GoKawiilA new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules.
Secret scanners are specialized utilities that scour repositories for sensitive information, such as credentials, API keys, private keys, and tokens, that developers accidentally committed in source code.
Since threat actors often scan configuration files in public repositories for sensitive details, this type of utility can help identify secrets and protect them before attackers can find them.
The new Betterleaks project is intended as a more advanced successor to Gitleaks and is maintained by the same team, with support from Aikido, a Belgian company that provides a platform for securing the development cycle.
Scanning speed comparison
Source: GitHub
Betterleaks is developed by Zach Rice, Head of Secrets Scanning at Aikido Security, who also authored the popular Gitleaks with 26 million downloads on GitHub and more than 35 million pulls on Docker and GitHub Container Registry (GHCR).
"Betterleaks is the successor to Gitleaks. We’re dropping the “git” and slapping “better” on it because that’s what it is, better," Rice says.
Betterleaks was created after Rice lost full control over Gitleaks, which he started developing eight years ago. The list of features in the new tool includes:
Rule-defined validation using CEL (Common Expression Language)
... continue reading