whispers
repo-supervisor
Our great sponsors
whispers | repo-supervisor | |
---|---|---|
2 | 2 | |
463 | 621 | |
- | - | |
0.0 | 0.0 | |
7 months ago | 10 months ago | |
Python | JavaScript | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
whispers
-
I made an app that lets you search all your apps and files at once
Something like https://github.com/Skyscanner/whispers
- Skyscanner/whispers - Identify hardcoded secrets and dangerous behaviours
repo-supervisor
-
Is there any way you can be hacked if you have a secret route
Hackers might scan your app with tools that look for strings that appear to have high entropy, as hashes tend to have. repo-supervisor from auth0 does that with their so called „entropy meter“ to find secrets and passwords.
- Ask HN: What are the best automated tools for keeping credentials out of GitHub?
What are some alternatives?
ggshield - Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
trufflehog - Find and verify credentials
deadshot - Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
git-secrets - Prevents you from committing secrets and credentials into git repositories
ssh-crypt - This tool helps you to keep passwords inside your shell scripts safely
shhgit - Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
leaky-repo - Benchmarking repo for secrets scanning
infisical-cli - ♾ Infisical is an open-source, E2EE tool to sync environment variables across your team and infrastructure. [Moved to: https://github.com/Infisical/infisical]
yaml.el - YAML parser in Elisp
Redeye - Redeye is a tool intended to help you manage your data during a pentest operation
tartufo - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
SecretScanner - :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock: