detect-secrets is a security tool designed to identify and prevent secrets from being committed to code repositories. The tool scans source code across multiple programming languages to detect sensitive information such as API keys, database credentials, passwords, and other confidential data. The tool operates as a pre-commit hook and can be integrated into development workflows to automatically scan code before it is committed to version control systems. It uses pattern matching and heuristic analysis to identify potential secrets while minimizing false positives through configurable rules and baseline management. detect-secrets supports various secret types including AWS credentials, private keys, database connection strings, and custom patterns. The tool can generate baseline files to track known secrets and exclude them from future scans, allowing teams to manage existing secrets while preventing new ones from being introduced. The tool provides command-line interface functionality and can be configured to work with continuous integration pipelines. It offers audit capabilities to review detected secrets and mark them as legitimate or false positives, helping maintain an accurate security posture across development projects.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
A brute-force protection middleware for express routes that rate-limits incoming requests.
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A security-focused general purpose memory allocator providing the malloc API with hardening against heap corruption vulnerabilities.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.