gitleakssecrets
What is the purpose of gitleaks?
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repos. It provides an easy way to scan repositories for sensitive information.
Core Features
- Scans local and remote git repositories
- Customizable rules using regular expressions
- Integration with pre-commit hooks and CI/CD pipelines
- Supports various output formats (JSON, CSV, SARIF)
Common Gitleaks Commands
1. Scan Local Repository
Scans a local git repository for secrets.
bash
gitleaks detect -v2. Scan Specific Directory
Scans a specific directory or file without git history.
bash
gitleaks detect --no-git -v -s <path>3. Output to File
Saves the findings to a JSON report.
bash
gitleaks detect -v -r report.jsonOutput Examples of Gitleaks Commands
Finding: API Key
Secret: AKIAIOSFODNN7EXAMPLE
File: config/settings.py
Line: 42