SecretScanner | Awesome Repository

SecretScanner is a security tool designed to search filesystems and container images for unprotected passwords, API keys, and other sensitive data. It functions as a static secret detector and container image scanner that identifies hardcoded credentials by matching content against a database of known secret types.

The tool inspects container image layers to find secrets hidden within the filesystem hierarchy and parses local directories and host-mounted paths. It provides the ability to export scan findings in machine-readable JSON format for automated analysis and processing.

The scanning engine utilizes pattern-based string matching and multi-threaded file traversal to process data. Users can adjust scan parameters such as thread counts, file size limits, and path exclusions to manage the scope and performance of the search.

Features

Secret Detection - Identifies and prevents the exposure of sensitive credentials across files and container images.
Secrets Scanning - Provides a security tool for detecting hardcoded credentials and sensitive data across filesystems and container image layers.
Credential Auditing - Scans Docker and OCI images for hardcoded credentials before deployment to production.
Secret Detection - Scans container images specifically for the presence of sensitive credentials.

Features

Secret Detection - Identifies and prevents the exposure of sensitive credentials across files and container images.
Secrets Scanning - Provides a security tool for detecting hardcoded credentials and sensitive data across filesystems and container image layers.
Credential Auditing - Scans Docker and OCI images for hardcoded credentials before deployment to production.
Secret Detection - Scans container images specifically for the presence of sensitive credentials.