Skip to content

Secrets

Secrets Management

Tool Description
yopass
  • Secure sharing for secrets, passwords and files
vault-k8s
daytona
  • Lighter, alternative, implementation of the Vault client CLI primarily for services and containers
  • Its core features are the ability to automate authentication, fetching of secrets, and automated token renewal
kamus
  • Git-ops, zero-trust secret encryption and decryption solution for Kubernetes applicationsĀ 
sealed-secrets
  • A Kubernetes controller and tool for one-way encrypted Secrets
aws-vault
  • A vault for securely storing and accessing AWS credentials in development environments
sops
  • Secrets management
chamber
  • CLI for managing secrets
Google Secrets Manager
  • Store API keys, passwords, certificates, and other sensitive data
  • CLI library

Hooks

Tool Description
detect-secrets
  • Implement pre-commit hooks for secret detection
git-secrets
  • Prevents you from committing secrets and credentials into git repositories
talisman
  • Prevents you from committing authorization tokens and private keys

Scanners

Tool Description
KeyHacks
  • Verify if disclosed API keys are still valid
Gitrob
  • Reconnaissance tool for GitHub organizations
  • Usage:
    • $ export GITROB_ACCESS_TOKEN=<TOKEN>
    • $ gitrob <TARGET>
Gitleaks
  • Searches full repo history for secrets and keys
TruffleHog
  • Searches through git repositories for high entropy strings and secrets
Whispers
  • Static code analysis tool which identifies hardcoded secrets and dangerous behaviours
gitlab-watchman
  • Uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally