Installing
go get -u github.com/zricethezav/gitleaksUsage and Explanation
./gitleaks [options] <url/path>Gitleaks audits local and remote repos by running regex checks against all commits.
Options
usage: gitleaks [options] <URL>/<path_to_repo>
Options:
-u --user Git user mode
-r --repo Git repo mode
-o --org Git organization mode
-l --local Local mode, gitleaks will look for local repo in <path>
-t --temp Clone to temporary directory
-v --verbose Verbose mode, will output leaks as gitleaks finds them
--report-path=<STR> Save report to path, gitleaks default behavior is to save report to pwd
--clone-path=<STR> Gitleaks will clone repos here, default pwd
--concurrency=<INT> Upper bound on concurrent diffs
--since=<STR> Commit to stop at
--b64Entropy=<INT> Base64 entropy cutoff (default is 70)
--hexEntropy=<INT> Hex entropy cutoff (default is 40)
-e --entropy Enable entropy
-h --help Display this message
--token=<STR> Github API token
--stopwords Enables stopwords
Exit Codes
| code | explanation |
|---|---|
| 0 | Gitleaks succeeded with no leaks |
| 1 | Gitleaks failed or wasn't attempted due to execution failure |
| 2 | Gitleaks succeeded and leaks were present during the audit |
Use these codes to hook gitleaks into whatever pipeline you're running
Examples
gitleaksRun audit on current working directory if
.git is presentgitleaks --local $HOME/audits/some/repoRun audit on repo located in
HOME/audits/some/repo if .git is presentgitleaks https://github.com/some/repoRun audit on
github.com/some/repo.git and clone repo togitleaks --clone-path=$HOME/Desktop/audits https://github.com/some/repoRun audit on
github.com/some/repo.git and clone repo to $HOME/Desktop/auditsgitleaks --temp https://github.com/some/repoRun audit on
github.com/some/repo.git and clone repo to $TMPDIR (this will remove repos after audit is complete)gitleaks --temp -u https://github.com/some-userRun audit on all of
some-user's repos. Again, --temp flag will clone all repos into $TMPDIR after be removed after audit