gitleaks

Gitleaks is a Static Application Security Testing (SAST) tool designed to uncover hardcoded secrets such as passwords, API keys, and tokens within git repositories. It provides multiple scanning modes, including git, directory, and stdin, and can be seamlessly integrated as a pre-commit hook or GitHub action for enhanced security in development workflows.

Top gitleaks Alternatives

Jtest

Jtest is a Static Application Security Testing (SAST) tool tailored for Java development, seamlessly integrating into CI/CD pipelines.

By: Parasoft From United States

Alternatives

Black Duck

Black Duck is a Static Application Security Testing (SAST) software designed to enhance software supply chain security.

By: Black Duck From United States

Alternatives

CodeSonar

Employing advanced unified dataflow and symbolic execution analysis, CodeSonar meticulously examines the entire application’s computation.

By: CodeSecure From United States

Alternatives

ShiftLeft CORE

Qwiet AI revolutionizes software security by offering a unified vulnerability dashboard that scans code, containers, and open-source libraries in one go.

From United States

Alternatives

CNAPP

This CNAPP solution provides proactive security for cloud environments through continuous monitoring, identifying misconfigurations and vulnerabilities in real-time.

By: CloudMatos From United States

Alternatives

Flawnter

Flawnter automates static and dynamic application security testing, enabling rapid identification of hidden security and quality flaws throughout the Software Development Life Cycle.

By: CyberTest From United States

Alternatives

Sandworm

It scans projects for vulnerabilities and metadata issues, generating JSON and CSV outputs, including a...

By: Sandworm.dev From United States

Alternatives

Flawnter

Their services encompass web and mobile application penetration testing, network security assessments, and secure source...

By: CyberTest From United States

Alternatives

S4 for Salesforce

With its patented SaaS Security Scanner, S4 employs four integrated scans—Static Source Code Analysis, Interactive...

By: DigitSec From United States

Alternatives

Mobix

With seamless integration into existing workflows and advanced vulnerability detection capabilities, it empowers developers to...

By: Maverix From United States

Alternatives

Application Security Portal

Users can expect real-time threat monitoring, automated patch recommendations, and user-friendly reporting for compliance audits...

By: Whitespots.io From Estonia

Alternatives

Riscure True Code

By fostering collaboration between security evaluators and developers, it enables early vulnerability identification, reducing costs...

By: Riscure

Alternatives

Mobiheals

Utilizing advanced AI technology, it proactively identifies and neutralizes potential cyber threats before they compromise...

By: Cyber Heals From United Kingdom

Alternatives

AppSecure Security

By pinpointing real, exploitable vulnerabilities across diverse sectors, it enhances security postures while ensuring compliance...

By: AppSecure Security From Singapore

Alternatives

Top gitleaks Features

Secrets detection in git repos
Supports multiple scanning modes
Compatible with pre-commit hooks
Customizable secret detection rules
Baseline scanning for efficiency
Automatic encoded text decoding
Multiple report formats available
Fingerprint identification for findings
Easy installation via Homebrew
Docker
or Go
GitHub Action integration
Custom report template creation
Ignore specific findings easily
Recursive decoding support
Configurable git log options
Local directory scanning capabilities
Stream data detection via stdin
User-friendly command-line interface
Detailed configuration documentation
Community-driven contribution guidelines.