← Back to tools

gitleaks

Detect and prevent hardcoded secrets in git repos

Homepage Repository
Version Control Security linuxmacoswindows Go MIT

Description

gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repositories. It can scan entire git histories, individual commits, and uncommitted changes to find sensitive data that should not be in version control.

AI Summary

SAST tool for detecting hardcoded secrets like passwords, API keys, and tokens in git repositories

Capabilities

  • + Scan git repositories for hardcoded secrets
  • + Detect passwords, API keys, and tokens
  • + Scan entire git history or individual commits
  • + Integrate into CI/CD pipelines as a pre-commit hook
  • + Support custom rules via configuration

Use When

  • When you need to audit a repository for leaked secrets
  • When setting up pre-commit hooks to prevent secret leaks
  • When running security scans in CI/CD pipelines
View AGENTS.md for gitleaks