leaky-repo
git-alerts
| leaky-repo | git-alerts | |
|---|---|---|
| 2 | 11 | |
| 211 | 190 | |
| - | 0.5% | |
| 0.0 | 5.4 | |
| about 1 year ago | 12 days ago | |
| Python | Go | |
| MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
leaky-repo
-
Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history
Also, I've built a repo of credentials and benchmarked several tools including trufflehog against it if you want to see how your tool and default ruleset stack up: https://github.com/Plazmaz/leaky-repo
-
Discover Hidden Secrets in Git Repos with Rust
At this point, we've succeeded at what we set out to create. I went ahead and scanned common testing repositories for this sort of thing like Plazmaz/leaky-repo and dijininja/leakyrepo. In general the program found all or most of the secrets. In the case of dijininja/leakyrepo it found a lot of RSA private keys which is acceptable but technically a misidentification. For Plazmaz/leaky-repo we find the majority of the keys although once again misidentify some. The decision to use rust makes performance really solid although still a little slow even for small repos. A couple good extensions to this to help with that could be adding a thread pool in order to scan objects in parallel. In more professional code, it seems more idiomatic for the scan_objects() function to return some objects of objects including their results rather than just printing the one containing secrets. For example, it could be formatted something like this:
git-alerts
- GitHub - boringtools/git-alerts: Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
- GitHub - boringtools/git-alerts: A Public Git repository
- GitHub - boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
- A Public Git repository and misconfiguration detection tool
- boringtools/git-alerts: A Public Git repository & misconfiguration detection tool
- Monitor your users Public GitHub Repositories
- A Public Git repository & misconfiguration detection tool
What are some alternatives?
leakyrepo - A repo which contains lots of things which it shouldn't
deadshot - Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
secrets-patterns-db - Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
betterscan-ce - Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
GitGoat - GitGoat is an open source tool that was built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test products with access to GitHub repositories without a risk to your production environment.
JAZ - Find secrets hidden in commits
github-leak-audit - A GitHub workflow to identify employees that have leaked your organization's code
noseyparker - Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
gh-action-pypi-publish - The blessed :octocat: GitHub Action, for publishing your :package: distribution files to PyPI: https://github.com/marketplace/actions/pypi-publish
knob - Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
whispers - Identify hardcoded secrets in static structured text