DumpsterDiver is a data analysis tool designed to identify hardcoded secrets and sensitive information within large datasets. The tool searches for various types of credentials including AWS Access Keys, Azure Share Keys, SSH keys, and passwords that may be inadvertently embedded in files or code repositories. The tool utilizes Shannon Entropy calculations to detect private keys and implements customizable search rules that allow users to define specific conditions for reporting findings. It can process compressed archives such as zip and tar.gz files, automatically unpacking them for analysis. DumpsterDiver includes functionality to examine git logs for historical secret exposure and supports advanced search capabilities through user-defined rules. The tool can identify patterns such as files containing specific numbers of email addresses or other data types based on configured parameters. The system is designed to be fully customizable, allowing security professionals to adapt search criteria to their specific organizational needs and compliance requirements. It processes various file formats and can handle large volumes of data efficiently during secret detection operations.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
BleachBit is an open-source system cleaning utility that removes temporary files and system artifacts to free disk space and protect user privacy.
Red October is a TLS-based encryption server that implements two-man rule authorization, requiring multiple users to collaborate for cryptographic operations.
Themis is an open-source cryptographic services library that provides high-level encryption and data protection capabilities for securing data during authentication, storage, messaging, and network exchange.
A secure file and drive wiping tool that overwrites data with randomized ASCII characters to prevent data recovery.
A versatile steganography tool with various installation options and detailed usage instructions.
Steghide is a steganography program that hides data in image and audio files.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.