High-performance secrets scanner. CLI, Go library, Burp Suite extension, and Chrome extension. 487 detection rules with live credential validation.

A Python CLI tool that scans all repositories owned by a GitHub user/org for accidentally committed secrets (API keys, tokens, passwords, private keys, etc.).

NFS share secret and credential finder

A lightweight, cross-platform CLI tool that scans your filesystem to detect exposed secrets, API keys, and tokens. Built with Go for maximum performance and zero dependencies.

MCP-native secret scanner in one fast Rust binary: engine, CLI, and MCP server. Finds API keys and secrets, skips known-public fixtures, verifies live keys with a real provider call, and applies env-var rewrites. Privacy invariant: the raw secret never leaves disk.

Global term search for GitLab via gitlab-python

System instructions and tools for AI assistant

Exposure intelligence for the AI-infrastructure layer — finds and weighs leaked credentials, MCP/agent configs, git-metadata secrets, and supply-chain risk, and tells you which exposures to trust. Active verification, orphan-signal triage, SARIF dedup. OWASP LLM + MITRE ATLAS tagged.

JavaScript Intelligence Engine - SPA bundle'larindan secret/endpoint/source-map cikartan tek dosya ofansif recon araci. 63 secret regex'i, Source Map V3 dekoderi, webpack chunk parser, multi-format cikti. Bug bounty + self-audit.

A desktop GUI application for scanning GitHub repositories and commit history to detect sensitive information such as API keys, passwords, tokens, environment files, and other security vulnerabilities.

High-performance open-source secret scanner — detect, verify & report leaked API keys, tokens & credentials in code, Git history, container images, and the cloud.

Ruby gem for leakferret, the MCP-native secret scanner. gem install leakferret, then leakferret scan . Precompiled platform gems bundle the Rust binary (no download; audit with gem unpack); honors LEAKFERRET_BIN. No scanning logic in the wrapper.

Local machine secret scanner — find exposed credentials, API keys, and sensitive data. Zero dependencies, cross-platform.

🚀 Scan and validate secrets quickly with Leaktor, ensuring your code stays secure and free from sensitive data leaks.

Go installer for leakferret, the MCP-native secret scanner. go install github.com/leakferrethq/leakferret-go/cmd/leakferret@latest. Fetches the prebuilt Rust binary from GitHub Releases and execs it; honors LEAKFERRET_BIN for offline use. No scanning logic in the wrapper.

Python CLI tool that detects exposed API keys, passwords, and credentials in codebases using regex pattern matching and Shannon entropy analysis.

GitHub Action for leakferret, the MCP-native secret scanner. uses: leakferrethq/leakferret-action@v1. Composite action that scans your repo for verified secret leaks and uploads SARIF to GitHub Code Scanning. Baseline support fails CI only on new leaks.

Find and remove secrets from your git history — before someone else does.

🛡️ Find your own leaked AI/LLM API keys before someone else does — local-first secret scanner that never validates, pools, or stores a key. pip install holtzman

Fast secret & credential scanner for codebases and git history — 47 rules, beautiful terminal UI, pre-commit hook, CI/CD ready