Open-source projects categorized as Secrets | Edit details

Top 23 Secret Open-Source Projects

  • GitHub repo Vault

    A tool for secrets management, encryption as a service, and privileged access management

    Project mention: Entenda as configurações do Spring Boot! | dev.to | 2021-06-15
  • GitHub repo shhgit

    Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com

  • GitHub repo Keywhiz

    A system for distributing and managing secrets

  • GitHub repo Reloader

    A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!

    Project mention: Secret Rotation via CronJob | reddit.com/r/kubernetes | 2021-05-24

    Reloader solves that problem

  • GitHub repo transcrypt

    transparently encrypt files within a git repository (by elasticdog)

    Project mention: How do I become "smarter" | reddit.com/r/self | 2021-03-18

    Start writing all of your work down. I personally put almost every line of code I ever write into github. I have a "misc" project for random one-off things, but I always commit it to a repo. I started doing this in 2013/2014 and its been incredibly valuable to go back and refer to old work (its also fun to see how far you've come). This gets interesting when you start needing to write down information that shouldn't be public (e.g. api keys). You're into crypto, so you can probably see the fun in this. I've use a program called transcrypt to store encrypted files in my git repos. Be careful with transcrypt though, if you make a mistake you can accidentally publish secrets in plain text, and it does open you up to brute force attacks.

  • GitHub repo Whaler

    Program to reverse Docker images into Dockerfiles (by P3GLEG)

    Project mention: Reverse Engineering a Docker Image | news.ycombinator.com | 2021-03-18

    In addition to Dive, there's also Whaler https://github.com/P3GLEG/Whaler which will print out a Dockerfile from the image, based on the metadata in the image.

    You can also use Portainer https://www.portainer.io/ which will show the image layer details in the images section.

  • GitHub repo teller

    A secrets management tool for developers built in Go - never leave your command line for secrets.

    Project mention: What are some of the credential scanning tools | reddit.com/r/azuredevops | 2021-06-01

    You could use Spectral (https://spectralops.io) (disclaimer: I'm one of the founders), And if you're looking to scan credentials originating from your vaults and keystores you could use Teller, which is an open source vault scanner and secrets hub for developers that I've built: https://github.com/SpectralOps/teller

  • GitHub repo gh-action-pypi-publish

    GitHub Action, for publishing distribution files to PyPI

    Project mention: The Python Package Index is now a GitHub secret scanning integrator | news.ycombinator.com | 2021-03-24
  • GitHub repo Sup3rS3cretMes5age

    Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

    Project mention: Bitwarden Send | news.ycombinator.com | 2021-03-12

    Double-comment but check out https://github.com/algolia/sup3rS3cretMes5age

    I live in a country where sharing my entire life in paperwork is sadly normalized. Having a self-hosted one-time-secret service for file uploads is so nice.

  • GitHub repo helm-secrets

    Successor of zendesk/helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere

  • GitHub repo Shhh

    Share sensitive info without leaving a trace in your chat logs or email accounts.

    Project mention: 🔐 Shhh - Flask app to keep your shared secrets away from emails or chat logs | reddit.com/r/flask | 2021-04-26

    Here is the repo: https://github.com/smallwat3r/shhh

  • GitHub repo serverless-secrets

    An opinionated tool for safely managing and deploying Serverless projects and their secrets.

    Project mention: FaaS Security- What you should know before deciding to go serverless | dev.to | 2020-12-17

    It is critical that all application secrets will be stored in secure encrypted storage and that encryption keys be maintained via a centralized encryption key management infrastructure or service. Depending on the service you are using there are different tools to manage this: AWS Secrets Manager (link), Serverless secrets storage project on GitHub (link), Azure Key Vault (link).

  • GitHub repo kube-secret-syncer

    A Kubernetes operator to sync secrets from AWS Secrets Manager

    Project mention: Secrets... can I get it from aws secret manager? | reddit.com/r/kubernetes | 2021-04-23

    I’ve used this in the past, and it’s reliable.

  • GitHub repo deadshot

    Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository

    Project mention: Deadshot is a Pull Request scanner that looks for the introduction of secrets via PRs by matching each diff line against a set of known secret expressions. | reddit.com/r/blueteamsec | 2021-05-18
  • GitHub repo kubernetes-reflector

    Custom Kubernetes controller that can be used to replicate secrets, configmaps and certificates.

  • GitHub repo k8s-gitops

    Kubernetes cluster managed by GitOps - Git as a single source of truth, automated pipelines, declarative everything, next-generation DevOps (by xUnholy)

    Project mention: My home Kubernetes cluster managed by GitOps on Raspberry Pis | reddit.com/r/kubernetes | 2021-03-18
  • GitHub repo squealer

    Telling tales on you for leaking secrets!

    Project mention: Show HN: Secret Scanning for GitHub Repos | news.ycombinator.com | 2021-02-27
  • GitHub repo secrets.clj

    A Clojure library designed to generate cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.

    Project mention: Clojure source code to read | reddit.com/r/Clojure | 2021-05-06

    Weeks ago I enjoyed reading https://github.com/lk-geimfari/secrets.clj, which is small and concise. And you can find interesting projects in https://github.com/razum2um/awesome-clojure, if you haven't.

  • Project mention: Better alternative to withCredentials | reddit.com/r/jenkinsci | 2021-05-26

    I don't have an exact answer but have a look at https://www.codurance.com/publications/2019/05/30/accessing-and-dumping-jenkins-credentials. Specifically, see the "Iterate and decrypt credentials from the console" section for some ideas. You may need to dig though the https://github.com/jenkinsci/credentials-binding-plugin source code.

  • GitHub repo detect-secrets

    A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets (by lirantal)

    Project mention: Exposed company credentials in first week of internship | reddit.com/r/cscareerquestions | 2021-06-04

    (sh)It happens. Make sure they understand that you have learned from your mistake and plan to make a meaningful effort to prevent this from happening again. Be super proactive, propose a new way to mitigate future leaks of sensitive info: https://github.com/lirantal/detect-secrets

  • GitHub repo seclip

    A CLI utility to secretly copy secrets to clipboard. :lock::memo:

    Project mention: seclip | reddit.com/r/LinuxOverdose | 2021-04-08
  • GitHub repo k8s-vault-webhook

    A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers

    Project mention: Kubernetes Vault Webhook to manage secrets inside Kubernetes | reddit.com/r/openshift | 2021-05-10
  • GitHub repo snip-cli

    🔐 The Secret Manager that developers love!

    Project mention: Show HN: Share end-to-end encrypted secrets straight from the terminal | news.ycombinator.com | 2021-06-17
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-06-17.


What are some of the best open-source Secret projects? This list will help you:

Project Stars
1 Vault 21,278
2 shhgit 3,161
3 Keywhiz 2,399
4 Reloader 2,304
5 transcrypt 1,023
6 Whaler 708
7 teller 379
8 gh-action-pypi-publish 340
9 Sup3rS3cretMes5age 324
10 helm-secrets 271
11 Shhh 177
12 serverless-secrets 163
13 kube-secret-syncer 163
14 deadshot 159
15 kubernetes-reflector 154
16 k8s-gitops 149
17 squealer 106
18 secrets.clj 56
19 credentials-binding-plugin 41
20 detect-secrets 38
21 seclip 26
22 k8s-vault-webhook 12
23 snip-cli 10
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives