Skip to main content

Praetorian ‘open-sources’ its Nosey Parker secret scanning tool

posted onDecember 13, 2022
by l33tdawg
SC Magazine
Credit: SC Magazine

Offensive security company Praetorian on Monday announced that it "open-sourced" the regular expression (RegEx) scanning capabilities of its Nosey Parker secret scanning tool.

Nosey Parker aims to address the pervasive issue of secrets disclosure in source code and configuration files where sensitive information such as passwords, API keys, access tokens, asymmetric private keys, and credentials exist on public repositories. By discovering these keys, attackers can gain access keys to additional systems in a corporate network.

“Since the release of Nosey Parker, we have continued to find hard coded secrets within client environments that are easily leveraged to access high-value assets, but until now, the remedial advice felt lackluster with procedural and policy-based recommendations, said Anthony Paimany, technical director for Praetorian, In the months ahead, Praetorian users will also have the opportunity to explore or enumerate resources that appear on GitHub and other public repositories.

Source

Tags

Industry News

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th