dotgpg
dotgpg is a tool for backing up and versioning your production secrets or shared passwords securely and easily. Getting started If you're a ruby developer, you know the drill. Either gem install dotgpg or add gem "dotgpg" to your Gemfile. There are also instructions for use without ruby. Mac OS X brew install gpg sudo gem install dotgpg Ubuntu sudo apt-get install ruby1.9 sudo gem install dotgpg RedHat/CentOS sudo yum install ruby ruby-devel sudo gem install dotgpg Usage dotgpg init To get started run dotgpg init. Unless you've used GPG before, it will prompt you for a new passphrase. You should make this passphrase as secure as your SSH passphrase, i.e. 12-20 characters and not just letters. $ dotgpg init Creating a new GPG key: Conrad Irwin <conrad.irwin@gmail.com> Passphrase: Passphrase confirmation: dotgpg edit To create or edit files, just use dotgpg edit. I recommend you use the .gpg suffix so that other tools know what these files contain. $ dotgpg edit production.gpg [ opens your $EDITOR ] dotgpg create To create an encrypted file from piped input, use dotgpg create. I recommend you use the .gpg suffix so that other tools know what these files contain. $ echo foo | dotgpg create
FEATURES
ALTERNATIVES
An endpoint data loss prevention solution that discovers, classifies, and protects sensitive data while controlling data transfer methods and mitigating insider threats.
A library for generating random numbers and strings of various strengths, useful in security contexts.
PII Crawler is a data scanning tool that identifies and locates Personally Identifiable Information in various file types and databases.
A tool for breaking crypto and identifying weak cryptosystems, with a humorous name and a separate library called Cryptanalib.
Recoverjpeg is a tool for recovering JPEG images from damaged storage media.
A cloud-native, event-driven data pipeline toolkit for security teams with extensible data processing and serverless deployment.
Microsoft SEAL is a homomorphic encryption library that allows computations on encrypted data without decryption, supporting integer and approximate real number arithmetic.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.