加载中
正在获取最新内容,请稍候...
Gitleaks - Find Secrets in your Git Repositories
Gitleaks is a SAST tool for detecting secrets in git repositories, preventing accidental leaks of sensitive information like passwords and API keys.
Go
Added on 2025年6月29日21,219
Stars1,660
ForksGo
LanguageProject Introduction
Summary
Gitleaks is an open-source command-line tool designed to find and prevent secrets from being committed into git repositories, helping maintain codebase security.
Problem Solved
Accidentally committing sensitive information (passwords, API keys, private keys) to version control systems poses a significant security risk, which manual review often fails to catch.
Core Features
Comprehensive Scanning
Scans commit history and file systems for hardcoded secrets using a customizable ruleset.
Extensive Ruleset & Customization
Comes with over 50 built-in rules for common secret types and allows adding custom regex-based rules.
Integration Capabilities
Integrates easily into CI/CD pipelines, pre-commit hooks, and various developer workflows.
Tech Stack
Go
使用场景
Gitleaks can be used in various stages of the software development lifecycle to proactively identify and mitigate secrets exposure risks.
场景一:Continuous Integration/Deployment
Details
Run Gitleaks automatically as part of your CI/CD pipeline on every push or pull request to scan new code changes for secrets.
User Value
Automatically catch secrets before they are deployed to production environments, reducing security risks.
场景二:Pre-Commit Scanning
Details
Configure Gitleaks as a pre-commit hook to scan changes locally before they are committed to the repository.
User Value
Prevent secrets from ever entering the git history, saving time and effort on remediation.
场景三:Historical Repository Scan
Details
Scan existing historical commits of a repository to identify secrets that may have been leaked in the past.
User Value
Identify past security breaches or risks and plan necessary remediation steps like credential rotation.
Recommended Projects
You might be interested in these projects
tokio-rsaxum
Axum is an ergonomic and modular web framework for Rust, built on top of Tokio, Tower, and Hyper. It provides a high-level API for building web applications and services with async Rust, focusing on type safety and developer experience.
Rust
221341204
OpenRefineOpenRefine
OpenRefine is a powerful free and open-source tool for cleaning, transforming, and extending messy data. It helps users quickly identify and fix inconsistencies and structure data for analysis or publication.
Java
113832064
highlightjshighlight.js
A robust, zero-dependency JavaScript library for syntax highlighting code snippets across a multitude of languages, featuring reliable language auto-detection.
JavaScript
243663658