A free and open source tool called “Truffle Hog” can help developers check if they have accidentally leaked any secret keys through the projects they publish on GitHub.

Truffle Hog is a Python tool designed to search repositories, including the entire commit history and branches, for high-entropy strings that could represent secrets, such as AWS secret keys.