SecretScanner is an open-source tool for discovering passwords, API, tokens
SecretScanner is an open-source tool designed to detect unprotected secrets in container images and file systems. It helps users identify sensitive data such as passwords and API keys that may be inadvertently exposed due to security flaws. The tool is integrated into ThreatMapper, which assesses vulnerabilities in cloud-native applications.
- ▪SecretScanner retrieves and searches container and host filesystems for sensitive data.
- ▪It matches contents against a database of approximately 140 secret types.
- ▪The tool outputs a JSON file detailing all secrets found during the scan.
Opening excerpt (first ~120 words) tap to expand
SecretScanner SecretScanner Deepfence SecretScanner can find unprotected secrets in container images or file systems. SecretScanner is a standalone tool that retrieves and searches container and host filesystems, matching the contents against a database of approximately 140 secret types. SecretScanner is also included in ThreatMapper, an open source scanner that identifies vulnerable dependencies and unprotected secrets in cloud native applications, and ranks these vulnerabilities based on their risk-of-exploit (example) What are Secrets? Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure (such as accounts, devices, network, cloud based services), applications, storage, databases and other kinds of critical data…
Excerpt limited to ~120 words for fair-use compliance. The full article is at GitHub.