kcare-uchecker
tartufo
Our great sponsors
kcare-uchecker | tartufo | |
---|---|---|
1 | 4 | |
185 | 389 | |
1.6% | 5.9% | |
5.2 | 6.7 | |
about 2 months ago | 13 days ago | |
Python | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kcare-uchecker
-
cloudlinux / kcare-uchecker
Piping into python is a convenience and provides a nice oneliner you can integrate into scanners like nagios or nessus. You can freely check the source both of what you download and what is at the github repository for it: https://github.com/cloudlinux/kcare-uchecker
tartufo
- Show HN: Tartufo, the godaddy Git secrets linter
- GitHub Access Token Exposure
-
Toyota Accidently Exposed a Secret Key Publicly on GitHub for Five Years
You could set up something like https://github.com/godaddy/tartufo in a pre-commit hook. Not sure if github has a way to hook into the push hooks on server side, they might though.
- Tartufo – effective finds secrets accidentally committed
What are some alternatives?
rapidscan - :new: The Multi-Tool Web Vulnerability Scanner.
deadshot - Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
oxo - OXO is a security scanning orchestrator for the modern age.
secrets - A command-line tool to prevent committing secret keys into your source code [Moved to: https://github.com/sirwart/ripsecrets]
whispers - Identify hardcoded secrets in static structured text
kscp - Kubernetes Secrets Control Plane
gitleaks - Protect and discover secrets using Gitleaks 🔑
leaky-repo - Benchmarking repo for secrets scanning
Pathfinder - Search Strategy analysis and more for spatial navigation data in rodents
bandit - Bandit is a tool designed to find common security issues in Python code.
ggshield - Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.