Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
truffleHog vs AWS Lab's git-secrets opinions
truffleHog takes into account AWS secret keys as well as alternative high entropy keys such as API keys.
Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob will clone repositories belonging to a user or organization down to a configurable depth and iterate through the commit history and flag files that match signatures for...
GitGuardian is a global cybersecurity startup focusing on code security solutions for the DevOps generation. A leader in the market of secrets detection and remediation, its solutions are already used by hundred thousands developers in all industries.
It happens sometimes that you can commit secrets or passwords to your repository by accident. The recommended best practice is not commit the secrets, that's obvious. But not always that obvious when you have a big merge waiting to be reviewed.