¶ GitLeaks
LICENSE
Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks is an easy-to-use, all-in-one solution for finding secrets, past or present, in your code
¶ Features
- Scan for commited secrets
- Scan for unstaged secrets to shift security left
- Scan directories and files
- Run Gitleaks Action in your CI/CD pipeline
- Custom rules via toml configuration
- Increased performance using go-git
- JSON, SARIF, and CSV reporting
- Private repo scans using key or password based authentication
¶ Example Findings
