SecretScanner
SecretScanner copied to clipboard
deepfence
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
I suggest creating a GitHub Action for SecretScanner to allow developers to easily have their code changes scanned for secrets (such as validation of Pull Requests before they are merged)....
Exclude files and secrets which comes with the system like - `/etc/ssh/ssh_host_dsa_key` - shadow files
For diversity/inclusion reasons, replace 'blacklist' with 'exclude': Config keys: * blacklisted_strings * blacklisted_extensions * blacklisted_paths * blacklisted_entropy_extensions Error messages: * "Blacklisted string %s matched" * "matchString: Skipping matches containing blacklisted...
I'm getting this error: ``` output/output.go:11:2: github.com/deepfence/[email protected] (replaced by ./agent-plugins-grpc): reading agent-plugins-grpc/go.mod: open /go/src/github.com/deepfence/SecretScanner/agent-plugins-grpc/go.mod: no such file or directory ```
Hello, I run SecretScanner as a http server. But I do not know how to use curl command to POST data to http server. This is my example: ``` curl...
Add more signatures to the config https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
Hello In match.go we use filepath to get file ext info But if this path string without ext name, it will get null value I refactor filepath to [mimetype](https://github.com/gabriel-vasile/mimetype) It...
The secret scanner process running inside agent gets Killed on VM 143.198.68.242 Process log: ``` "Full File Name": "/fenced/mnt/host/var/snap/docker/common/var-lib-docker/overlay2/5043b3ac304141297e67251e1ce08efd890a2e0b738a4fdc0087daee3d95ca9c/diff/var/log/dpkg.log", "Matched Contents": ".log" } Killed ``` top: ``` PID USER PR...
1. Type: circle ci config file keys such as auth, username, password is not detected Ex: auth: username: circleclidockeruser password: circleclidockerpassword # context / project UI env-var reference 2. API...
Hi, When the image scan is executed the SecretScanner runs `docker save` and then extract the content of the saved `tar` then perform a scan on it. It would be...
