gitleaks
Detect secrets and API keys leaked in Git repositories. More information: https://github.com/gitleaks/gitleaks.
- Scan a remote repository:
gitleaks detect --repo-url {{https://github.com/username/repository.git}}
- Scan a local directory:
gitleaks detect --source {{path/to/repository}}
- Output scan results to a JSON file:
gitleaks detect --source {{path/to/repository}} --report {{path/to/report.json}}
- Use a custom rules file:
gitleaks detect --source {{path/to/repository}} --config-path {{path/to/config.toml}}
- Start scanning from a specific commit:
gitleaks detect --source {{path/to/repository}} --log-opts {{--since=commit_id}}
- Scan uncommitted changes before a commit:
gitleaks protect --staged
- Display verbose output indicating which parts were identified as leaks during the scan:
gitleaks protect --staged --verbose