DayOfCrypto
  • Home
No Result
View All Result
DayOfCrypto
No Result
View All Result
DayOfCrypto
Home Other
new-web-app-scans-github-for-secrets-like-crypto-keys-and-passwords

New Web App Scans GitHub For Secrets Like Crypto Keys And Passwords

by Admin
October 30, 2019
in Other
280 12
0
Share on FacebookShare on Twitter

A new web app called Shhgit will scan the GitHub code repository and search for sensitive secrets, such as private crypto keys and passwords.

A new web app, called “Shhgit”, will scan the web-based GitHub code repository and search for sensitive secrets, such as private crypto keys.

Scanning for private crypto keys and passwords

On Oct. 17, programmer and security expert Paul Price introduced his new tool, Shhgit. Shhgit scans for secrets across public code repositories that sometimes end up in the hands of bad actors and ultimately have the potential to cause significant data breaches.

Price said that finding these potentially harmful secrets across GitHub is nothing new. According to the programmer, there are tons of open-source tools available, such as gitrob and truggleHog, which all dig into “commit history to find secret tokens from specific repositories, users or organisations.”

Price added that software developers, who sometimes unwillingly leak secrets across public code repositories, should ensure secrets don’t end up in their code base in the first place. At a minimum, Price said, “config files should be encrypted with a environment-based key.”

Although scanning for secrets in public code repositories has existed since the launch of GitHub, some recent data breaches, such as the Capital One hack that left the personal data of over 100 million individuals exposed, show severe implications of faulty security that can lead to reputational damage and huge fines. 

Price states that his tool can help in finding any secrets accidentally committed in real time, which should give developers the time to delete any sensitive information before hackers can have a field day with anybody’s private information.

Bitcoin has never been hacked

In July, Paige Thompson allegedly stole the confidential data for around 106 million Capital One customers’ accounts and credit card applications. The hacker allegedly gained access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, as well as data pertaining to customers’ credit scores, credit limits and balances.

Tags: BlockchainHacksPrivate Keys

Admin

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

Follow Us

Popular Tag

Adoption Banks Binance Binance Coin Bitcoin Bitcoin Cash Bitcoin Price Bitcoin Regulation Bitcoin SV Blockchain Central Bank China Coinbase Crimes Cryptocurrencies Cryptocurrency Exchange EOS Ethereum Ethereum Price Facebook Germany Government Investments Japan Law Libra Litecoin Markets Market Update Mining Payments Regulation Ripple SEC Security South Korea Stablecoin Stellar Switzerland Tokens Tradings Transactions USA Wallet XRP

Recent News

Poloniex Review – Buy and sell cryptocurrencies, Bitcoin, Registration, Safety, Reference

Poloniex Review – Buy and sell cryptocurrencies, Bitcoin, Registration, Safety, Reference

November 8, 2020
Bitstamp Review – Buy and sell Bitcoin and cryptocurrencies, Registration, Safety, Reference

Bitstamp Review – Buy and sell Bitcoin and cryptocurrencies, Registration, Safety, Reference

November 8, 2020
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2021 JNews - Premium WordPress news & magazine theme by Jegtheme.

No Result
View All Result
  • Home

© 2021 JNews - Premium WordPress news & magazine theme by Jegtheme.

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version
Skip to toolbar
  • About WordPress
    • WordPress.org
    • Documentation
    • Support
    • Feedback
  • Log In
  • AMP
    • View AMP version