Halaman utama Jelajahi Bantuan
Masuk
LBP
/
gitleaks
cermin dari https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Berkas Masalah 0 Wiki

Tidak Ada Deskripsi

Pohon: b4a0577786
Ranting Tag
gitleaks
ZIP TAR.GZ
zricethezav b4a0577786 fixing commit latest bug 5 tahun lalu
.github 4181ede6cd Update FUNDING.yml 6 tahun lalu
audit b4a0577786 fixing commit latest bug 5 tahun lalu
config 9db91442b3 ignoring config when using custom config (#362) 5 tahun lalu
examples 8e8873286e Update leaky-repo.toml 6 tahun lalu
hosts 2fa580f1bb fix the empty repo org scan error (#358) 6 tahun lalu
manager 8b3ce2cb1e forgot to bump in code... (#347) 6 tahun lalu
options 3e760d7fed updating help message 6 tahun lalu
test_data b4a0577786 fixing commit latest bug 5 tahun lalu
version e446ba0738 fixing all golint and adding some more tests 6 tahun lalu
.gitignore ce95cafd54 fixing modules, adding v3 in path 6 tahun lalu
.travis.yml af0df6ea2c Added gosec scan (#311) 5 tahun lalu
Dockerfile 11dcb44e41 bump to go 1.14 and alpine to 3.11 (#363) 5 tahun lalu
LICENSE 274e8212a6 adding license 6 tahun lalu
Makefile 11dcb44e41 bump to go 1.14 and alpine to 3.11 (#363) 5 tahun lalu
README.md 9d76070806 Update README.md 6 tahun lalu
go.mod 11dcb44e41 bump to go 1.14 and alpine to 3.11 (#363) 5 tahun lalu
go.sum dae5c142d7 Fix host clone auth (#350) 6 tahun lalu
main.go 8b3ce2cb1e forgot to bump in code... (#347) 6 tahun lalu

README.md

gitleaks

Travis

Gitleaks Action now available for your workflows!

Audit git repos for secrets. Gitleaks provides a way for you to find unencrypted secrets and other unwanted data types in git repositories. As part of its core functionality, it provides:

  • Audits for uncommitted changes
  • Github and Gitlab support including support for bulk organization and repository owner (user) repository scans, as well as pull/merge request scanning for use in common CI workflows.
  • Support for private repository scans, and repositories that require key based authentication
  • Output in JSON formats for consumption in other reporting tools and frameworks
  • Externalised configuration for environment specific customisation including regex rules
  • High performance through the use of src-d's go-git framework
repo scan

pre commit scan

Getting Started

Written in Go, gitleaks is available in binary form for many popular platforms and OS types from the releases page. Alternatively, executed via Docker or it can be installed using Go directly, as per the below;

MacOS

brew install gitleaks

Docker

docker pull zricethezav/gitleaks

Go

Ensure GO111MODULE=on is set as an env var

go get github.com/zricethezav/gitleaks/v4@latest

Usage

gitleaks has a wide range of configuration options that can be adjusted at runtime or via a configuration file based on your specific requirements.

Usage:
  gitleaks [OPTIONS]

Application Options:
  -v, --verbose          Show verbose output from audit
  -r, --repo=            Target repository
      --config=          config path
      --disk             Clones repo(s) to disk
      --version          version number
      --username=        Username for git repo
      --password=        Password for git repo
      --access-token=    Access token for git repo
      --commit=          sha of commit to audit
      --files-at-commit= sha of commit to audit all files at commit or "latest" to scan the last commit of the repository
      --threads=         Maximum number of threads gitleaks spawns
      --ssh-key=         path to ssh key used for auth
      --uncommitted      run gitleaks on uncommitted code
      --repo-path=       Path to repo
      --owner-path=      Path to owner directory (repos discovered)
      --branch=          Branch to audit
      --report=          path to write json leaks file
      --report-format=   json or csv (default: json)
      --redact           redact secrets from log messages and leaks
      --debug            log debug messages
      --repo-config      Load config from target repo. Config file must be ".gitleaks.toml" or "gitleaks.toml"
      --pretty           Pretty print json if leaks are present
      --commit-from=     Commit to start audit from
      --commit-to=       Commit to stop audit
      --timeout=         Time allowed per audit. Ex: 10us, 30s, 1m, 1h10m1s
      --depth=           Number of commits to audit

      --host=            git hosting service like gitlab or github. Supported hosts include: Github, Gitlab
      --baseurl=         Base URL for API requests. Defaults to the public GitLab or GitHub API, but can be set to a domain endpoint to use with a self hosted server.
      --org=             organization to audit
      --user=            user to audit
      --pr=              pull/merge request url
      --exclude-forks    audit excludes forks

Help Options:
  -h, --help             Show this help message

Docker usage examples

Run gitleaks against:

Public repository
docker run --rm --name=gitleaks zricethezav/gitleaks -v -r https://github.com/zricethezav/gitleaks.git
Local repository already cloned into /tmp/
docker run --rm --name=gitleaks -v /tmp/:/code/ zricethezav/gitleaks -v --repo-path=/code/gitleaks

By default repos cloned to memory. Using --disk for clone to disk or you can quickly out of memory.

For speed up analyze operation using --threads parameter, which set to ALL - 1 threads at your instance CPU.

Exit Codes

Gitleaks provides consistent exist codes to assist in automation workflows such as CICD platforms and bulk scanning.

0: no leaks
1: leaks present
2: error encountered

Give Thanks

👋 If using gitleaks has made your job easier consider sponsoring me through github's sponsorship program or donating a little something

❤️ sponsor

💵 paypal

₿itcoin:3GndEzRZa6rJ8ZpkLureUcc5TDHMYfpDxn

Sponsors

These users are sponsors of gitleaks:

Adam Shannon | Granville Schmidt | ---|---| Adam Shannon | Granville Schmidt

Logo Attribution

The Gitleaks logo uses the Git Logo created Jason Long is licensed under the Creative Commons Attribution 3.0 Unported License.