Whispers is a static code analysis tool for searching for hardcoded credentials and hazardous routines in a variety of common data types. Whispers can be used directly from the command line or as part of a continuous integration and delivery pipeline.
Detects:-
- Passwords are number one.
- Tokens for APIs 2.
- AWS credentials
- Access to confidential information
- Confidential information
- Tokens of identification
- Functions that are potentially dangerous
- Protected information
Disclaimer:- The intended use for the tool is strictly educational and should not be used for any other purpose.
Download link: https://github.com/Skyscanner/whispers