Git & other VCS

From the section:

TruffleSecurity (): find and verify credentials.

(): a fast, light-weight, portable, and open-source secret scanner for git repositories, files, and directories.

Deepfence : find secrets and passwords in container images and file systems.

TruffleSecurity : a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

: a YARA powered static credential scanner which suports binary file formats, analysis of nested archives, composable rulesets and ignore lists, and SARIF reporting.

: Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos.

AWS Labs : Prevents you from committing secrets and credentials into git repositories

Yelp : An enterprise friendly way of detecting and preventing secrets in code.

Auth0 : a tool that helps you to detect secrets and passwords in your code.

: secure your software development lifecycle with enterprise-grade secrets detection. Eliminate blind spots with our automated, battle-tested detection engine.

: discover, classify, and remove secrets and keys to protect your organization and maintain compliance.

: monitor, classify, and protect your code, assets, and infrastructure for exposed API keys, tokens, credentials, and high-risk security misconfigurations in a simple way, without noise.

From the section:

: safeguard cryptographic keys and other secrets used by cloud apps and services.

: helps you manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles.

: create and control keys used to encrypt or digitally sign your data.

: a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data.

: manage encryption keys on Google Cloud.

: manage access to secrets and protect sensitive data.

: Safely store secrets in a VCS repo (i.e. Git, Mercurial, Subversion or Perforce).

: enable developers with a secure vault for credentials, certificates and keys.

: the uncomplicated way to sync, manage, orchestrate, and rotate secrets across any environment or app config with easy to use tools.

Mozilla (Secrets OPerationS): simple and flexible tool for managing secrets.

(): a productivity secret manager for developers supporting cloud-native apps and multiple cloud providers. Mix and match all vaults and other key stores and safely use secrets as you code, test, and build applications.

(): automatically secures secrets used by privileged users and machine identities.

(): the slightly more awesome standard UNIX password manager for teams.

: a key and secret workflow (validation, invalidation, etc.) tool built in Rust.

: a service for storing and rotation of secrets, keys, and passwords used by other services.

: Encrypt and decrypt files to store them inside a git repository. git-tresor uses AES-256 encryption. Every file or directory has it's own password. This enables you to commit encrypted files either in a separate git repository or inside the same repository where your secret files are needed (f.e. Android-Keystores or Signing-Certificates for Apple).

: encryption/decryption utility for Ansible data files.

: securely manage passwords, certs, and other secrets in Chef.

(⚠️): a very simple, easy to use credential management and distribution system that uses AWS Key Management Service (KMS) for key wrapping and master-key storage, and DynamoDB for credential storage and sharing.

: removes large or troublesome blobs like git-filter-branch does, but faster.

: a versatile tool for rewriting history.

: lets you rewrite Git revision history by rewriting the branches.

[1]:

[2]:

[3]: