The developer Zachary Rice published on GitHub utility called Gitleaks, which audits repos and finds apps' confidentional data, put there by mistake.
Gitleaks offers faster audits, the ability to audit organizations and users, and the ability to whitelist branches, commits, files, and regexes. Gitleaks clones a single repo or a set of repos then runs a regex check for keys or whatever you specify against all commits in default HEAD and/or all references.
The program checks git-repositories for the presence of RSA- and SSH-keys, as well as unique signs of access to Facebook or Amazon's web services.
The update added the following functions:
- Scanning of all subdirectories, in addition to origin / HEAD;
- concurrency control;
- structured testing;
- formation of "white lists";
- use of regular expressions.
Learn more at GitHub.
Developers of the GitHub web service are working to improve security. In mid-July 2018, they added Python to a list of programming languages for which automatic vulnerability checking is implemented.