#Secrets
Showing 60 of 112 repositories tagged #secrets, ranked by stars
A tool for secrets management, encryption as a service, and privileged access management
Infisical is the open-source platform for secrets, certificates, and privileged access management.
Find, verify, and analyze leaked credentials
A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!
a secure dotenv–from the creator of `dotenv`
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
Cloud native secrets management for developers - never leave your command line for secrets.
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
A helm plugin that help manage secrets with Git workflow and store them anywhere
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Custom Kubernetes controller that can be used to replicate secrets, configmaps and certificates.
GnuPG symmetric secrets manager using Bash.
Vulnerable app with examples showing how to not use secrets
Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
Scan the world (for secrets)
Program to reverse Docker images into Dockerfiles
Simple HS256, HS384 & HS512 JWT token brute force cracker.
Detect leaked secrets + live validation. Map blast radius across your stack. Revoke fast. 950+ rules.
DEPRECATED A helm plugin that help manage secrets with Git workflow and store them anywhere
Application secrets and configuration management for developers.
A library for detecting known secrets across many web frameworks
CLI security scanner built for the agentic era. Detects CI/CD misconfigs, agent permission risks, MCP tool injection, hardcoded secrets, and DMCA-flagged AI dependencies.
Passive API key and secret discovery browser extension for Chrome and Firefox. 80+ detection patterns, zero config.
Create Kubernetes secrets from Vault for a secure GitOps based workflow.
AI gets the context. Not your private data. Local-first privacy proxy for browser chat, AI APIs, and coding agents.
Scan your code for security misconfiguration, search for passwords and secrets. :mag:
GnuPG asymmetric secrets manager - works with YubiKey!
Protect your secrets using Gitleaks-Action
A secure, shared workspace for secrets
A cli tool for importing and exporting Hashicorp Vault secrets
Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Identify hardcoded secrets in static structured text
Porch Pirate is the most comprehensive Postman recon / OSINT client and framework that facilitates the automated discovery and exploitation of API endpoints and secrets committed to workspaces, collections, requests, users and teams. Porch Pirate can be used as a client or be incorporated into your own applications.
Azure Key Vault to Kubernetes (akv2k8s for short) makes it simple and secure to use Azure Key Vault secrets, keys and certificates in Kubernetes.
Use dotenv files for Android and iOS projects.
🕵️ Python project to crawl for JavaScript files and search for secrets like API keys, authorization tokens, hardcoded credentials, etc.
A secrets management service that uses Tailscale for access control
Open-source secret & environment management. Secure, simple, collaborative. CLI & Github Sync
Cloud-native infrastructure templating. Creating cloud installers for SaaS. Replication of complex cloud-native infrastructures.
The official CLI for interacting with your Doppler secrets and configuration.
Age based repository file encryption gitops tool
A Vault client, but for containers and servers.
Simple, password-based encrypted vault for .env and infrastructure secrets. Like git-crypt or sops, but dramatically simpler. Ideal for small teams and IaC workflows
OpenSource, frictionless and secure way to share and manage app secrets across teams.
Keeper Commander is a python-based CLI and SDK interface to the Keeper Security platform. Provides administrative controls, reporting, import/export and vault management.
Cloud native zero trust security for AI agents run environments
🤫 AI-native secrets manager. Agents use secrets without seeing them.
Command-line interface for SonarQube with AI agent integration. Scan for secrets and get fast feedback on code quality and security from your terminal.
Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
Kubernetes Operator to sync secrets between different secret backends and Kubernetes
Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
One secret mapping for local dev, CI/CD, and runtime. Envilder resolves cloud secrets from your own vaults without SaaS middlemen, duplicated config, or .env drift.
A secrets management platform that every engineer can use with minimal code changes.
Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber.
A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers
Synchronize and Version Control ConfigMaps & Secrets across Deployment Rollouts.
CLI Text Search across your infrastructure platforms, Universal Ctrl+F for infra
Keeper Secrets Manager is a cloud-based, zero-knowledge platform for securing infrastructure secrets. Provides automatic password rotation and integration into popular DevOps CI/CD tools.