americanexpress / earlybird
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
☆730Updated this week
Alternatives and similar repositories for earlybird:
Users that are interested in earlybird are comparing it to the libraries listed below
- Go rules for semgrep and go-ruleguard☆468Updated 5 months ago
- Private key usage verification☆431Updated 3 weeks ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆520Updated this week
- A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in…☆510Updated 3 months ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆689Updated last year
- Semgrep queries developed by Trail of Bits.☆398Updated this week
- Fast HTTP enumerator☆479Updated this week
- Scan your code for security misconfiguration, search for passwords and secrets.☆644Updated last year
- Discover internet-wide misconfigurations while drinking coffee☆393Updated 3 years ago
- A golang utility to spider through a website searching for additional links.☆339Updated 4 years ago
- [mirror] The Go Vulnerability Database☆581Updated last week
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆296Updated this week
- Slack enumeration and exposed secrets detection tool☆374Updated 4 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆718Updated 8 months ago
- 🚀 Policy driven vetting of open source packages with malicious code analysis☆341Updated this week
- Telling tales on you for leaking secrets!☆232Updated this week
- [mirror] the database client and tools for the Go vulnerability database☆407Updated 2 weeks ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆472Updated last year
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆922Updated this week
- Certificate Transparency Log Monitor☆1,039Updated 3 months ago
- GitHub App to set and enforce security policies☆1,296Updated this week
- Tool for building Kubernetes attack paths☆848Updated last week
- Find cloud assets that no one wants exposed 🔎 ☁️☆341Updated 4 years ago
- all paths lead to clouds☆639Updated last year
- Awesome cloud enumerator☆1,003Updated last month
- A checklist of practices for organizations dealing with account takeover (ATO)☆268Updated 6 months ago
- ☆886Updated last week
- GitHub Actions Pipeline Enumeration and Attack Tool☆631Updated 2 weeks ago
- A container analysis and exploitation tool for pentesters and engineers.☆665Updated last year
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆357Updated 4 months ago