AWS Lab's git-secrets Alternatives
AWS Lab's git-secrets is described as 'git-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories' and is an app in the Development category. There are eight alternatives to AWS Lab's git-secrets for Mac, Windows, Linux, Self-Hosted solutions and SaaS. The best alternative is truffleHog, which is both free and Open Source. Other great apps like AWS Lab's git-secrets are yara4pentesters (Free, Open Source), repo-security-scanner (Free, Open Source), Yelp's detect-secrets (Free, Open Source) and Gitrob (Free, Open Source).
- Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
truffleHog vs AWS Lab's git-secrets opinions
truffleHog takes into account AWS secret keys as well as alternative high entropy keys such as API keys. - rules to identify files containing juicy information like usernames, passwords etc.
- CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys.
- detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base.
- Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github.
- GitGuardian is a cybersecurity startup solving the issue of secrets sprawling through source code, a widespread problem that leads to some credentials ending up in compromised places or even in the public space.
- It happens sometimes that you can commit secrets or passwords to your repository by accident. The recommended best practice is not commit the secrets, that's obvious. But not always that obvious when you have a big merge waiting to be reviewed.