talisman
Secret scanner
A tool that scans git changesets to ensure sensitive information does not leave the developer's workstation.
Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
2k stars
41 watching
241 forks
Language: Go
last commit: 4 months ago
Linked from 1 awesome list
gitgit-hookshacktoberfesthuskypotential-secretspre-commitpre-pushscanssecretsecrets
vavkamil/awesome-bugbounty-toolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 bishopfox/gitgot | A tool to search public GitHub data for sensitive secrets using feedback-driven semi-automation | 1,453 |
 anshumanbh/git-all-secrets | Tools to discover sensitive information from GitHub repositories and gists | 1,112 |
 jkroepke/helm-secrets | Tools to manage encrypted secrets in Kubernetes Helm charts using Git workflow and cloud native secret managers. | 1,534 |
 hightechsec/git-scanner | Tools for identifying and scanning public Git repositories for security vulnerabilities | 339 |
 praetorian-inc/noseyparker | Find secrets and sensitive information in textual data | 1,693 |
 papermtn/gitlab-watchman | Detects exposed secrets and personal data in GitLab repositories | 196 |
 gitguardian/apisecuritybestpractices | Resources to help developers keep sensitive information secret and mitigate potential security breaches | 1,917 |
 legit-labs/legitify | Automates vulnerability detection and remediation across GitHub and GitLab assets to strengthen software security posture. | 774 |
 coolhandsquid/tirefire | Automates external machine scanning and enumeration with control over scans. | 148 |
 mozilla/cipherscan | Tool to test and analyze SSL/TLS ciphersuites on a target system | 1,966 |
 ekultek/pybelt | A collection of tools for hackers and security researchers to explore vulnerabilities and test systems | 511 |
 bearer/bearer | A tool for discovering and prioritizing security risks in software code | 2,040 |
 wallarm/jwt-heartbreaker | A tool to check JWT tokens for potential security issues by verifying token keys against publicly known sources | 124 |
 secretsquirrel/sigthief | A tool that generates invalid signatures to test antivirus software's signature verification and validation capabilities. | 2,116 |
 pessimistic-io/slitherin | Automated code audit tools for Ethereum smart contracts | 356 |