Leaky-repo Alternatives

Similar projects and alternatives to leaky-repo

betterscan-ce

34 683 7.3 Python leaky-repo VS betterscan-ce

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
trufflehog

25 13,863 9.9 Go leaky-repo VS trufflehog

Find and verify credentials
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
noseyparker

13 1,511 9.4 Rust leaky-repo VS noseyparker

Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
leakyrepo

1 42 10.0 leaky-repo VS leakyrepo

A repo which contains lots of things which it shouldn't
JAZ

2 20 0.0 Rust leaky-repo VS JAZ

Find secrets hidden in commits
deadshot

2 188 0.0 Python leaky-repo VS deadshot

Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
knob

1 175 1.8 Python leaky-repo VS knob

Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
whispers

2 463 0.0 Python leaky-repo VS whispers

Discontinued Identify hardcoded secrets in static structured text
tartufo

4 389 6.7 Python leaky-repo VS tartufo

Searches through git repositories for high entropy strings and secrets, digging deep into commit history
cml_dvc_case

1 18 0.0 Python leaky-repo VS cml_dvc_case
git-alerts

11 190 5.4 Go leaky-repo VS git-alerts

Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better leaky-repo alternative or higher similarity.

Suggest an alternative to leaky-repo

leaky-repo reviews and mentions

Posts with mentions or reviews of leaky-repo. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-12-08.

Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history
4 projects | /r/netsec | 8 Dec 2022

Also, I've built a repo of credentials and benchmarked several tools including trufflehog against it if you want to see how your tool and default ruleset stack up: https://github.com/Plazmaz/leaky-repo
Discover Hidden Secrets in Git Repos with Rust
3 projects | dev.to | 8 Nov 2021

At this point, we've succeeded at what we set out to create. I went ahead and scanned common testing repositories for this sort of thing like Plazmaz/leaky-repo and dijininja/leakyrepo. In general the program found all or most of the secrets. In the case of dijininja/leakyrepo it found a lot of RSA private keys which is acceptable but technically a misidentification. For Plazmaz/leaky-repo we find the majority of the keys although once again misidentify some. The decision to use rust makes performance really solid although still a little slow even for small repos. A couple good extensions to this to help with that could be adding a thread pool in order to scan objects in parallel. In more professional code, it seems more idiomatic for the scan_objects() function to return some objects of objects including their results rather than just printing the one containing secrets. For example, it could be formatted something like this: