americanexpress / earlybirdLinks
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
☆752Updated last week
Alternatives and similar repositories for earlybird
Users that are interested in earlybird are comparing it to the libraries listed below
Sorting:
- A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in…☆540Updated 6 months ago
- Private key usage verification☆432Updated 9 months ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆712Updated 2 years ago
- Fast HTTP enumerator☆493Updated 9 months ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆530Updated 9 months ago
- Uncover forgotten secrets and bring them back to life, haunting security and operations teams.☆209Updated 2 years ago
- Telling tales on you for leaking secrets!☆232Updated last week
- all paths lead to clouds☆638Updated 2 years ago
- Go rules for semgrep and go-ruleguard☆480Updated last year
- Slack enumeration and exposed secrets detection tool☆396Updated 2 weeks ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆150Updated 5 years ago
- An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code …☆406Updated last year
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆827Updated 9 months ago
- An open source intelligence tool to crawl the graph of certificate Alternate Names☆365Updated 5 months ago
- A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.☆111Updated 7 months ago
- Yar is a tool for plunderin' organizations, users and/or repositories.☆239Updated 5 years ago
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆993Updated 3 weeks ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆304Updated this week
- A CLI-based HTTP intercept and replay proxy☆266Updated 4 months ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆350Updated 5 years ago
- A container analysis and exploitation tool for pentesters and engineers.☆674Updated 2 years ago
- Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.☆1,316Updated 5 months ago
- GitHub Actions Pipeline Enumeration and Attack Tool☆722Updated 4 months ago
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆767Updated last year
- A checklist of practices for organizations dealing with account takeover (ATO)☆276Updated last year
- Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace☆773Updated 11 months ago
- Scan your code for security misconfiguration, search for passwords and secrets.☆653Updated 2 years ago
- Get (security) info about IP addresses☆242Updated 2 months ago
- A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index☆605Updated 4 months ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆862Updated 2 years ago