Gitleaks

Gitleaks is an open-source static analysis security tool that scans Git repositories, files, and directories to detect hardcoded secrets including passwords, API keys, tokens, private keys, and credentials by analyzing source code and entire Git commit history using regex patterns and Shannon entropy analysis. The tool integrates into developer workflows through pre-commit hooks, CI/CD pipelines, and GitHub Actions to prevent sensitive information from being committed to version control systems, providing customizable rules, baseline mechanisms for managing known secrets, and multiple output formats including JSON, SARIF, and CSV for automated security reporting.