SecretScanner Logo

SecretScanner

0
Free
Visit Website

SecretScanner is a standalone tool that retrieves and searches container and host filesystems, matching the contents against a database of approximately 140 secret types. It can find unprotected secrets in container images or file systems. Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure (such as accounts, devices, network, cloud based services), applications, storage, databases and other kinds of critical data for an organization. For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key etc. are secrets. Secrets should be strictly kept private. However, sometimes attackers can easily access secrets due to flawed security policies or inadvertent mistakes by developers.

FEATURES

ALTERNATIVES

A tool for detecting and exploiting Android application vulnerabilities

A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.

A Powershell script for assessing the security configurations of Siemens - SIMATIC PCS 7 OS client, OS Server or Engineering station.

A ruby script that scans for vulnerable 3rd-party web applications

Next-generation Linux exploit suggester with improved features for finding privilege escalation vulnerabilities.

A Pythonic interface to the Internet Storm Center / DShield API

A tool to find and search for registered CVEs, creating a local CVE database for offline use.

A massive SQL injection vulnerability scanner

PINNED

InfoSecHired Logo

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial
Resources
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Free
Resources
Kriptos Logo

Kriptos

An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.

Commercial
Data Protection
System Two Security Logo

System Two Security

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.

Commercial
Security Operations
Aikido Security Logo

Aikido Security

Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.

Commercial
Application Security
Permiso Logo

Permiso

Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Commercial
IAM
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security