加载中
正在获取最新内容,请稍候...
Gitleaks - Find Secrets in your Git Repositories
Gitleaks is a SAST tool for detecting secrets in git repositories, preventing accidental leaks of sensitive information like passwords and API keys.
Go
Added on 2025年6月29日21,219
Stars1,660
ForksGo
LanguageProject Introduction
Summary
Gitleaks is an open-source command-line tool designed to find and prevent secrets from being committed into git repositories, helping maintain codebase security.
Problem Solved
Accidentally committing sensitive information (passwords, API keys, private keys) to version control systems poses a significant security risk, which manual review often fails to catch.
Core Features
Comprehensive Scanning
Scans commit history and file systems for hardcoded secrets using a customizable ruleset.
Extensive Ruleset & Customization
Comes with over 50 built-in rules for common secret types and allows adding custom regex-based rules.
Integration Capabilities
Integrates easily into CI/CD pipelines, pre-commit hooks, and various developer workflows.
Tech Stack
Go
使用场景
Gitleaks can be used in various stages of the software development lifecycle to proactively identify and mitigate secrets exposure risks.
场景一:Continuous Integration/Deployment
Details
Run Gitleaks automatically as part of your CI/CD pipeline on every push or pull request to scan new code changes for secrets.
User Value
Automatically catch secrets before they are deployed to production environments, reducing security risks.
场景二:Pre-Commit Scanning
Details
Configure Gitleaks as a pre-commit hook to scan changes locally before they are committed to the repository.
User Value
Prevent secrets from ever entering the git history, saving time and effort on remediation.
场景三:Historical Repository Scan
Details
Scan existing historical commits of a repository to identify secrets that may have been leaked in the past.
User Value
Identify past security breaches or risks and plan necessary remediation steps like credential rotation.
Recommended Projects
You might be interested in these projects
awslabsamazon-bedrock-agent-samples
This project provides a set of example code and scripts to demonstrate how to effectively utilize the core functionalities of our innovative automation tool, designed to streamline data processing and task management.
Python
629209
vaxilux-ui
X-UI is a powerful web panel designed to manage the Xray core, offering support for multiple protocols and user accounts. It simplifies the deployment, configuration, and monitoring of Xray servers through an intuitive graphical interface.
JavaScript
176297792
a-htempl
Templ is a templating language for Go that compiles templates to Go code, offering compile-time type safety, enhanced performance, and improved developer experience for building HTML user interfaces.
Go
9260311