Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history

This page summarizes the projects mentioned and recommended in the original post on /r/netsec
Entropy Security Sast Credentials Secret

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • noseyparker

    Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

  • trufflehog

    Find and verify credentials

    • Is this not just a another https://github.com/trufflesecurity/trufflehog?

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • leaky-repo

    Benchmarking repo for secrets scanning

    • Also, I've built a repo of credentials and benchmarked several tools including trufflehog against it if you want to see how your tool and default ruleset stack up: https://github.com/Plazmaz/leaky-repo

  • betterscan-ce

    Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)

    • Congrats on release. Feel free to check out https://github.com/marcinguy/betterscan-ce It is not that fast, but detects 166+ secret types (modified trufflehog3) and also bugs and vulnerabilities in Code and Cloud setups.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts