AWS Lab's git-secrets Alternatives
AWS Lab's git-secrets is described as 'Git-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories. If a commit, commit message, or any commit in a --no-ff merge history matches one of your configured prohibited regular expression patterns, then the commit is' and is an app in the development category. There are nine alternatives to AWS Lab's git-secrets for a variety of platforms, including Mac, Windows, Linux, SaaS and Web-based apps. The best AWS Lab's git-secrets alternative is GitGuardian. It's not free, so if you're looking for a free alternative, you could try truffleHog or yara4pentesters. Other great apps like AWS Lab's git-secrets are repo-security-scanner, Yelp's detect-secrets, Cremit and Gitrob.
- Free • Open Source
GitGuardian is a global cybersecurity startup focusing on code security solutions for the DevOps generation. A leader in the market of secrets detection and remediation, its solutions are already used by hundred thousands developers in all industries.
License model
- Free Personal • Proprietary
Platforms
- Self-Hosted
- Software as a Service (SaaS)
GitGuardian Features
- 10 truffleHog alternatives
Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
License model
- Free • Open Source
Platforms
- Mac
- Windows
- Linux
truffleHog Features
Comments about truffleHog as an Alternative to AWS Lab's git-secrets
rules to identify files containing juicy information like usernames, passwords etc - DiabloHorn/yara4pentesters
License model
- Free • Open Source
Platforms
- Mac
- Windows
- Linux
yara4pentesters Features
CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys - UKHomeOffice/repo-security-scanner
License model
- Free • Open Source
Platforms
- Mac
- Windows
- Linux
repo-security-scanner Features
detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base.
License model
- Free • Open Source
Platforms
- Mac
- Windows
- Linux
Yelp's detect-secrets Features
Cremit is an all-in-one credential security platform designed for developers and security teams. This service integrates with source code version control systems, collaboration tools, and messaging platforms to effectively detect and manage secret information.
License model
- Freemium • Proprietary
Platforms
- Software as a Service (SaaS)
- Online
Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob will clone repositories belonging to a user or organization down to a configurable depth and iterate through the commit history and flag files that match signatures for...
License model
- Free • Open Source
Platforms
- Mac
- Windows
- Linux
Gitrob Features
It happens sometimes that you can commit secrets or passwords to your repository by accident. The recommended best practice is not commit the secrets, that's obvious. But not always that obvious when you have a big merge waiting to be reviewed.
License model
- Free • Open Source
Platforms
- Mac
- Windows
- Linux
Repo-supervisor Features
Audit git repos for secrets. Gitleaks provides a way for you to find unencrypted secrets and other unwanted data types in git source code repositories. As part of it's core functionality, it provides;
License model
- Free • Open Source
Platforms
- Mac
- Windows
- Linux
Gitleaks Features
truffleHog takes into account AWS secret keys as well as alternative high entropy keys such as API keys.