Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Bicep
- Ci
- Dockerfile
- Dockerfile
- Html-templates
- Hugo
- Nginx
- Secrets
- Unicode
- Visualforce
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Security
GitHub Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Generic Secret detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Google (GCM) Service account detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
linux shadow file detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Square OAuth Secret detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
AWS Session Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Google API Key Detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Google OAuth url detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Telegram Bot API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Artifactory token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Username and password in URI detected
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Sauce Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Generic API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Detects potential Google Maps API keys in code
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory
OWASP:
- A3:2017 Sensitive Data Exposure
Slack Webhook detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Amazon MWS Auth Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Something that looks like a PGP private key block is detected. This is a potential hardcoded secret that could be leaked if this code is committed. Instead, remove this code block from the commit.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Stripe API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
MailChimp API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
JWT token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-321: Use of Hard-coded Cryptographic Key
OWASP:
- A02:2021 - Cryptographic Failures
NPM registry authentication token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Private Key detected. This is a sensitive credential and should not be hardcoded here. Instead, store this in a separate, private file.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
SoftLayer API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
SonarQube Docs API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Artifactory token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Snyk API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Square Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Facebook Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
AWS Access Key ID Value detected. This is a sensitive credential and should not be hardcoded here. Instead, read this value from an environment variable or keep it in a separate, private file.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
AWS Secret Access Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
SSH Password detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Mailgun API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
AWS Account ID detected. While not considered sensitive information, it is important to use them and share them carefully. For that reason it would be preferrable avoiding to hardcoded it here. Instead, read the value from an environment variable or keep the value in a separate, private file.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Kolide API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Google Cloud API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
AWS AppSync GraphQL Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
bcrypt hash detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Stripe Restricted API Key detected
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Picatic API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
SendGrid API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
PayPal Braintree Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Google OAuth Access Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Heroku API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Facebook OAuth detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Outlook Team detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
HockeyApp detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Slack Token detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
Twilio API Key detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures
CodeClimate detected
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures