New Open-Source Secret Scanner Kingfisher Built in Rust Validates Exposed Credentials and Maps Permissions

Kingfisher is an open-source secret scanner (Apache-2.0) developed in Rust that combines Hyperscan with tree-sitter parsing to detect exposed credentials. The tool can validate detected credentials in real-time against provider APIs, directly revoke compromised credentials, and map accessible permissions. It can scan various sources including Git repositories, GitHub, GitLab, Azure Repos, Bitbucket, AWS S3, GCS, Docker images, Jira, Confluence and Slack, and operates entirely on-premise without sending secrets to third-party services.