Explore 20 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
A tool for searching a Git repository for interesting content
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A command-line tool that scans textual data and Git history to identify and locate secrets, API keys, passwords, and other sensitive information.
A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages
A tool that uses NLP and ML to identify potential software vulnerabilities from git commit messages
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems.
A tool to dump a Git repository from a website
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
Instructions for setting up SIREN, including downloading Linux dependencies, cloning the repository, setting up virtual environment, installing pip requirements, running SIREN, setting up Snort on Pi, and MySQL setup.
A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.
A collection of vulnerable web applications containing command injection flaws designed to test and evaluate detection and exploitation tools like commix.
Prevents you from committing passwords and other sensitive information to a git repository.
Prevents you from committing passwords and other sensitive information to a git repository.
A command-line password manager that encrypts credentials using GnuPG and stores them in YAML files with git synchronization support.
A command-line password manager that encrypts credentials using GnuPG and stores them in YAML files with git synchronization support.
Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, ...
Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, ...
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
A secrets detection tool that scans GitHub, GitLab, and Bitbucket repositories to identify API keys, access tokens, and other sensitive information in source code.
A secrets detection tool that scans GitHub, GitLab, and Bitbucket repositories to identify API keys, access tokens, and other sensitive information in source code.
GitHub is a web-based platform that provides Git version control hosting and collaborative software development tools for managing code repositories and projects.
GitHub is a web-based platform that provides Git version control hosting and collaborative software development tools for managing code repositories and projects.
Safely store secrets in version control repositories with GPG encryption support.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
Atomic Reactor is a Python library and CLI tool for building Docker images with advanced features including Git integration, registry operations, and build system integration.
Atomic Reactor is a Python library and CLI tool for building Docker images with advanced features including Git integration, registry operations, and build system integration.
DumpsterDiver analyzes large datasets to detect hardcoded secrets, keys, and passwords using entropy calculations and customizable search rules.
DumpsterDiver analyzes large datasets to detect hardcoded secrets, keys, and passwords using entropy calculations and customizable search rules.