top | item 13668248

(no title)

sublimino | 9 years ago

Open source alternatives for Git repos (ideally run in the pipeline):

https://github.com/dxa4481/truffleHog - "Searches through git repositories for high entropy strings, digging deep into commit history"

https://github.com/ezekg/git-hound - "Hound is a Git plugin that helps prevent sensitive data from being committed into a repository by sniffing potential commits against PCRE regular expressions"

https://github.com/michenriksen/gitrob - "The tool will iterate over all public organization and member repositories and match filenames against a range of patterns for files that typically contain sensitive or dangerous information"

https://github.com/awslabs/git-secrets - "Prevents you from committing passwords and other sensitive information to a git repository"

discuss

empath75|9 years ago

A lot of those require lists of regexes-- is there a canonical list of secret regexes somewhere?

ezekg|9 years ago

Thanks for the shout out! I was wondering what brought in the recent stargazers. Happy to share my commonly-used regexes.