americanexpress / earlybird
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
☆728Updated 2 weeks ago
Alternatives and similar repositories for earlybird:
Users that are interested in earlybird are comparing it to the libraries listed below
- Private key usage verification☆432Updated 3 months ago
- Slack enumeration and exposed secrets detection tool☆373Updated 3 months ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆688Updated last year
- Go rules for semgrep and go-ruleguard☆467Updated 4 months ago
- Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pag…☆520Updated 3 weeks ago
- An open source intelligence tool to crawl the graph of certificate Alternate Names☆347Updated last year
- A suite of secret scanners built in Rust for performance. Based on TruffleHog (https://github.com/dxa4481/truffleHog) which is written in…☆505Updated 2 months ago
- A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD)☆460Updated last year
- Uncover forgotten secrets and bring them back to life, haunting security and operations teams.☆207Updated last year
- A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositorie…☆352Updated 3 months ago
- Yar is a tool for plunderin' organizations, users and/or repositories.☆237Updated 4 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆837Updated last year
- Certificate Transparency Log Monitor☆1,032Updated 2 months ago
- GitHub App to set and enforce security policies☆1,293Updated this week
- Awesome secure by default libraries to help you eliminate bug classes!☆687Updated 3 weeks ago
- We would like to request that all contributors please clone a *fresh copy* of this repository since the September 21st maintenance.☆26Updated last year
- all paths lead to clouds☆638Updated last year
- A container analysis and exploitation tool for pentesters and engineers.☆664Updated last year
- Scans Software Bill of Materials (SBOMs) for security vulnerabilities☆557Updated last week
- Finding exposed secrets and personal data in GitLab☆197Updated 4 months ago
- Semgrep queries developed by Trail of Bits.☆392Updated this week
- A checklist of practices for organizations dealing with account takeover (ATO)☆265Updated 5 months ago
- Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration☆293Updated this week
- Scan your code for security misconfiguration, search for passwords and secrets.☆645Updated last year
- Cloudlist is a tool for listing Assets from multiple Cloud Providers.☆919Updated this week
- Gram is Klarna's own threat model diagramming tool☆319Updated 2 weeks ago
- Security policies for Tailscale☆285Updated 2 months ago
- Fast HTTP enumerator☆478Updated last week
- 🚀 Policy driven vetting of open source packages with malicious code analysis☆309Updated this week
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆717Updated 7 months ago