Our great sponsors
-
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
There are tools that you can use on repos like https://semgrep.dev/ that will scan repos. You could configure it differently depending on the languages contained in the repo you are scanning and automate that process.
2) Clone the actual repo including history to look for committed secrets, running something like https://github.com/awslabs/git-secrets.
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.
Related posts
- Semgrep – Find bugs and enforce code standards
- Application Security - Bridging Frontend and Cybersecurity: What is Application Security?
- Semgrep: Semantic Grep for Code
- returntocorp/semgrep: Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
- Static Program Analysis