cred-alert

module

v40.0.0+incompatible Latest Latest Go to latest Published: Feb 1, 2017 License: Apache-2.0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/ecsteam/cred-alert

Links

Open Source Insights

README ¶

cred-alert

scans repos for credentials and then shouts if it finds them

Getting Help

Come visit us in Slack!

CLI

Building

The command line application can be built with the following command. Your $GOPATH should already be set correctly by direnv.

$ go build cred-alert/cmd/cred-alert-cli

Examples

The default behavior of the cli is to read from standard input, scan for secrets, and report any matches on standard output. It can also be used to recursively scan files in a directory. Use --help to see all options.

Scan a file

$ ./cred-alert-cli scan -f src/cred-alert/product.zip

Scan a directory

$ ./cred-alert-cli scan -f src/cred-alert

Scan from standard input

$ cat src/cred-alert/sniff/patterns/samples_for_test.go | ./cred-alert-cli scan

Scanning git diffs

Cred alert supports scanning diffs on standard input. When scanning a diff use the --diff flag.

$ git diff | ./cred-alert-cli scan --diff

Scan with custom RegExp

To override the default RegExp in order to scan for a specific vulnerability, use --regexp for a single RegExp or --regexp-file for newline delimited RegExp file

$ git diff | ./cred-alert-cli scan --diff --regexp-file custom-regexp

Exit status

0 No error occurred and no credentials found

1 Miscellaneous error occurred

3 Found credentials

Development

You'll need to install gosub in order to manage the submodules of this project. It can be installed by running the following command (try to install this in an outer $GOPATH so that you do not clutter up this directory with the tooling):

$ go get github.com/vito/gosub

In order to have your $GOPATH and $PATH set up properly when you enter this directory you should install direnv. On macOS you can install this by running this command and following the instructions to set up your shell:

$ brew install direnv

The tests can be run using the ginkgo command line tool. This can be installed with:

$ go install github.com/onsi/ginkgo/ginkgo

The fakes can be generated using the counterfeiter tool. This can be installed with:

$ go get github.com/maxbrunsfeld/counterfeiter

You can go get and edit the files like normal in this repository. If any dependencies have changed them make sure to run scripts/sync-submodules in order to make sure that the submodules are updated correctly.

You can generate a pretty commit message by running scripts/commit-with-log.

Directories ¶

Path	Synopsis
src
bitbucket.org/taruti/mimemagic
cred-alert/cmd/cred-alert-cli
cred-alert/cmd/credential-count-publisher
cred-alert/cmd/revok-ingestor
cred-alert/cmd/revok-worker
cred-alert/cmd/srcint
cred-alert/cmd/stats-monitor
cred-alert/cmdflag
cred-alert/commands
cred-alert/config
cred-alert/crypto
cred-alert/crypto/cryptofakes This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/datadog
cred-alert/datadog/datadogfakes This file was generated by counterfeiter	This file was generated by counterfeiter
cred-alert/db
cred-alert/db/dbfakes This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/db/migrations
cred-alert/gitclient
cred-alert/gitclient/gitclientfakes This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/inflator
cred-alert/inflator/inflatorfakes This file was generated by counterfeiter	This file was generated by counterfeiter
cred-alert/ingestor
cred-alert/ingestor/ingestorfakes This file was generated by counterfeiter	This file was generated by counterfeiter
cred-alert/kolsch
cred-alert/metrics
cred-alert/metrics/metricsfakes This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/mimetype
cred-alert/monitor
cred-alert/monitor/monitorfakes This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/mysqlrunner
cred-alert/net
cred-alert/net/netfakes This file was generated by counterfeiter	This file was generated by counterfeiter
cred-alert/notifications
cred-alert/notifications/notificationsfakes This file was generated by counterfeiter	This file was generated by counterfeiter
cred-alert/pubsubrunner
cred-alert/queue
cred-alert/queue/queuefakes This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/revok
cred-alert/revok/api
cred-alert/revok/revokfakes This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/revok/stats
cred-alert/revok/web
cred-alert/revokpb Package revokpb is a generated protocol buffer package.	Package revokpb is a generated protocol buffer package.
cred-alert/scanners
cred-alert/scanners/diffscanner
cred-alert/scanners/dirscanner
cred-alert/scanners/filescanner
cred-alert/search
cred-alert/search/searchfakes This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter
cred-alert/sniff
cred-alert/sniff/fixtures
cred-alert/sniff/matchers
cred-alert/sniff/matchers/matchersfakes This file was generated by counterfeiter	This file was generated by counterfeiter
cred-alert/sniff/snifffakes This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter
red/redpb Package redpb is a generated protocol buffer package.	Package redpb is a generated protocol buffer package.
red/redrunner
rolodex
rolodex/cmd/rolodexd
rolodex/rolodexfakes This file was generated by counterfeiter	This file was generated by counterfeiter
rolodex/rolodexpb Package rolodexpb is a generated protocol buffer package.	Package rolodexpb is a generated protocol buffer package.
teamstr
teamstr/cmd/teamstr
teamstr/teamstrfakes This file was generated by counterfeiter This file was generated by counterfeiter	This file was generated by counterfeiter This file was generated by counterfeiter

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL