Secrets

VaultGo

A tool for securely accessing secrets, providing encryption as a service, and managing privileged access.

VaultGo

A tool for secrets management, encryption as a service, and privileged access management.

InfisicalTypeScript

An open-source platform for secrets management, certificate lifecycle, and privileged access management with self-hosting options.

truffleHogGo

A secrets scanning tool that discovers, classifies, validates, and analyzes leaked credentials across multiple sources.

truffleHogGo

A secrets scanning tool that discovers, classifies, validates, and analyzes leaked credentials across multiple sources.

dotenvJavaScript

A zero-dependency module that loads environment variables from a .env file into process.env for Node.js applications.

Deepfence SecretScannerGo

A standalone tool that finds unprotected secrets like passwords and API keys in container images and file systems.

TellerRust

A universal secret manager CLI for developers that centralizes secrets from multiple providers and prevents secret sprawl.

KeywhizJava

A system for distributing and managing secrets, now deprecated in favor of HashiCorp Vault.

Secrets Patterns DatabasePython

The largest open-source database of regex patterns for detecting secrets, API keys, passwords, and tokens in code.

WrongSecretsJava

An OWASP training app with 62 challenges demonstrating real-world secrets management mistakes and how to find them.

WhalerGo

A Go program that reverse engineers Docker images to reconstruct the original Dockerfile.

Publish a Python distribution package to PyPIPython

A GitHub Action for securely publishing Python packages to PyPI using trusted publishing (OIDC) without requiring API tokens.

kingfisherRust

A high-performance open-source secret scanner with live validation, blast radius mapping, and 700+ detection rules for code, Git, CI, cloud, and SaaS platforms.

ConjurRuby

An open-source secrets management and machine identity solution for securing privileged access in modern infrastructure.

repo-supervisorJavaScript

A security tool that scans code for secrets and passwords in JSON, JavaScript, and YAML files via CLI or GitHub PR webhooks.

Sup3rS3cretMes5ageGo

A secure, self-destructing message service using HashiCorp Vault for temporary secret storage.

Secrets Sync ActionTypeScript

A GitHub Action that synchronizes secrets from a single source repository to multiple target repositories using regex patterns.

Spiffe-VaultGo

Integrates SPIFFE SVID authentication with Hashicorp Vault to enable secretless authentication and keyless operations.

secrets.cljClojure

A Clojure library for generating cryptographically strong random numbers, tokens, and secrets.