credential digger v3.2 releases: identifies hardcoded credentials
Credential Digger is a GitHub scanning tool that identifies hardcoded credentials (Passwords, API Keys, Secret Keys, Tokens, personal information, etc), filtering the false positive data through machine learning models. It supports Python 3.6 and works only with LINUX systems.
Credential Digger finds credentials hardcoded in a repository. The tool is composed of:
- Postgres database
- Python client
- User interface
The database is structured in the following way (arrows point to foreign keys).
The project includes 3 components: a db (sql folder), a client (credentialdigger folder), and a user interface (ui folder).
create_table.sql defines the db schema.
Note that, given the file_name and commit_hash of discovery, both the commit and the file can be accessible at addresses:
This client can be used to easily interact with the db. It offers a scanner for git repositories, based on Hyperscan (others can be implemented). Please note that the database must be up and running.
The user interface can be used to easily perform scans and flag the discoveries.
Add new features for the UI:
- possibility to lock the UI with a master password
- possibility to enable HTTPS
Copyright (C) 2020 SAP