Gitleaks

Gitleaks

gitleaks.io

1

About this website

Gitleaks is the most trusted open-source secret scanner for git repositories, files, and directories, designed to detect and prevent hardcoded secrets such as API keys, passwords, tokens, private keys, and certificates from being committed to version control systems. Maintained by Zach Rice and licensed under the MIT License, Gitleaks has accumulated over 17,000 GitHub stars, 16 million Docker downloads, 9 million GitHub Downloads, over 700,000 Homebrew installs, and thousands of weekly clones, making it the de facto standard for secret scanning in DevSecOps pipelines. The tool scans entire git repository history (all commits and branches), individual files, directories, and standard input, using a powerful rules engine that supports custom regular expressions and pre-configured rules for over 100 secret types including AWS access keys, Azure storage keys, Google API keys, Stripe keys, GitHub tokens, Slack tokens, private SSH keys, JWT tokens, database connection strings, and generic high-entropy strings. Gitleaks provides flexible configuration through a single config file (TOML format) where users can define custom rules with name, regex, keywords, entropy thresholds, allowlist patterns, and path-based filtering. The tool outputs findings in JSON, CSV, SARIF, and standard formats, and can be configured to fail CI/CD pipelines when secrets are detected. Gitleaks-Action, the official GitHub Action, enables automated secret scanning on all pull requests and commits, with free licensing for personal GitHub accounts and free organization licenses available through Google Forms signup. The tool also supports baseline scanning to track only new secret introductions and gitleaks detect for pre-commit hooks.

Tags & Categories

Categories

Tags

Statistics

1
Views
0
Clicks
0
Like
0
Dislike

Comments

Log In to post a comment

No comments yet. Be the first!