DEV Community: Repository-Scanner The latest articles on DEV Community by Repository-Scanner (@repositoryscanner). https://dev.to/repositoryscanner https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1119847%2Ff20c380e-12e8-47ad-96e7-072fc4c30eee.png DEV Community: Repository-Scanner https://dev.to/repositoryscanner en We got your secrets Repository-Scanner Fri, 14 Jul 2023 17:31:35 +0000 https://dev.to/repositoryscanner/we-got-your-secrets-j1o https://dev.to/repositoryscanner/we-got-your-secrets-j1o <p><strong>We got your secrets. Do you want ours?</strong></p> <p>Source code contains tons of sensitive information, like <em>personable identifiable information</em> in test data, <em>usernames and passwords</em> that someone forgot to parameterize, <em>private keys, personal access tokens</em> etc. You name it, you can find it.</p> <p>But what if you could scan Github repos, Azure DevOps repos, Bitbucket repos? And if the secrets are neatly organized, easy to triage, sorted and transformed into usable metrics?</p> <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--Qucqquba--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/upqnmn1gd9y3yea3xyyh.png" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--Qucqquba--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_800/https://dev-to-uploads.s3.amazonaws.com/uploads/articles/upqnmn1gd9y3yea3xyyh.png" alt="Image description" width="800" height="342"></a></p> <p>With <strong>Repository Scanner</strong> (licensed under MIT) you can do it all. Repository Scanner is an Enterprise Grade open source project, running in isolation as a continuous monitoring agent or running in pipelines as a CI stage, which captures secrets and presents the data in an easy to consume manner to Red Teams, Security Consultants, Test teams, Developers, CICD maintenance, Management (metrics) and every other interested stakeholder.</p> <p>Try it out (again, fully licensed under MIT) via <a href="https://github.com/abnamro/repository-scanner">https://github.com/abnamro/repository-scanner</a> and leave a ⭐️ star if you like what you see.</p> secrets secretdetection opensource sourcecode