FIXME **Le PAD pour proposer une amΓ©lioration Γ  cette page :** https://pad.zenk-security.com/p/merci ====== GITHUB LEAK ====== πŸ›  Github Scraper For Static Code Analysis https://github.com/cwinfosec/github_autopwn πŸ›  Prevents you from committing secrets and credentials into git repositories https://github.com/awslabs/git-secrets πŸ›  shhgit - find GitHub secrets in real time. https://github.com/eth0izzle/shhgit/ πŸ›  Check for known vulnerabilities in public GitHub repos, npm packages and Docker images https://snyk.io/test/ πŸ›  A repository with 3 tools for pwn'ing websites with .git repositories available https://github.com/internetwache/GitTools πŸ›  Audit git repos for secrets https://github.com/zricethezav/gitleaks πŸ›  Searches through git repositories for high entropy strings and secrets, digging deep into commit history https://github.com/dxa4481/truffleHog πŸ›  Python script to scan Git repos for interesting strings https://github.com/Dionach/reposcanner πŸ›  This tool is for sensitive information searching on Github https://github.com/Hell0W0rld0/Github-Hunter πŸ›  Github Hunter rewritten by Golang and add new feature https://github.com/Hell0W0rld0/Github_Hunter_By_Golang πŸ›  A tool to capture all the git secrets by leveraging multiple open source git searching tools https://github.com/anshumanbh/git-all-secrets πŸ›  GitHound pinpoints exposed API keys on GitHub using pattern matching, commit history searching, and a unique result scoring system. A batch-catching, pattern-matching, patch-attacking secret snatcher. https://github.com/tillson/git-hound πŸ›  Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob will clone repositories belonging to a user or organization down to a configurable depth and iterate through the commit history and flag files that match signatures for potentially sensitive files. The findings will be presented through a web interface for easy browsing and analysis. https://github.com/michenriksen/gitrob πŸ›  a tools to extract secret/private tokens from continous integration build logs on github.it would be usefull for finding secret/private tokens. https://github.com/abdilahrf/shania πŸ›  A project designed to parse public source code repositories and find various types of vulnerabilities. https://github.com/IOActive/RepoSsessed