Secret scanning and credential detection tools

Search for:

Secret scanning and credential detection tools

View all MCP Servers

Why this server?
This server is an excellent fit because it explicitly mentions 'comprehensive security scanning of code repositories to detect secrets, vulnerabilities,' which directly aligns with the capabilities of CredSweeper and GitGuardian.
Security Scanner MCP Server
Security Version Control Code Analysis
rupeedev
A
license
-
quality
C
maintenance
Enables comprehensive security scanning of code repositories to detect secrets, vulnerabilities, dependency issues, and configuration problems. Provides real-time security checks and best practice recommendations to help developers identify and prevent security issues.
Last updated 2025-08-07
4
2
MIT
Why this server?
This server is a strong match as it enables 'security scanning of codebases through integrated tools for secret detection, SCA, SAST, and DAST vulnerabilities,' covering the core functions of the reference tools.
Security MCP Server
Security Code Analysis Testing & QA Tools
michoo
A
license
-
quality
C
maintenance
Enables security scanning of codebases through integrated tools for secret detection, SCA, SAST, and DAST vulnerabilities, with AI-powered remediation suggestions based on findings.
Last updated 2025-09-30
MIT
Why this server?
This server fits well by enabling 'comprehensive security scanning of code projects, detecting vulnerabilities... and exposed secrets,' which is a primary function of tools like CredSweeper and GitGuardian.
MCP Security Scanner
Security Code Analysis Testing & QA Tools
JMitac
A
license
A
quality
C
maintenance
Enables comprehensive security scanning of code projects, detecting vulnerabilities in dependencies, code patterns (XSS, eval, etc.), and exposed secrets, with detailed reports in Spanish prioritized by severity.
Last updated 2025-12-09
4
3
MIT
Why this server?
This server is a good fit because it enables 'security auditing... with tools like Semgrep, Trivy, Gitleaks,' where Gitleaks is a well-known secret detection tool similar to CredSweeper and GitGuardian.
MCP Shamash
Security Penetration Testing Testing & QA Tools
NeoTecDigital
F
license
B
quality
C
maintenance
Enables security auditing, penetration testing, and compliance validation with tools like Semgrep, Trivy, Gitleaks, and OWASP ZAP. Features strict project boundary enforcement and supports OWASP, CIS, and NIST compliance frameworks.
Last updated 2026-02-28
7
Why this server?
This server is highly relevant as it 'automatically detects security vulnerabilities... scanning for hardcoded secrets' across various programming languages, directly matching the user's intent.
Security Scanner MCP
Code Analysis Security Testing & QA Tools
ongjin
A
license
-
quality
C
maintenance
Automatically detects security vulnerabilities in AI-generated code, scanning for hardcoded secrets, injection flaws, XSS, weak cryptography, authentication issues, path traversal, and vulnerable dependencies across JavaScript, Python, Java, and Go.
Last updated 2025-12-29
5
2
MIT
Why this server?
This server is a great fit because it 'integrates 15+ static application security testing tools (Semgrep, Bandit, TruffleHog, etc.)...' TruffleHog is specifically designed for secret detection, similar to the tools mentioned.
SAST MCP Server
Security Testing & QA Tools Developer Tools
Sengtocxoen
A
license
-
quality
C
maintenance
Integrates 15+ static application security testing tools (Semgrep, Bandit, TruffleHog, etc.) with Claude Code AI, enabling automated vulnerability scanning and security analysis through natural language commands. Supports cross-platform operation with remote execution on dedicated security VMs.
Last updated 2026-04-17
6
MIT
Why this server?
This server provides 'security scanning of code projects to identify common vulnerabilities,' aligning with the general vulnerability detection aspect of the tools mentioned.
Risk Audit MCP
Security Code Analysis Testing & QA Tools
rachellarralde
A
license
-
quality
-
maintenance
Enables security scanning of code projects to identify common vulnerabilities like XSS, injections, SSRF, and path traversal issues. Provides local, offline scanning with severity-grouped results and actionable fix suggestions for improving code security.
Last updated 2025-12-19
38
Why this server?
This server performs 'comprehensive dependency security audits for both local projects and remote repositories,' which is a key security scanning function related to the user's search.
mcp-web-audit
Security Developer Tools Testing & QA Tools
Shen-zhihao
A
license
B
quality
C
maintenance
A Node.js-based frontend security audit tool that performs comprehensive dependency security audits for both local projects and remote repositories. Generates detailed Markdown reports with vulnerability detection, risk assessment, and fix recommendations.
Last updated 2025-11-25
1
2
7
ISC
Why this server?
This server provides 'Trivy security scanning capabilities... to scan projects for vulnerabilities,' offering a general-purpose vulnerability scanning similar to parts of CredSweeper/GitGuardian.
Trivy Security Scanner MCP
Testing & QA Tools Security Developer Tools
norbinsh
A
license
-
quality
C
maintenance
Provides Trivy security scanning capabilities through a standardized interface, allowing users to scan projects for vulnerabilities and automatically fix them by updating dependencies.
Last updated 2025-02-18
10