by zricethezav

zricethezav / gitleaks

Scan git repos for secrets using regex and entropy πŸ”‘

6.6K Stars 549 Forks Last release: about 2 months ago (v6.1.2) MIT License 588 Commits 68 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:



Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repos. Gitleaks aims to be the easy-to-use, all-in-one solution for finding secrets, past or present, in your code.


  • Scans for commited secrets
  • Scans for uncommitted secrets as part of shifting security left
  • Available Github Action
  • Gitlab and Github API support which allows scans of whole organizations, users, and pull/merge requests
  • Custom rules via toml configuration
  • High performance using go-git
  • JSON and CSV reporting
  • Private repo scans using key or password based authentication

Installation, Documentation and Examples

This project is documented here

Sponsors ❀️

Corporate Sponsors


Gamma proactively detects and remediates data leaks across cloud apps. Scan your public repos for secret leaks with Gamma

Individual Sponsors

These users are sponsors of gitleaks:

Adam Shannon |


Logo Attribution

The Gitleaks logo uses the Git Logo created Jason Long is licensed under the Creative Commons Attribution 3.0 Unported License.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.