tartufo
Pathfinder
tartufo | Pathfinder | |
---|---|---|
6 | 3 | |
485 | 28 | |
5.2% | - | |
6.0 | 0.0 | |
23 days ago | 6 months ago | |
Python | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tartufo
- Tartufo searches through Git repositories for high entropy strings and secrets
- Show HN: Tartufo, the godaddy Git secrets linter
- GitHub Access Token Exposure
-
Toyota Accidently Exposed a Secret Key Publicly on GitHub for Five Years
You could set up something like https://github.com/godaddy/tartufo in a pre-commit hook. Not sure if github has a way to hook into the push hooks on server side, they might though.
- Tartufo – effective finds secrets accidentally committed
Pathfinder
-
Installing a Github Python Project WITHOUT Internet connection (via PIP? )
So you have to install all of those first. And then you can install the Pathfinder. Pathfinder package you can download from: https://github.com/MatthewBCooke/Pathfinder/archive/refs/heads/master.zip
What are some alternatives?
deadshot - Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
Pathfinding-Visualizer - Pathfinding visualizations with Python and Pygame
leaky-repo - Benchmarking repo for secrets scanning
NeuroKit - NeuroKit2: The Python Toolbox for Neurophysiological Signal Processing
whispers - Identify hardcoded secrets in static structured text
geo-heatmap - :world_map: Generate an interactive geo heatmap from your Google location data
secrets - A command-line tool to prevent committing secret keys into your source code [Moved to: https://github.com/sirwart/ripsecrets]
knob - Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
kscp - Kubernetes Secrets Control Plane
gitleaks - Protect and discover secrets using Gitleaks 🔑
oxo - OXO is a security scanning orchestrator for the modern age.