
- Multi-Cloud Security Auditing Tool☆7,234Updated this week
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆3,472Updated last week
- Find, verify, and analyze leaked credentials☆19,894Updated this week
- Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…☆5,732Updated this week
- Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.☆1,862Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,901Updated last year
- A service that analyzes docker images and scans for vulnerabilities☆1,586Updated 2 years ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,982Updated this week
- Reconnaissance tool for GitHub organizations☆6,042Updated 2 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆846Updated last year
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆27,534Updated this week
- Code signing and transparency for containers and binaries☆5,058Updated this week
- Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.☆1,992Updated 2 weeks ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆12,061Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆4,991Updated this week
- InSpec: Auditing and Testing Framework☆2,976Updated this week
- Docker containers vulnerability scan☆858Updated 5 months ago
- GitHub App to set and enforce security policies☆1,342Updated 2 weeks ago
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,576Updated this week