#Secrets-detection
Showing 23 of 23 repositories tagged #secrets-detection, ranked by stars
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.
Scan the world (for secrets)
Entropy is a CLI tool that will scan your codebase for high entropy lines, which are often secrets.
Scan your code for security misconfiguration, search for passwords and secrets. :mag:
High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 487 detection rules with live credential validation.
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for and bug bounty hunters and security researchers.
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Identify hardcoded secrets in static structured text
GitGuardian Shield GitHub Action - Find exposed credentials in your commits
SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!
Identify hardcoded secrets in static structured text (version 2)
The open source security engine for AI agent and supply-chain trust.
Analyze any snippet, file, or repository to detect possible security flaws such as secret in code, open source vulnerability, code security, vulnerability, insecure infrastructure as code, and potential legal issues with open source licenses.
Secret Scanner for Slack, Jira, Confluence, Asana, Wrike, Linear, Zendesk, GitHub, and GitLab
๐ก๏ธ Client-side, privacy-first image redaction tool. Automatically detects and blurs PII (Emails, IPs, Keys) using local OCR. No server, no data leaks.
Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates shares, recursively scans files with regex/keyword rules, highlights matched tokens on screen, and exports clean ASCII tables. Supports DOCX/PDF/legacy Office and depth limits.
Interactive results explorer and annotation tool for Nosey Parker
Fast local Rust scanner for AI-agent prompt injection, credential leaks, exfiltration, and risky tool calls
Stop leaks. Safeguard your secrets with GitGuardian. GitGuardian actively prevents accidental exposure of sensitive information in your code, allowing you to code confidently and maintain the integrity of your data.
A lightweight tool that converts directory contents into structured output optimized for LLM interpretation, featuring Git-aware file ordering, secret detection/redaction, token counting, and customizable filtering.