Gitleaks

Gitleaks is a SAST tool for detecting hardcoded secrets like passwords, api keys, and tokens in git repos.

Installation

sudo apt install gitleaks

Help

gitleaks -h

Search in Git repository

GIT_REPO="https://git.kringlecastle.com/Upatree/santas_castle_automation.git"
gitleaks -v -r $GIT_REPO

Search in specific commit

gitleaks -v -r $GIT_REPO --commit=commit-sha
gitleaks -v -r $GIT_REPO --commits=commit1,commit2,commit3...