Global Exchange: A new web app called "Shhgit' scans GitHub code repository for private crypto news!
A security expert by name Paul Price launched a new tool called 'Shhgit'. This tool scans across repositories which might be stolen by bad actors. This can also cause security breaches.
According to Paul Price, there are many other open-source tools like gitrob and trugglehog which can "commit history to find secret tokens from specific repositories, users or organizations."
Price also added that "config files should be encrypted with an environment-based key."
Although scanning for secrets in public code repositories has existed since the launch of GitHub, some recent data breaches, such as the Capital One hack that left the personal data of over 100 million individuals exposed, show severe implications of faulty security that can lead to reputational damage and huge fines.
Price states that his tool can help in finding any secrets accidentally committed in real-time, which should give developers the time to delete any sensitive information before hackers can have a field day with anybody’s private information.