Skip to content

Scan git repos for secrets using regex and entropy 🔑

License

Notifications You must be signed in to change notification settings

ethanwlo/gitleaks

 
 

Repository files navigation

gitleaks

Travis

Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks aims to be the easy-to-use, all-in-one solution for finding secrets, past or present, in your code.

Features:

  • Scans for commited secrets
  • Scans for uncommitted secrets as part of shifting security left
  • Available Github Action
  • Gitlab and Github API support which allows scans of whole organizations, users, and pull/merge requests
  • Custom rules via toml configuration
  • High performance using go-git
  • JSON and CSV reporting
  • Private repo scans using key or password based authentication

Installation, Documentation and Examples

This project is documented here

Sponsors ❤️

Corporate Sponsors

gammanet

Gamma proactively detects and remediates data leaks across cloud apps. Scan your public repos for secret leaks with Gamma

Individual Sponsors

These users are sponsors of gitleaks:

Adam Shannon

Logo Attribution

The Gitleaks logo uses the Git Logo created Jason Long is licensed under the Creative Commons Attribution 3.0 Unported License.

About

Scan git repos for secrets using regex and entropy 🔑

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 96.8%
  • Makefile 1.8%
  • Other 1.4%