Categorygithub.com/bthuilot/git-scanner
modulepackage
0.1.1
Repository: https://github.com/bthuilot/git-scanner.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
3
Dependents
0
Files
23 SLOC

# README

git-scanner

Git scanning tool designed to also scanning dangling commits, which many other tools miss. This scanning tool scan run either gitleaks or trufflehog over the full set of commits of a repository

Installing

Package manager

Install using homebrew

brew tap bthuilot/tap
brew install bthuilot/tap/git-scanner

Building Locally

The repository can be built using the makefile provided. Requires Go to be installed on the system. Optionally a docker image can be built using the makefile.

# clone the repo
git clone github.com/bthuilot/git-scanner && cd git-scanner
# To build the binary
make build
# Or to build a docker image
make build-docker

Running

# Use the help menu to see what options are available
git-scanner scan --help

Using a docker image

docker run \
  -v /my/repo/path:/repo -v /my/output/path:/output \
  ghcr.io/bthuilot/git-scanner:latest scan \
  --repo-path /repo --scanner "gitleaks" --output /output/results.json

Scanning an existing repo using gitleaks

git-scanner scan --repo-path "/my/repo/path" --scanner "gitleaks" --output /tmp/results.json --scanner-config ~/gitleaks.toml

Clone and scan a repository with Trufflehog

git-scanner scan --repo-url "https://github.com/torvalds/linux" --scanner "trufflehog" --output /tmp/results.json \
  --scanner-args="--no-verification" # Additional args to pass to scanner

# Packages

No description provided by the author
No description provided by the author