Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks aims to be the easy-to-use, all-in-one solution for finding secrets, past or present, in your code.
Features:
- Scans for commited secrets
- Scans for uncommitted secrets as part of shifting security left
- Available Github Action
- Gitlab and Github API support which allows scans of whole organizations, users, and pull/merge requests
- Custom rules via toml configuration
- High performance using go-git
- JSON and CSV reporting
- Private repo scans using key or password based authentication
Installation, Documentation and Examples
This project is documented here
![gammanet](https://gammanet.com/assets/images/new-design/gamma-logo.png)
Gamma proactively detects and remediates data leaks across cloud apps. Scan your public repos for secret leaks with Gamma
These users are sponsors of gitleaks:
Logo Attribution
The Gitleaks logo uses the Git Logo created Jason Long is licensed under the Creative Commons Attribution 3.0 Unported License.