Gitleaks
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos. It provides an easy-to-use, all-in-one solution for detecting secrets, past or present, in your code. Gitleaks can be installed using Homebrew, Docker, or Go, and is also available in binary form for many popular platforms and OS types. It can be implemented as a pre-commit hook directly in your repo or as a GitHub action using Gitleaks-Action.
FEATURES
ALTERNATIVES
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
A Burp Suite content discovery plugin that adds smart functionality to the Buster plugin.
Open-Source framework for detecting and preventing dependency confusion leakage with a holistic approach and wide technology support.
A free book providing design and implementation guidelines for writing secure programs in various languages.
JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.
A tool for identifying potential security vulnerabilities in dependency configurations by checking for lingering free namespaces for private package names.
Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.