Yelp / detect-secrets
An enterprise friendly way of detecting and preventing secrets in code.
β3,887Updated last week
Alternatives and similar repositories for detect-secrets:
Users that are interested in detect-secrets are comparing it to the libraries listed below
- Find secrets with Gitleaks πβ18,600Updated this week
- Tfsec is now part of Trivyβ6,746Updated this week
- Find, verify, and analyze leaked credentialsβ17,798Updated this week
- Prevents you from committing secrets and credentials into git repositoriesβ12,559Updated 9 months ago
- Vulnerability Static Analysis for Containersβ10,452Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and moreβ24,373Updated this week
- OpenSSF Scorecard - Security health metrics for Open Sourceβ4,727Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructβ¦β2,140Updated this week
- Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.β3,857Updated last year
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powereβ¦β3,113Updated this week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystemsβ6,491Updated this week
- Dockerfile linter, validate inline bash, written in Haskellβ10,602Updated last month
- Hunt for security weaknesses in Kubernetes clustersβ4,781Updated 9 months ago
- Code signing and transparency for containers and binariesβ4,647Updated this week
- A vulnerability scanner for container images and filesystemsβ9,243Updated this week
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to startβ2,821Updated last week
- InSpec: Auditing and Testing Frameworkβ2,874Updated this week
- CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keysβ1,156Updated last year
- Terraform Pull Request Automationβ7,961Updated this week
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.β6,044Updated 6 months ago
- Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.β7,559Updated this week
- A service that analyzes docker images and scans for vulnerabilitiesβ1,587Updated last year
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmarkβ7,186Updated this week
- Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious β such as tokens, passwords, and privaβ¦β1,936Updated last month
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependenβ¦β6,638Updated this week
- πCNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!β2,123Updated this week
- Scalable fuzzing infrastructure.β5,333Updated this week
- container-diff: Diff your Docker containersβ3,766Updated 9 months ago
- Simple and flexible tool for managing secretsβ17,524Updated this week