Lately i came across this amazing tool for searching secrets into code. If you are of the sector you are gonna love this software ! Why ? Well, even tho it uses regex it does it in a very good manner and mostly…it’s not all in there !
Here an extract from the readme on it’s github page:
Existing tools don't really "understand" code. Instead, they mostly parse texts.
DeepSecrets expands classic regex-search approaches with semantic analysis, dangerous variable detection, and more efficient usage of entropy analysis.
Code understanding supports 500+ languages and formats and is achieved by lexing and parsing - techniques commonly used in SAST tools.
DeepSecrets also introduces a new way to find secrets: just use hashed values of your known secrets and get them found plain in your code.
How to install
Installation is pretty easy and straight forward. You have basically 2 ways:
$ pip install deepsecrets
$ pip install git+https://github.com/ntoskernel/deepsecrets.git
How to use
$ deepsecrets --target-dir path/to/project --outfile report.json
And enjoy the nitty result !
More Infos
Please visit the following links and shot the author some love !
https://github.com/ntoskernel/deepsecrets
https://hackernoon.com/modernizing-secrets-scanning-part-1-the-problem
1 Response
[…] the projects are quite a few i built the following bash script to download all the repos and run DeepSecrets on […]