Keyscope
✅ Automate your key and secret validation workflows 🤠 Over 30 different providers 🤖 Export to JSON, audit via CSV 🔑 Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust, powered by service_policy_kit. Current workflows supported: Validation 🦀 Why Rust? With Rust, "If it compiles, it works." and also, it compiles to many platforms. Rust is fast, has no VM, or unnecessary cruft (typically 5-8mb binaries with LOTS of code and libraries). Multi purpose, safe, and generalistic - makes for healthy and expressive mission critical code. Adding code or abstraction doesn't increase bloat, doesn't hurt performance, doesn't increase chance for bugs in a radical way (less edge cases). Amazing package manager: Cargo. Productive installing and running of tasks and examples. Rust is getting headlines in the security community as the go-to language for security tools. Equally interesting is offensive security + Rust here and here. 🚀 Quick Start Grab a release from releases, or install via Homebrew: brew tap spectralops/tap && brew install keyscope Using keyscope You can try out validating a key for a provider, say, Github (assuming the key is in the GIT
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
Policy Sentry is an automated IAM policy generator that helps developers create least privilege AWS IAM policies through a template-based workflow.
A simple drop-in library for managing users, permissions, and groups in your application.
A list of disposable email domains to detect or block disposable accounts
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.