• Stars
    star
    1,121
  • Rank 41,479 (Top 0.9 %)
  • Language
    Go
  • License
    MIT License
  • Created almost 8 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

goreleaser

repo-security-scanner

  • CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
  • Run it against your entire repo's history by piping the output from git log -p

Installation

  1. Download the latest stable release of the CLI tool for your architecture
  2. Extract the tar and move the scanrepo binary to somewhere in your $PATH, eg /usr/bin

Usage

Check the entire history of the current branch for secrets.

$ git log -p | scanrepo

------------------
Violation 1
Commit: 4cc087a1b4731d1017844cc86323df43068b0409
File: web/src/db/seed.sql
Reason: "SQL dump file"

------------------
Violation 2
Commit: 142e6019248c0d53a5240242ed1a75c0cc110a0b
File: config/passwords.ini
Reason: "Contains word: password"

...

Add false positives to .secignore

$ cat .secignore
file/that/is/not/really/a/secret/but/looks/like/one/to/diffence
these/pems/are/ok/*.pem

See example in this repo.


Notifications

Work in progress.

Local Testing

Set environment variables needed

Create env file and update environment variables.

$ cp .env{.example,}
# update .env values
$ vi .env
$ source .env

Launch containers

$ docker-compose up -d

Run test offenses

$ make test-run-offenses

Debugging Elastalert

$ docker exec -it <elastalert_container_hash> sh
# run elastalert test rule utility within elastalert container
$ elastalert-test-rule --config $ELASTALERT_CONFIG --count-only "$RULES_DIRECTORY/new_violation.yaml"
$ elastalert-test-rule --alert --config $ELASTALERT_CONFIG "$RULES_DIRECTORY/new_violation.yaml"
# run elastalert in debug mode
$ elastalert --config "$ELASTALERT_CONFIG" --rule "$RULES_DIRECTORY/new_violation.yaml" --debug

Logs

$ tail -f /log/elastalert_new_violation_rule.log

More Repositories

1

systemdlogger

Exports systemd logs to an external service, eg cloudwatch, elasticsearch
Python
90
star
2

node-version-assets

Version your static assets with MD5 hashes using node.js
JavaScript
63
star
3

appsync-realtime-vanillajs

Example realtime serverless application using websockets built on AWS Appysnc.
JavaScript
37
star
4

terraform-aws-lambda-api-gateway

Terraform module which deploys a serverless HTTP endpoint backed by AWS Lambda & API Gateway
HCL
37
star
5

Backbone-Responsive-CSS3-Page-Transitions

CSS3 hardware accelerated page transitions optimised for fluid layouts
JavaScript
35
star
6

python-serverless-api

Boilerplate flask app that is portable between different serverless platforms (AWS, Azure, GCP).
Shell
25
star
7

google-docs-cms

Use google sheets as your cms
JavaScript
18
star
8

appsync-elasticsearch-geosearch

Example Geo Search API built on AWS Appysnc & Elasticsearch
Shell
16
star
9

dynamodbtocsv

Downloads an AWS DynamoDB table and exports to CSV
Python
15
star
10

go-serverless-api

Boilerplate Golang API with AWS Severless Application Model (SAM) Deployment to AWS Lambda & API Gateway
Go
9
star
11

diffence

Checks a git diff for offensive content
Go
7
star
12

Backbone-CSS3-Page-Transitions-CSS-Frameworks-Demos

CSS Frameworks demo code used on Backbone Responsive CSS3 Page Transitions project site.
JavaScript
4
star
13

PDO-Quick

A lightweight PHP class that securely handles PDO connections and includes simple querying methods
PHP
3
star
14

custom-errors

Custom Javascript Error Classes optimised for error logging
JavaScript
3
star
15

elasticsearchquery

Runs queries against AWS elasticsearch deployments
Python
3
star
16

terraform-aws-s3website

Terraform modules to create a static website hosted on AWS S3 and set up MX records
HCL
3
star
17

Backbone-Responsive-CSS3-Page-Transitions-iScroll-Plugin

iScroll plugin for the Backbone Responsive CSS3 Page Transitions
JavaScript
3
star
18

express-validate-requests

validate and sanatize requests in express.js
JavaScript
2
star
19

dot-files

dot file examples
JavaScript
2
star
20

ng-countdown

countdown or up on scroll
JavaScript
1
star
21

go-stemmer

The Porter Stemming algorithm in Go
Go
1
star
22

log-errors

Node.js error logger, can be used as standalone or with express.js
JavaScript
1
star
23

d3-barchart

lightweight barchart for d3
JavaScript
1
star
24

isfunction

is it a function?
JavaScript
1
star
25

rosetta-cloud

Translation of cloud terminology
1
star