Infisical 是一个端到端加密的密钥管理平台,主要用于集中管理应用程序的配置密钥信息,例如API 密钥、数据库凭据和环境变量。它旨在简化开发人员的工作流程,并提高应用程序的安全性
Protect your secrets using Gitleaks-Action
Scan for secrets in dangling commits on GitHub using GH Archive data.
#安卓#Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).
Examples of Custom Secret Scanning Patterns
Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc) using TruffleHog.
GitHub Secret Scanning Auto Remediator (GSSAR)
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!
A community-led project that aims to scan published Repls to find secrets and invalidate them.
#Awesome#A curated list of awesome GitHub Advanced Security secret scanning resources.
(in)secure git workshop 🔓+🔑 = 🔐
Testing Suite for GitHub Secret Scanning Custom Patterns
A repo full of secrets. This is designed to test SAST secret scanning tools.
Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
Secrets that were found by the Replit Token Scanner are dumped here for revocation.
Multi-cloud xSPM platform to scan, visualize, and remediate security risks across cloud, containers, and Kubernetes environments.
A Python based gitleaks wrapped tool to enable scanning of multiple Gitlab repositories in parallel.
Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
A fast and powerful CLI tool for finding secrets and other data in files, web pages, and other text sources. Supports multi-threading and advanced pattern matching.