A curated list of awesome GitHub Advanced Security secret scanning resources.
- GitHub Docs - Supported secret scanning patterns
- advanced-security/advanced-security-material - GitHub Enterprise Server Version/Feature Matrix
📊 Pattern Counts — GitHub: 501 partner types, 418 with push protection | ADO: 332 partner types (Updated: 2026-03-31)
| Secret Protection Inventory | 2026-03-31 19:20:38Z |
|---|---|
| Number of Partner Secret Types | 501 (61 with variants) |
| Number of Unique Partner Providers | 196 |
| Number of Secret Types with Push Protection | 418 |
| Number of Secret Types with Validity Check | 136 |
| Number of Secret Types with Base64 Support | 20 |
| Number of Secret Types with Extended Metadata | 32 |
| Non-Partner Patterns | 10 (0 with validity checks) |
| Copilot Secret Scanning Patterns | 1 |
| Inventory Commit History | Docs |
| Secret Scanning Changelog | Changelog |
GHES Versions / Count
| GHES Version | Count | Push Protection | Validity Check | Base64 | Extended Metadata |
|---|---|---|---|---|---|
| 3.14 | 318 | 190 | 9 | 0 | 0 |
| 3.15 | 284 | 181 | 5 | 0 | 0 |
| 3.16 | 311 | 192 | 5 | 0 | 0 |
| 3.17 | 338 | 198 | 5 | 0 | 0 |
| 3.18 | 361 | 242 | 5 | 0 | 0 |
| 3.19 | 448 | 341 | 5 | 4 | 0 |
| 3.20 | 478 | 365 | 122 | 20 | 0 |
| 3.21 | 501 | 417 | 127 | 20 | 5 |
| Secret Scanning Inventory | 2026-03-31 19:20:38Z |
|---|---|
| Number of Partner Secret Types | 332 |
| Number of Secret Types with Push Protection | 171 |
| Number of Secret Types with Validity Check | 231 |
| Non-Partner Patterns | 18 ( 6 with validity checks) |
| Copilot Secret Scanning Patterns | 0 |
| Inventory Commit History | Docs Docs NonPartner |
| Secret Scanning Changes | Commits Commits Non-Partner |
- advanced-security/secret-scanning-custom-patterns - Examples of Custom Secret Scanning Patterns
- advanced-security/secret-scanning-tools - Testing Suite for GitHub Secret Scanning Custom Patterns
- advanced-security/secret-protection-custom-pattern-automation - Automate GitHub secret protection custom patterns
- advanced-security/secret-scanning-review-action - Action to detect if a secret is initially detected in a PR commit
- advanced-security/secret-scanning-notifications - A GitHub Action framework to send notifications to security manager team for any new or resolved secret scanning alerts based on a set frequency
- advanced-security/teams-secret-scanning-notifier-azure-function - Microsoft Teams notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
- advanced-security/slack-secret-scanning-notifier-azure-function - Slack notifier for Secret Scanning alerts from GitHub Advanced Security, using a GitHub App and Azure Function
- advanced-security/policy-as-code - GitHub Advanced Security Policy as Code designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Scanning, Secret Scanning and Dependabot Security.
- advanced-security/probot-security-alerts - Sample GitHub App which monitors and enforces rules for code scanning, Dependabot, and secret scanning alerts
- nicolaswill/ghes-secret-scanning-automation-tools - enable automatic resolution and reopening of Secret Scanning alerts on GitHub Enterprise Server
- cisco-open/gitguardian-to-ghas-importer - A Python tool that automatically closes GitHub Advanced Security (GHAS) secret scanning alerts by matching them with previously triaged false positives from GitGuardian exports.
- advanced-security/GSSAR - GitHub Secret Scanning Auto Remediator (GSSAR)
- rtyley/bfg-repo-cleaner - tool that's built and maintained by the open source community. It provides a faster, simpler alternative to git filter-repo for removing unwanted data.
- newren/git-filter-repo - Quickly rewrite git repository history (filter-branch replacement)
Contributions welcome! Read the contribution guidelines first.