Gitleaks

Gitleaks is a powerful command-line tool designed to scan git repositories for secrets, such as passwords, API keys, and tokens. It helps prevent sensitive information from being exposed in your codebase.

Key features include:

• Comprehensive Scanning: Scans git repos, directories, files, and even standard input.
• Customizable Rules: Supports custom configurations for defining secret detection rules.
• Baseline Support: Allows ignoring old findings when scanning large repositories.
• Pre-Commit Hook: Can be integrated as a pre-commit hook to prevent committing secrets.
• GitHub Action: Offers an official GitHub Action for automated scanning in CI/CD pipelines.
• Reporting: Supports various report formats (JSON, CSV, JUnit, SARIF) and custom templates.
• Decoding: Automatically decodes base64 encoded secrets.

Use cases:

• Scanning git repositories for accidentally committed secrets.
• Integrating into CI/CD pipelines to prevent secret exposure.
• Scanning local directories and files for sensitive information.
• Enforcing security policies and preventing data leaks.