LinuxCommandLibrary

gitleaks

Detect secrets and API keys leaked in Git repositories.

TLDR

Scan a remote repository

$ gitleaks detect --repo-url [https://github.com/username/repository.git]
copy


Scan a local directory
$ gitleaks detect --source [path/to/repository]
copy


Output scan results to a JSON file
$ gitleaks detect --source [path/to/repository] --report [path/to/report.json]
copy


Use a custom rules file
$ gitleaks detect --source [path/to/repository] --config-path [path/to/config.toml]
copy


Start scanning from a specific commit
$ gitleaks detect --source [path/to/repository] --log-opts [--since=commit_id]
copy


Scan uncommitted changes before a commit
$ gitleaks protect --staged
copy


Display verbose output indicating which parts were identified as leaks during the scan
$ gitleaks protect --staged --verbose
copy

Copied to clipboard