Yelp / detect-secrets
An enterprise friendly way of detecting and preventing secrets in code.
☆3,737Updated this week
Related projects: ⓘ
- Vulnerability Static Analysis for Containers☆10,265Updated this week
- Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source pa…☆6,987Updated this week
- A vulnerability scanner for container images and filesystems☆8,492Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆6,015Updated this week
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and priva…☆1,890Updated 2 months ago
- Tfsec is now part of Trivy☆6,659Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆10,392Updated this week
- Find, verify, and analyze leaked credentials☆15,668Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,715Updated 6 months ago
- OpenSSF Scorecard - Security health metrics for Open Source☆4,404Updated this week
- The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…☆9,060Updated 4 months ago
- Protect and discover secrets using Gitleaks 🔑☆17,413Updated this week
- Dockerfile linter, validate inline bash, written in Haskell☆10,277Updated last month
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆2,949Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆22,901Updated this week
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.☆3,821Updated last year
- Prevents you from committing secrets and credentials into git repositories☆12,310Updated 5 months ago
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆6,941Updated this week
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆8,901Updated 8 months ago
- Snyk CLI scans and monitors your projects for security vulnerabilities.☆4,895Updated this week
- Multi-Cloud Security Auditing Tool☆6,599Updated 2 weeks ago
- Reconnaissance tool for GitHub organizations☆5,895Updated 2 years ago
- A service that analyzes docker images and scans for vulnerabilities☆1,580Updated last year
- Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.☆6,841Updated this week
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.☆5,964Updated 2 months ago
- Cloud Native Runtime Security☆7,252Updated this week
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆2,749Updated last month
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆6,308Updated this week
- Cloud Security Posture Management (CSPM)☆3,306Updated this week
- A pretty sweet vulnerability scanner☆4,052Updated 6 months ago