Posting information about a new security tool I am releasing; called [Scan7](https://github.com/bmarsh9/scan7). Its a Open Source project that performs license, vulnerability and secret detection against Git repo’s. It is ideal for performing out-of-band scanning of all your private/public repositories.
More info is in the README but decided to write this b/c there really isn’t a good, open-source tool to perform all 3 (license, vuln, secrets). Feel free to try it out and/or contribute. Lots of improvements to be done!