Talisman

Talisman is an open-source security tool developed by Thoughtworks that installs Git hooks (pre-commit or pre-push) to prevent secrets and sensitive information from leaving a developer's workstation by validating outgoing changesets for suspicious content including SSH keys, authorization tokens, private keys, API credentials, and other secrets using pattern matching, entropy analysis, file name detection, and content scanning. The tool provides comprehensive protection with customizable rules, false positive management through .talismanrc configuration files, Git history scanning capabilities with HTML reporting, and seamless integration into CI/CD pipelines to enable developers and security teams to proactively detect and prevent credential leaks throughout the software development lifecycle.