#Credentials

Showing 49 of 49 repositories tagged #credentials, ranked by stars

trufflesecurity
trufflesecurity
trufflehog

Find, verify, and analyze leaked credentials

Score
100
โ˜… 27.0k โ‘‚ 2.5k +5/day
Go
99designs
99designs
aws-vault

A vault for securely storing and accessing AWS credentials in development environments

Score
75
โ˜… 9.0k โ‘‚ 833 โ€”
Go
passbolt
passbolt
passbolt_api

Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!

Score
100
โ˜… 6.0k โ‘‚ 389 +8/day
PHP
build-trust
build-trust
ockam

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications โ€“ at massive scale.

Score
100
โ˜… 4.6k โ‘‚ 556 โ€”
Rust
praetorian-inc
praetorian-inc
noseyparker

Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.

Score
50
โ˜… 2.3k โ‘‚ 132 โ€”
Rust
D4Vinci
D4Vinci
Cr3dOv3r

Know the dangers of credential reuse attacks.

Score
87
โ˜… 2.1k โ‘‚ 411 โ€”
Python
GitGuardian
GitGuardian
ggshield

Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.

Score
96
โ˜… 2.0k โ‘‚ 206 +1/day
Python
tillson
tillson
git-hound

Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.

Score
83
โ˜… 1.4k โ‘‚ 204 +1/day
Go
betterleaks
betterleaks
betterleaks

Scan the world (for secrets)

Score
50
โ˜… 1.4k โ‘‚ 102 +2/day
Go
sorah
sorah
envchain

Environment variables meet macOS Keychain and gnome-keyring <3

Score
61
โ˜… 1.3k โ‘‚ 41 +1/day
C
mongodb
mongodb
kingfisher

Detect leaked secrets + live validation. Map blast radius across your stack. Revoke fast. 950+ rules.

Score
91
โ˜… 1.2k โ‘‚ 108 +1/day
Rust
qeeqbox
qeeqbox
honeypots

30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)

Score
100
โ˜… 973 โ‘‚ 140 โ€”
Python
swiftyapp
swiftyapp
swifty

๐Ÿ”‘ Free Offline-first Password Manager

Score
78
โ˜… 944 โ‘‚ 79 +1/day
JavaScript
D4Vinci
D4Vinci
elpscrk

An Intelligent wordlist generator based on user profiling, permutations, and statistics. (Named after the same tool in Mr.Robot series S01E01)

Score
83
โ˜… 943 โ‘‚ 137 โ€”
Python
rndinfosecguy
rndinfosecguy
Scavenger

Crawler (Bot) searching for credential leaks on paste sites.

Score
67
โ˜… 813 โ‘‚ 134 +1/day
Python
synfinatic
synfinatic
aws-sso-cli

A powerful tool for using AWS Identity Center for the CLI and web console.

Score
100
โ˜… 654 โ‘‚ 78 โ€”
Go
rek7
rek7
mXtract

mXtract - Memory Extractor & Analyzer

Score
48
โ˜… 585 โ‘‚ 89 โ€”
C++
simonepri
simonepri
upash

๐Ÿ”’Unified API for password hashing algorithms

Score
39
โ˜… 540 โ‘‚ 21 โ€”
JavaScript
Skyscanner
Skyscanner
whispers

Identify hardcoded secrets in static structured text

Score
43
โ˜… 504 โ‘‚ 70 โ€”
Python
Acceis
Acceis
leakScraper

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Score
50
โ˜… 450 โ‘‚ 81 โ€”
Python
JoelGMSec
JoelGMSec
LeakSearch

Search & Parse Password Leaks

Score
33
โ˜… 439 โ‘‚ 51 +2/day
Python
ByteNess
ByteNess
aws-vault

A vault for securely storing and accessing AWS credentials in development environments

Score
83
โ˜… 391 โ‘‚ 24 +6/day
Go
SAP
SAP
credential-digger

A Github scanning tool that identifies hardcoded credentials while filtering the false positive data through machine learning models :lock:

Score
74
โ˜… 365 โ‘‚ 54 โ€”
Python
reugn
reugn
wifiqr

Create a QR code with your Wi-Fi login details

Score
67
โ˜… 287 โ‘‚ 18 +1/day
Go
PSKeePass
PSKeePass
PoShKeePass

PowerShell module for KeePass

Score
33
โ˜… 256 โ‘‚ 59 โ€”
PowerShell
Samsung
Samsung
CredSweeper

CredSweeper is a tool to detect credentials in any directories or files. CredSweeper could help users to detect unwanted exposure of credentials (such as token, passwords, api keys etc.) in advance. By scanning lines, filtering, and using AI model as option, CredSweeper reports lines with possible credentials, where the line is, and expected type o

Score
70
โ˜… 212 โ‘‚ 50 โ€”
Python
twilio-labs
twilio-labs
deadshot

Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository

Score
17
โ˜… 192 โ‘‚ 13 โ€”
Python
NeCr00
NeCr00
Credential-Hunting

CredsHunter - Credential Hunting scripts for Windows and Linux OS

Score
65
โ˜… 151 โ‘‚ 26 +4/day
PowerShell
highflame-ai
highflame-ai
zeroid

ZeroID: Autonomous Agent Identity Management System (AAIMS)

Score
25
โ˜… 148 โ‘‚ 15 +1/day
Go
xanwz
xanwz
leaks

Compromised SSH servers and scraped mirror sites leaked scripts intended for malicious use.

Score
35
โ˜… 140 โ‘‚ 54 โ€”
C
pinkpixel-dev
pinkpixel-dev
keyper

๐Ÿ” A self-hosted credential manager with zero-knowledge encryption, multi-user support, and emergency recovery. Store API keys, passwords, and secrets securely with your own database. Features AES-256-GCM encryption, Argon2 key derivation, PWA support, and professional-grade security architecture.

Score
57
โ˜… 105 โ‘‚ 3 โ€”
TypeScript
adeptex
adeptex
whispers

Identify hardcoded secrets in static structured text (version 2)

Score
17
โ˜… 100 โ‘‚ 12 โ€”
Python
adfinis
adfinis
vault-client

A command-line interface to HashiCorp's Vault

Score
0
โ˜… 90 โ‘‚ 7 โ€”
Go
santhsecurity
santhsecurity
keyhog

Open-source secret scanner in Rust. Service-specific detectors, SIMD on the CPU and an optional GPU path, live verification of which leaked keys are still active, and SARIF output.

Score
0
โ˜… 84 โ‘‚ 13 โ€”
Rust
truerustyy
truerustyy
wcreddump

Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with a mounted windows drive.

Score
22
โ˜… 80 โ‘‚ 5 โ€”
Python
ShellCode33
ShellCode33
CredSLayer

Extract credentials and other useful info from network captures

Score
26
โ˜… 79 โ‘‚ 9 โ€”
Python
jonico
jonico
pscale-workflow-helper-scripts

Workflows and helper scripts around the PlanetScale DB workflow to automate database branch creation, association, update and merge directly out of your pull/merge request or favourite CI/CD. This is just a passion project, no official repository from Planetscale.

Score
0
โ˜… 78 โ‘‚ 7 โ€”
Shell
rm1984
rm1984
IMAPLoginTester

A simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.

Score
0
โ˜… 73 โ‘‚ 17 โ€”
Python
padok-team
padok-team
git-secret-scanner

Find secrets in git repositories with TruffleHog & Gitleaks

Score
52
โ˜… 69 โ‘‚ 5 +1/day
Go
verifiable-pdfs
verifiable-pdfs
blockchain-certificates

Used to create, issue, revoke, or validate certificates (or any other PDF file) on the public Bitcoin blockchain.

Score
100
โ˜… 69 โ‘‚ 35 โ€”
Python
asonnino
asonnino
coconut

Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers.

Score
50
โ˜… 68 โ‘‚ 15 โ€”
Python
Luzifer
Luzifer
awsenv

awsenv is intended as a local credential store for people using more than one AWS account at the same time

Score
17
โ˜… 67 โ‘‚ 7 โ€”
Go
d0ubl3g
d0ubl3g
Industrial-Security-Auditing-Framework

ISAF aims to be a framework that provides the necessary tools for the correct security audit of industrial environments. This repo is a mirror of https://gitlab.com/d0ubl3g/industrial-security-auditing-framework.

Score
30
โ˜… 59 โ‘‚ 21 โ€”
Python
praetorian-inc
praetorian-inc
noseyparker-explorer

Interactive results explorer and annotation tool for Nosey Parker

Score
9
โ˜… 58 โ‘‚ 5 โ€”
Python
tarcieri
tarcieri
ithos

A cryptographically verifiable access control and directory system for Linux servers

Score
0
โ˜… 57 โ‘‚ 4 โ€”
Rust
sahadnk72
sahadnk72
jecretz

Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets

Score
13
โ˜… 52 โ‘‚ 10 โ€”
Python
whxitte
whxitte
gixposed

Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and security professionals quickly identify and remediate exposed sensitive informations in their codebases.

Score
0
โ˜… 39 โ‘‚ 0 โ€”
Shell
GitGuardian
GitGuardian
gitguardian-vscode

Stop leaks. Safeguard your secrets with GitGuardian. GitGuardian actively prevents accidental exposure of sensitive information in your code, allowing you to code confidently and maintain the integrity of your data.

Score
50
โ˜… 38 โ‘‚ 4 โ€”
TypeScript
b3tt3rlynx
b3tt3rlynx
iCloudCracker

iCloud security assessor.

Score
4
โ˜… 29 โ‘‚ 6 โ€”
C
Related Topics
#security#secrets#security-tools#devsecops#password#pentesting#scanning#cli#secrets-detection#penetration-testing#git#secret

ยฉ 2026 GitRepoTrend ยท GitHub repositories by topic ยท Updated weekly