americanexpress / earlybird
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
☆720Updated this week
Alternatives and similar repositories for earlybird:
Users that are interested in earlybird are comparing it to the libraries listed below
- Private key usage verification☆421Updated last month
- A simple HTTP proxy that fogs over naughty URLs☆1,143Updated 2 months ago
- A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in…☆465Updated 3 weeks ago
- Telling tales on you for leaking secrets!☆228Updated this week
- Semgrep queries developed by Trail of Bits.☆377Updated 3 weeks ago
- Identify hardcoded secrets in static structured text☆479Updated last year
- A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index☆573Updated 2 months ago
- Tool to achieve policy driven vetting of open source dependencies☆250Updated this week
- Slack enumeration and exposed secrets detection tool☆370Updated last month
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆682Updated last year
- Fast HTTP enumerator☆463Updated last month
- Open Source Package Analysis☆809Updated 2 weeks ago
- Go rules for semgrep and go-ruleguard☆464Updated 2 months ago
- Get (security) info about IP addresses☆233Updated last month
- Learning Shodan through katas☆462Updated 4 years ago
- A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD)☆459Updated last year
- An open source intelligence tool to crawl the graph of certificate Alternate Names☆345Updated 11 months ago
- FestIn - Open S3 Bucket Scanner☆230Updated 4 years ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆518Updated 7 months ago
- Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.☆1,244Updated 3 weeks ago
- Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.☆1,078Updated last year
- An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code …☆397Updated last week
- all paths lead to clouds☆635Updated last year
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆538Updated last week
- ☆851Updated this week
- Utility program to perform multiple operations for a given subnet/CIDR ranges.☆1,016Updated this week
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆707Updated 5 months ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆291Updated this week
- Searches through git repositories for high entropy strings and secrets, digging deep into commit history☆496Updated last month
- Domain name permutation engine written in Go☆259Updated last year