Leaky-repo Alternatives
Similar projects and alternatives to leaky-repo
-
-
-
Sonar
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
-
whispers
Identify hardcoded secrets in static structured text (by Skyscanner)
-
betterscan-ce
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan Community Edition (CE)
-
deadshot
Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
-
knob
Key Negotiation Of Bluetooth (KNOB) attacks on Bluetooth BR/EDR and BLE [CVE-2019-9506]
-
tartufo
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
-
InfluxDB
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
-
-
noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
-
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
leaky-repo reviews and mentions
-
Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history
Also, I've built a repo of credentials and benchmarked several tools including trufflehog against it if you want to see how your tool and default ruleset stack up: https://github.com/Plazmaz/leaky-repo
-
Discover Hidden Secrets in Git Repos with Rust
At this point, we've succeeded at what we set out to create. I went ahead and scanned common testing repositories for this sort of thing like Plazmaz/leaky-repo and dijininja/leakyrepo. In general the program found all or most of the secrets. In the case of dijininja/leakyrepo it found a lot of RSA private keys which is acceptable but technically a misidentification. For Plazmaz/leaky-repo we find the majority of the keys although once again misidentify some. The decision to use rust makes performance really solid although still a little slow even for small repos. A couple good extensions to this to help with that could be adding a thread pool in order to scan objects in parallel. In more professional code, it seems more idiomatic for the scan_objects() function to return some objects of objects including their results rather than just printing the one containing secrets. For example, it could be formatted something like this:
Stats
Plazmaz/leaky-repo is an open source project licensed under MIT License which is an OSI approved license.
