dotgpg is a tool for backing up and versioning your production secrets or shared passwords securely and easily. Getting started If you're a ruby developer, you know the drill. Either gem install dotgpg or add gem "dotgpg" to your Gemfile. There are also instructions for use without ruby. Mac OS X brew install gpg sudo gem install dotgpg Ubuntu sudo apt-get install ruby1.9 sudo gem install dotgpg RedHat/CentOS sudo yum install ruby ruby-devel sudo gem install dotgpg Usage dotgpg init To get started run dotgpg init. Unless you've used GPG before, it will prompt you for a new passphrase. You should make this passphrase as secure as your SSH passphrase, i.e. 12-20 characters and not just letters. $ dotgpg init Creating a new GPG key: Conrad Irwin <conrad.irwin@gmail.com> Passphrase: Passphrase confirmation: dotgpg edit To create or edit files, just use dotgpg edit. I recommend you use the .gpg suffix so that other tools know what these files contain. $ dotgpg edit production.gpg [ opens your $EDITOR ] dotgpg create To create an encrypted file from piped input, use dotgpg create. I recommend you use the .gpg suffix so that other tools know what these files contain. $ echo foo | dotgpg create
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
Steganography brute-force utility with performance issues, deprecated in favor of stegseek.
A steganographic file system in userspace for plausible deniability of files.
Simple C++ Encryption and Steganography tool for hiding files inside images using LSB encoding.
Zui is a desktop app for exploring and working with data, powered by Zed's 'Super-Structured Data' approach.
A command line tool for transparently hiding files within images using LSB steganography.
A cloud-native, event-driven data pipeline toolkit for security teams with extensible data processing and serverless deployment.
A Docker image with tools for solving Steganography challenges and screening scripts for analyzing files.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.