Hacker News
- TruffleHog – Searches through Git repositories for high entropy strings https://github.com/dxa4481/truffleHog 9 comments
Lobsters
- TruffleHog: find high-entropy strings in git repos https://github.com/dxa4481/truffleHog 2 comments release
- Would Lambda Layers help? https://github.com/dxa4481/truffleHog 12 comments aws
- GitHub - A tool that searches through git repositories for high entropy strings to find secret keys https://github.com/dxa4481/trufflehog 9 comments programming
- Truffle Hog: A tool that Searches Entire Commit History in Git Repositories for High Entropy Strings to Find Secrets Accidentally Committed to Version Control https://github.com/dxa4481/trufflehog 83 comments netsec
Linking pages
- Finding secrets by decompiling Python bytecode in public repositories | Jesse Li https://blog.jse.li/posts/pyc/ 132 comments
- I was billed for 14k USD on Amazon Web Services 😱 - DEV Community https://dev.to/juanmanuelramallo/i-was-billed-for-14k-usd-on-amazon-web-services-17fn 44 comments
- How bad can it git? Characterizing secret leakage in public GitHub repositories | the morning paper https://blog.acolyer.org/2019/04/08/how-bad-can-it-git-characterizing-secret-leakage-in-public-github-repositories/ 36 comments
- Auditing Bitbucket Server Data for Credentials in AWS | Sourced Group https://www.sourcedgroup.com/blog/auditing-bitbucket-server-data-credentials-in-aws 11 comments
- GitHub - anshumanbh/git-all-secrets: A tool to capture all the git secrets by leveraging multiple open source git searching tools https://github.com/anshumanbh/git-all-secrets 8 comments
- Yelp's Secret Detector: Preventing Secrets in Source Code https://engineeringblog.yelp.com/2018/06/yelps-secret-detector.html 7 comments
- My tips for finding security issues in GitHub projects. · GitHub https://gist.github.com/EdOverflow/922549f610b258f459b219a32f92d10b 7 comments
- GitHub - olacabs/jackhammer: Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems. https://github.com/olacabs/jackhammer 5 comments
- Top Five Ways the Red Team breached the External Perimeter | by Adam Toscher | Medium https://medium.com/@adam.toscher/top-five-ways-the-red-team-breached-the-external-perimeter-262f99dc9d17 5 comments
- Open Source Intelligence Gathering 201 (Covering 12 additional techniques) | by Bharath | Appsecco https://blog.appsecco.com/open-source-intelligence-gathering-201-covering-12-additional-techniques-b76417b5a544 4 comments
- GitHub - nielsing/yar: Yar is a tool for plunderin' organizations, users and/or repositories. https://github.com/furduhlutur/yar 4 comments
- Static Analysis of Client-Side JavaScript for pen testers and bug bounty hunters | by Bharath | Appsecco https://blog.appsecco.com/static-analysis-of-client-side-javascript-for-pen-testers-and-bug-bounty-hunters-f1cb1a5d5288 4 comments
- How to Use Gitleaks to Prevent Pushing Sensitive Info | by Umut Seven | ITNEXT https://medium.com/@umutseven/how-to-use-gitleaks-to-prevent-pushing-sensitive-info-cdd0355d5f61 4 comments
- Introducing Radar API: Detect Credentials & Secrets in Code via Machine Learning | by Nightfall AI | Medium https://medium.com/@watchtowerai/introducing-radar-api-detect-credentials-secrets-in-code-via-machine-learning-fe402b818bf1 3 comments
- Best practices for managing service account keys | IAM Documentation | Google Cloud https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys#secret-manager 2 comments
- GitHub - safe-commit-hook-rb/safe-commit-hook-rb: Avoid checking in dangerous files like private keys. https://github.com/safe-commit-hook-rb/safe-commit-hook-rb 2 comments
- I Published My AWS Secret Key to GitHub https://www.dannyguo.com/blog/i-published-my-aws-secret-key-to-github/ 1 comment
- Red Teaming Toolkit Collection - 0xsp SRD https://0xsp.com/offensive/red-teaming-toolkit-collection 1 comment
- Secrets Management in a Cloud Agnostic World | by Mike Ruth | Cruise | Medium https://medium.com/cruise/secrets-management-3a7c47fe81b 1 comment
- The Pen Testing Tools We’re Thankful for in 2020 | Bishop Fox https://labs.bishopfox.com/industry-blog/pen-testing-tools-were-thankful-for-in-2020 0 comments
Linked pages
Would you like to stay up to date with DevOps? Checkout DevOps
Weekly.
Related searches:
Search whole site: site:github.com
Search title: GitHub - trufflesecurity/trufflehog: Find credentials all over the place
See how to search.