加载中
正在获取最新内容,请稍候...
Gitleaks - Find Secrets in your Git Repositories
Gitleaks is a SAST tool for detecting secrets in git repositories, preventing accidental leaks of sensitive information like passwords and API keys.
Go
Added on 2025年6月29日21,219
Stars1,660
ForksGo
LanguageProject Introduction
Summary
Gitleaks is an open-source command-line tool designed to find and prevent secrets from being committed into git repositories, helping maintain codebase security.
Problem Solved
Accidentally committing sensitive information (passwords, API keys, private keys) to version control systems poses a significant security risk, which manual review often fails to catch.
Core Features
Comprehensive Scanning
Scans commit history and file systems for hardcoded secrets using a customizable ruleset.
Extensive Ruleset & Customization
Comes with over 50 built-in rules for common secret types and allows adding custom regex-based rules.
Integration Capabilities
Integrates easily into CI/CD pipelines, pre-commit hooks, and various developer workflows.
Tech Stack
Go
使用场景
Gitleaks can be used in various stages of the software development lifecycle to proactively identify and mitigate secrets exposure risks.
场景一:Continuous Integration/Deployment
Details
Run Gitleaks automatically as part of your CI/CD pipeline on every push or pull request to scan new code changes for secrets.
User Value
Automatically catch secrets before they are deployed to production environments, reducing security risks.
场景二:Pre-Commit Scanning
Details
Configure Gitleaks as a pre-commit hook to scan changes locally before they are committed to the repository.
User Value
Prevent secrets from ever entering the git history, saving time and effort on remediation.
场景三:Historical Repository Scan
Details
Scan existing historical commits of a repository to identify secrets that may have been leaked in the past.
User Value
Identify past security breaches or risks and plan necessary remediation steps like credential rotation.
Recommended Projects
You might be interested in these projects
shaka-projectshaka-player
This project provides a comprehensive solution to streamline data processing and automation tasks, significantly improving efficiency and accuracy. It is suitable for developers, data analysts, and operations teams.
JavaScript
75271389
sub-store-orgSub-Store
An advanced subscription manager designed to unify and simplify managing proxy subscriptions across popular tools like QX, Loon, Surge, Stash, Egern, and Shadowrocket. Easily fetch, convert, and filter your subscription links.
JavaScript
6847770
open5gsopen5gs
Open5GS is a C-language Open Source implementation for 5G Core and EPC, i.e. the core network of LTE/NR network (Release-17). This project provides a flexible and comprehensive open-source alternative for building and testing mobile core networks.
C
2097847