Similar projects and alternatives to leaky-repo
Find secrets hidden in commits
A repo which contains lots of things which it shouldn't
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
Identify hardcoded secrets in static structured text (by Skyscanner)
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan Community Edition (CE)
Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
Find credentials all over the place
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
leaky-repo reviews and mentions
Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history
4 projects | reddit.com/r/netsec | 8 Dec 2022
Also, I've built a repo of credentials and benchmarked several tools including trufflehog against it if you want to see how your tool and default ruleset stack up: https://github.com/Plazmaz/leaky-repo
Discover Hidden Secrets in Git Repos with Rust
3 projects | dev.to | 8 Nov 2021
At this point, we've succeeded at what we set out to create. I went ahead and scanned common testing repositories for this sort of thing like Plazmaz/leaky-repo and dijininja/leakyrepo. In general the program found all or most of the secrets. In the case of dijininja/leakyrepo it found a lot of RSA private keys which is acceptable but technically a misidentification. For Plazmaz/leaky-repo we find the majority of the keys although once again misidentify some. The decision to use rust makes performance really solid although still a little slow even for small repos. A couple good extensions to this to help with that could be adding a thread pool in order to scan objects in parallel. In more professional code, it seems more idiomatic for the scan_objects() function to return some objects of objects including their results rather than just printing the one containing secrets. For example, it could be formatted something like this:
Plazmaz/leaky-repo is an open source project licensed under MIT License which is an OSI approved license.