SecretScanner

detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base. However, unlike other similar packages that solely focus on finding secrets, this package is designed with the enterprise client in mind: providing a backwards compatible, systematic means of: Preventing new secrets from entering the code base, Detecting if such preventions are explicitly bypassed, and Providing a checklist of secrets to roll, and migrate off to a more secure storage.

The first platform scanning all GitHub public activity in real time for API secret tokens, database credentials or vault keys. Be alerted in seconds. Integrate in minutes.