Skip to content
/ GitleaksVerifier Public

GitleaksVerifier is a Python-based verification tool designed to enhance the functionality of Gitleaks by rigorously validating secrets flagged during code scans.

23 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aydinnyunus/GitleaksVerifier

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

GitleaksVerifier CLI

This project provides a command-line interface (CLI) tool to verify secrets found by gitleaks. It supports various secret types and provides options for verbosity, rule filtering, and output customization.

Features

  • Command-line argument parsing
  • Logging configuration with colored output
  • Error handling and proper exit codes
  • Type hints for better code clarity
  • Option to filter by specific rule ID
  • JSON output with verification results
  • Option to print only valid secrets

Installation

  1. Clone the repository:

    git clone https://github.com/aydinnyunus/GitleaksVerifier.git
cd GitleaksVerifier

  2. Install the required dependencies:

    pip install -r requirements.txt

Usage

Gitleaks Example

gitleaks git -f json -r secrets.json

Now you can use secrets.json file to verify secrets.

Basic Usage

python main.py secrets.json

Verbose Output

python main.py -v secrets.json

Filter by Rule

python main.py -r github-token secrets.json

Specify Output File

python main.py -o results.json secrets.json

Print Only Valid Secrets

python main.py --only-valid secrets.json

Show Help

python main.py --help

Example Output

The output JSON file will have the following structure:

[
  {
    "secret": "example_secret",
    "rule_id": "github-token",
    "valid": true
  },
  {
    "secret": "invalid_secret",
    "rule_id": "slack-token",
    "valid": false,
    "error": "HTTP 401: Unauthorized"
  }
]

Supported Secrets

The tool currently verifies the following secrets:

  • Generic API Key
  • Cloudflare API Key
  • PyPI Upload Token
  • Shopify Access Token
  • OpenAI API Key
  • NPM Access Token
  • Datadog Access Token
  • Dropbox API Token
  • Zendesk Secret Key
  • Algolia API Key
  • Slack Webhook
  • Slack Token
  • SauceLabs API Key
  • Facebook App Secret
  • Grafana Cloud API Token
  • Facebook Access Token
  • Firebase Token
  • GitHub Token (Personal Access Token)
  • GitLab Personal Access Token
  • GitHub Client Secret
  • GitHub SSH Key
  • Twilio API Key
  • Twitter API Key
  • Twitter Bearer Token
  • HubSpot API Key
  • Infura API Key
  • Mailgun Private API Token
  • Mapbox API Token
  • New Relic User API Key
  • DeviantArt Secret Key
  • Heroku API Key
  • DeviantArt Token
  • Pendo API Key
  • SendGrid Token
  • Square API Token
  • Contentful API Token
  • Microsoft Tenant ID
  • BrowserStack API Key
  • Azure Insights Key
  • Cypress Record Key

Logging

The CLI uses the colorama library to provide colored output for different log levels:

  • INFO: Green
  • WARNING: Yellow
  • ERROR: Red
  • DEBUG: Blue

It leverages verification methods from streaak/keyhacks for accurate validation. Thank you for ozguralp for Google Map API Key verification.

Contact

About

GitleaksVerifier is a Python-based verification tool designed to enhance the functionality of Gitleaks by rigorously validating secrets flagged during code scans.

Resources

Readme
Activity

Stars

23 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages