{"id":36463556,"url":"https://github.com/hhruszka/secrethunter","last_synced_at":"2026-01-14T17:37:15.365Z","repository":{"id":154620917,"uuid":"631925012","full_name":"hhruszka/secrethunter","owner":"hhruszka","description":"secretshunter is a penetration testing tool that uses regular expressions to search a filesystem for secrets (logins, passwords, API keys, hashes, ssh keys etc.).  ","archived":false,"fork":false,"pushed_at":"2024-10-03T05:18:00.000Z","size":12133,"stargazers_count":3,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-01-12T01:37:59.799Z","etag":null,"topics":["scaning","secrets","secrets-detection","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hhruszka.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2023-04-24T10:54:17.000Z","updated_at":"2025-12-02T05:38:33.000Z","dependencies_parsed_at":"2024-01-22T04:04:37.773Z","dependency_job_id":"ecfb7336-f985-4e05-9bc8-a6b23699233e","html_url":"https://github.com/hhruszka/secrethunter","commit_stats":null,"previous_names":["hhruszka/secrethunter","hhruszka/secretshunter"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/hhruszka/secrethunter","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hhruszka%2Fsecrethunter","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hhruszka%2Fsecrethunter/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hhruszka%2Fsecrethunter/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hhruszka%2Fsecrethunter/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hhruszka","download_url":"https://codeload.github.com/hhruszka/secrethunter/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hhruszka%2Fsecrethunter/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28428880,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T16:38:47.836Z","status":"ssl_error","status_checked_at":"2026-01-14T16:34:59.695Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["scaning","secrets","secrets-detection","security"],"created_at":"2026-01-11T23:59:37.391Z","updated_at":"2026-01-14T17:37:15.361Z","avatar_url":"https://github.com/hhruszka.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![License: AGPL v3](https://img.shields.io/badge/License-AGPL_v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)[![v1.0.0-alpha](https://img.shields.io/badge/release-v1.0.0--alpha-yellow)](https://github.com/hhruszka/secretshunter/releases)\n# secrethunter\n\nsecrethunter is a penetration testing tool that uses regular expressions to search a filesystem for secrets. It can be used to search also container images for secrets by pointing to a container's root filesystem.\nIt uses regular expressions provided in yaml files to find secrets (passwords, hashes, API keys etc.) in found plaintext files. \nIt is compatible with yaml files provided by https://github.com/mazen160/secrets-patterns-db project.\n\nsecrethunter is multithreaded application that allows to control its impact on the system. It can be done by specifying the number of vCPUs it is allowed to use with option `-c` and \nalso by throttling it based on maximum CPU usage set with option `-t`.   \n\n## Usage\n```\nUsage: secrethunter [OPTIONS] \"space seperated directories to scan\"\n  -c int\n        maximum number of vCPUs to be used by a program - optional (default 16)\n  -h    prints help\n  -t float\n        throttling, range from 10 to 80 denoting maximum CPU usage (%) that the\n        system cannot exceed during execution of the program - optional (default 80)\n  -o string\n        output file - optional (default \"Stdout\")\n  -p string\n        file with patterns - mandatory. Patterns can be found on https://github.com/mazen160/secrets-patterns-db\n  -v    prints version information\n  -x string\n        comma seperated list of directories to exclude during the scan\n```\n## Examples:\n```\n./secrethunter -p ./high-confidence.yaml -c 4 -t 65 -o ~/seceret-scan-report -x /proc,/dev /home /opt \n```\nThe above will:\n- use ./high-confidence.yaml file with secrets regresion expressions\n- use only 4 vCPUs\n- throttle itself if CPU usage is above 65%\n- save found secrets in ~/seceret-scan-report\n- exclude directories /proc and /dev from scanning\n- scan directories /home and /opt\n\n## Binaries\nCompiled secretshunter binaries for Linux and Windows can be found under the releases [link](https://github.com/hhruszka/secretshunter/releases) or in [executables](https://github.com/hhruszka/secretshunter/tree/main/executables) folder.\n\n## Licensing\nsecrethunter is licensed under the GNU Affero General Public License v3.0 (AGPLv3). You \nare free to use, distribute, and modify this software under the terms of the AGPLv3. If you \nmodify this software, any changes or improvements made must be made available to the \ncommunity under the same license. This license also applies to any software that uses or is \nderived from this software. Please refer to the full text of the AGPLv3 for more details: \nhttps://www.gnu.org/licenses/agpl-3.0.html\n\nsecrethunter includes third-party packages that are subject to their respective licenses:\n- github.com/gabriel-vasile/mimetype is licensed under the MIT License. See https://github.com/gabriel-vasile/mimetype/blob/master/LICENSE for details.\n- gobyexample.com/rate-limiting is licensed under the CC BY 3.0.See https://github.com/mmcgrana/gobyexample#license.\n- github.com/dlclark/regexp2 is licensed under the Apache License, Version 2.0. See https://github.com/dlclark/regexp2/blob/master/LICENSE for details.\n\nPlease review these licenses before using this code or these packages in your own projects.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhhruszka%2Fsecrethunter","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhhruszka%2Fsecrethunter","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhhruszka%2Fsecrethunter/lists"}