A curated list of awesome GitHub Advanced Security secret scanning resources.
- GitHub Secret Scanning Vendor Patterns - a DataTables.js powered table, to sort by which are supported by validity checks, push protection, etc.
- advanced-security-material - GitHub Enterprise Server Version/Feature Matrix
- secret-scanning-custom-patterns - Examples of Custom Secret Scanning Patterns
- secret-scanning-tools - Testing Suite for GitHub Secret Scanning Custom Patterns
- secret-scanning-review-action - Action to detect if a secret is initially detected in a PR commit
- secret-scanning-notifications - A GitHub Action framework to send notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency
- teams-secret-scanning-notifier-azure-function - Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
- slack-secret-scanning-notifier-azure-function - Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
- policy-as-code - GitHub Advanced Security Policy as Code designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Scanning, Secret Scanning and Dependabot Security.
- probot-security-alerts - Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts
- ghes-secret-scanning-automation-tools - enable automatic resolution and reopening of Secret Scanning alerts on GitHub Enterprise Server
- GSSAR - GitHub Secret Scanning Auto Remediator (GSSAR)
- BFG Repo-Cleaner - tool that's built and maintained by the open source community. It provides a faster, simpler alternative to git filter-repo for removing unwanted data.
- git-filter-repo - Quickly rewrite git repository history (filter-branch replacement)
Contributions welcome! Read the contribution guidelines first.