gitleaks
Find secrets with Gitleaks 🔑 (by gitleaks)
git-secrets
Prevents you from committing secrets and credentials into git repositories (by awslabs)
| gitleaks | git-secrets | |
|---|---|---|
| 41 | 35 | |
| 19,544 | 12,681 | |
| 2.6% | 0.4% | |
| 9.4 | 1.0 | |
| 5 days ago | about 1 year ago | |
| Go | Shell | |
| MIT License | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gitleaks
Posts with mentions or reviews of gitleaks.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2025-03-20.
- Gitleaks – open-source Secret Scannng
-
Fitness Functions - O Check-up contÃnuo de seu Software
Exposição de dados sensÃveis. Gitleaks
- Gitleaks – Protect and Discover Secrets
-
Gitleaks: Find forgotten codes in your repositories
github repository here
-
Cloud Security and Resilience: DevSecOps Tools and Practices
1. Gitleaks: https://github.com/gitleaks/gitleaks Gitleaks provides a way for developers to find and prevent security breaches by scanning Git repositories for secrets like passwords and API keys.
-
How to use Lefthooks in your node project?
install gitleaks in your machine gitleaks
-
I Analyzed StackOverflow for Secrets
> gitleaks : fatal error: runtime: out of memory
Should be fixed now: https://github.com/gitleaks/gitleaks/pull/1292. Thanks for highlighting this simple change I've been putting off :)
-
[Help Needed] Securing Customized Gitleaks and Backend Communication?
I work in IT and we're enhancing our 'Shift Left Security' approach to prevent sensitive data leaks in our GitHub repositories. We've customized Gitleaks to send git-related information (like remote repository, author details, commit hash etc.) to our backend after each commit. This setup helps us monitor Gitleaks usage among our developers. (gitleaks)
-
Go Security Scanner
Cool. What features/capabilities are different compared to gitleaks?
-
My boss keeps committing his creds into git
To add my anecdote, testing out Trufflehog versus Gitleaks and detect-secrets the other tools seemed superior on detection rate and easier to work with.
git-secrets
Posts with mentions or reviews of git-secrets.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2025-03-17.
-
How To Push Your React JS Code To Your GitHub Repo
Q: What if I accidentally push sensitive information? A: If you push sensitive data, you should change your credentials immediately and consider using tools like git-secrets to help prevent this in the future.
-
How to Protect Only API Keys Instead of Entire Files on GitHub and From Its Commit History
Use tools like GitHub Dependabot or git-secrets to monitor your repositories for sensitive information.
- Prevents you from committing secrets and credentials into Git repositories
-
Fired for leaked credentials. How do I explain this?
Well, this doesn't really happen at places that don't suck. They had no least privilege access to critical secrets and no processes (like pre-commit hooks using git-secrets) to prevent them being committed.
-
Recovering from Accidentally Pushing Sensitive Information to a Remote Git Repository
# macOS brew install git-secrets # Linux git clone https://github.com/awslabs/git-secrets.git cd git-secrets make install
- Managing secrets like API keys in Python - Why are so many devs still hardcoding secrets?
-
If you pay for an API key depending on the amount of requests, is it safe to push your code to GitHub?
You could use Git hooks to prevent someone from being able to author a commit when you suspect there is a secret being committed. In addition to this, you could also perform this check server-side, in case someone did not run their Git hooks for whatever reason. For example, check out git-secrets.
-
Securing the software supply chain in the cloud
git-secrets
-
How to deal with unintended information leakage when using GitHub as your GIT?
Install git-secrets. Go into each of your repos, scan for past mistakes, and add a git-commit hook:
- GitHub Access Token Exposure
What are some alternatives?
When comparing gitleaks and git-secrets you can also consider the following projects:
trufflehog - Find, verify, and analyze leaked credentials
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
shhgit - Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.
semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
secretlint - Pluggable linting tool to prevent committing credential.