gitleaks
gitleaks/gitleaks
Find secrets with Gitleaks
Overview
A tool for detecting secret values like passwords, API keys, and tokens in Git repositories.
Categories
Tags
Similar tools
ECC
affaan-m/ECC
The agent harness performance optimization system
AutoGPT
Significant-Gravitas/AutoGPT
AutoGPT: Build, Deploy, and Run AI Agents
prompts.chat
f/prompts.chat
The world's largest open-source prompt library for AI
JavaGuide
Snailclimb/JavaGuide
Snailclimb/JavaGuide: 面试 & 后端通用面试指南,覆盖计算机基础、数据库、分布式、高并发、系统设计与 AI 应用开发
browser-use
browser-use/browser-use
🌐 Make websites accessible for AI agents. Automate tasks online with ease.
caveman
JuliusBrussee/caveman
Cuts 65% of tokens in AI coding agent responses.
Install
go get github.com/gitleaks/gitleaksREADME
Gitleaks
┌─○───┐
│ │╲ │
│ │ ○ │
│ ○ ░ │
└─░───┘
[!WARNING] Gitleaks is feature complete. I'm not merging new features into Gitleaks. Future releases will be security patches only. I'm shifting my focus to Betterleaks
Gitleaks is a tool for detecting secrets like passwords, API keys, and tokens in git repos, files, and whatever else you wanna throw at it via stdin. If you wanna learn more about how the detection engine works check out this blog: Regex is (almost) all you need.
➜ ~/code(master) gitleaks git -v
○
│╲
│ ○
○ ░
░ gitleaks
Finding: "export BUNDLE_ENTERPRISE__CONTRIBSYS__COM=cafebabe:deadbeef",
Secret: cafebabe:deadbeef
RuleID: sidekiq-secret
Entropy: 2.609850
File: cmd/generate/config/rules/sidekiq.go
Line: 23
Commit: cd5226711335c68be1e720b318b7bc3135a30eb2
Author: John
Email: john@users.noreply.github.com
Date: 2022-08-03T12:31:40Z
Fingerprint: cd5226711335c68be1e720b318b7bc3135a30eb2:cmd/generate/config/rules/sidekiq.go:sidekiq-secret:23
Getting Started
Gitleaks can be installed using Homebrew, Docker, or Go. Gitleaks is also available in binary form for many popular platforms and OS types on the releases page. In addition, Gitleaks can be implemented as a pre-commit hook directly in your repo or as a GitHub action using Gitleaks-Action.
Installing
# MacOS
brew install gitleaks
# Docker (DockerHub)
docker pull zricethezav/gitleaks:latest
docker run -v ${path_to_host_folder_to_scan}:/path zricethezav/gitleaks:latest [COMMAND] [OPTIONS] [SOURCE_PATH]
# Docker (ghcr.io)
docker pull ghcr.io/gitleaks/gitleaks:latest
docker run -v ${path_to_host_folder_to_scan}:/path ghcr.io/gitleaks/gitleaks:latest [COMMAND] [OPTIONS] [SOURCE_PATH]
# From Source (make sure `go` is installed)
git clone https://github.com/gitleaks/gitleaks.git
cd gitleaks
make build
Pre-Commit
-
Install pre-commit from https://pre-commit.com/#install
-
Create a
.pre-commit-config.yamlfile at the root of your repository with the following content:repos: - repo: https://github.com/gitleaks/gitleaks rev: v8.24.2 hooks: - id: gitleaksfor a native execution of gitleaks or use the
gitleaks-dockerpre-commit ID for executing gitleaks using the official Docker images -
Auto-update the config to the latest repos' versions by executing
pre-commit autoupdate -
Install with
pre-commit install -
Now you're all