Gitleaks

Gitleaks

github.com

1

About this website

Gitleaks is a tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in Git repositories. Created by Zachary Rice in 2018, Gitleaks has over 18,000 stars as of 2026 and is widely used in CI/CD pipelines and pre-commit hooks to prevent secrets from entering version control. Written in Go for speed and portability, Gitleaks scans Git history (all commits, not just the current state) using configurable rules to detect known secret patterns. Key features include: 100+ built-in detection rules for common secret types (AWS access keys, Google API keys, Stripe keys, Slack tokens, GitHub tokens, database connection strings, private keys, JWT tokens, and many more), custom rule definitions using TOML configuration (defining rules with regex patterns, entropy thresholds, allowlists, and description metadata), Git history scanning (analyzing every commit diff in the repository to find secrets that may have been added and later removed), directory scanning mode (scanning files without Git, for general file system analysis), stdin scanning (reading input from pipes for integration with other tools), pre-commit hook integration (blocking commits that contain secrets before they enter the repository), CI/CD integration (GitHub Actions, GitLab CI, Jenkins, CircleCI, and Bitbucket Pipelines), baseline support (ignoring previously found secrets by creating a baseline JSON file), configurable entropy detection (finding high-entropy strings that may be secrets without matching a specific pattern), report generation in JSON, CSV, and SARIF formats, commit-level attribution (identifying which commit, author, and date introduced each secret), and support for scanning GitHub Enterprise, GitLab, and Bitbucket repositories.

Tags & Categories

Categories

Tags

Statistics

1
Views
0
Clicks
0
Like
0
Dislike

Comments

Log In to post a comment

No comments yet. Be the first!