Whispers is a static code analysis tool for searching for hardcoded credentials and hazardous routines in a variety of common data types.

Whispers can be used directly from the command line or as part of a continuous integration and delivery pipeline.

Detects:-

  1. Passwords are number one.
  2. Tokens for APIs 2.
  3. AWS credentials
  4. Access to confidential information
  5. Confidential information
  6. Tokens of identification
  7. Functions that are potentially dangerous
  8. Protected information

 

Disclaimer:- The intended use for the tool is strictly educational and should not be used for any other purpose.

 

Download link: https://github.com/Skyscanner/whispers