♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

Protect your secrets using Gitleaks-Action

Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).

Examples of Custom Secret Scanning Patterns

GitHub Secret Scanning Auto Remediator (GSSAR)

All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!

A community-led project that aims to scan published Repls to find secrets and invalidate them.

collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.

A curated list of awesome GitHub Advanced Security secret scanning resources.

(in)secure git workshop 🔓+🔑 = 🔐

Secrets that were found by the Replit Token Scanner are dumped here for revocation.

Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function

A Python based gitleaks wrapped tool to enable scanning of multiple Gitlab repositories in parallel.

Testing Suite for GitHub Secret Scanning Custom Patterns

Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function

GitHub Action to export GitHub security alerts

GitHub Actions Check - Secret Scanning; An added layer of visibility.

Trivial app to explore workflow & CI pipelining in Azure DevOps

CLI tool for scanning project directory for secrets that should not be shared