codeanalysis tools on offsec.tools

Find multiple types of hardcoded secrets & types of infrastructure-as-code misconfigurations.

A Git source leak exploit tool that restores the entire Git repository, including data from stash.

Command-line tool that finds secrets and sensitive information in textual data and Git history.

Manual search tool to find bugs like a grep unix command.

Sensitive data detection tool capable of scanning source code repositories.

An enterprise friendly way of detecting and preventing secrets in code.

A static-code-analysis tool for performing security-focused code reviews.

Search millions of open source repositories.

String-based secret-searching tool, high entropy and regexes.

Crossplatform tool which help to perform static code analysis on mobile applications.

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

Yar is a tool for plunderin' organizations, users and/or repositories...

Identify hardcoded secrets in static structured text.

Find credentials all over the place.

A vast collection of security tools for bug bounty, pentest and red teaming