🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

Benchmarking repo for secrets scanning

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

Identify hardcoded secrets in static structured text

Secret and/or credential patterns used for gf.

Monitors Github for leaked secrets

SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!

AI based Secrets Detection Python Framework

VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities

Entropy is a CLI tool that will scan your codebase for high entropy lines, which are often secrets.

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

Python API client library for the GitGuardian API

GitHub Data Loss Prevention (DLP) Action: Scan Pull Requests for sensitive data, like credentials & secrets, PII, credit card numbers, and more.

Python Data Loss Prevention (DLP) SDK - Nightfall Developer Platform

Secret Scanner for Slack, Jira, Confluence, Asana, Wrike, Linear and Zendesk