Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history

This page summarizes the projects mentioned and recommended in the original post on /r/netsec
Entropy Security Sast Credentials Secret

Scout Monitoring - Free Django app performance insights with Scout Monitoring
Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
www.scoutapm.com
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • noseyparker

    Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

  • trufflehog

    Find and verify secrets

    • Is this not just a another https://github.com/trufflesecurity/trufflehog?

  • Scout Monitoring

    Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.

    Scout Monitoring logo

  • leaky-repo

    Benchmarking repo for secrets scanning

    • Also, I've built a repo of credentials and benchmarked several tools including trufflehog against it if you want to see how your tool and default ruleset stack up: https://github.com/Plazmaz/leaky-repo

  • betterscan-ce

    Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)

    • Congrats on release. Feel free to check out https://github.com/marcinguy/betterscan-ce It is not that fast, but detects 166+ secret types (modified trufflehog3) and also bugs and vulnerabilities in Code and Cloud setups.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Seeking help to identify vulnerabilities and secrets in a website backup file

    1 project | /r/HowToHack | 3 Jul 2023

  • Introducing DeepSecrets: a better appsec tool for secrets scanning

    4 projects | /r/netsec | 27 Apr 2023

  • Thinking Like a Hacker: AWS Keys in Private Repos

    3 projects | dev.to | 26 Oct 2022

  • Toyota Accidently Exposed a Secret Key Publicly on GitHub for Five Years

    10 projects | news.ycombinator.com | 13 Oct 2022

  • Searching GITHUB

    2 projects | /r/cybersecurity | 17 Jul 2022