SecretScanner Logo

SecretScanner

0
Free
Updated 11 March 2025
Vulnerability Management
Secret Management
Container Security
Data Security
Visit Website

SecretScanner is a standalone tool that retrieves and searches container and host filesystems, matching the contents against a database of approximately 140 secret types. It can find unprotected secrets in container images or file systems. Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure (such as accounts, devices, network, cloud based services), applications, storage, databases and other kinds of critical data for an organization. For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key etc. are secrets. Secrets should be strictly kept private. However, sometimes attackers can easily access secrets due to flawed security policies or inadvertent mistakes by developers.

FEATURES

EXPLORE BY TAGS

Secret Management

Container Security

Data Security

SIMILAR TOOLS

Yar Logo
Yar

A tool for scanning and identifying potential security risks in GitHub organizations, users, and repositories.

Free
Vulnerability Management
Wapiti Logo
Wapiti

Web-application vulnerability scanner with extensive coverage of security testing modules.

Free
Vulnerability Management
npm-scan Logo
npm-scan

An extensible, heuristic-based vulnerability scanning tool for installed npm packages.

Free
Vulnerability Management
bundler-audit Logo
bundler-audit

Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.

Free
Vulnerability Management
Audit Node Modules With YARA Rules Logo
Audit Node Modules With YARA Rules

A tool to run YARA rules against node_module folders to identify suspicious scripts

Free
Vulnerability Management
Yasuo Logo
Yasuo

A ruby script that scans for vulnerable 3rd-party web applications

Free
Vulnerability Management
Windows 7 UAC Whitelist Code-Injection Issue Logo
Windows 7 UAC Whitelist Code-Injection Issue

Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.

Free
Vulnerability Management
SSLyze Logo
SSLyze

SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.

Free
Vulnerability Management
Paros Logo
Paros

A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.

Free
Vulnerability Management

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy