GP-commits

GP-commits / Git-Secrets

Public

A Python CLI tool that scans all repositories owned by a GitHub user/org for accidentally committed secrets (API keys, tokens, passwords, private keys, etc.).

cli command-line-tool credential-scanner cybersecurity devsecops
14
3
100% credibility
Found Apr 08, 2026 at 17 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

A tool that examines GitHub user or organization repositories for accidentally exposed sensitive information like credentials and keys in files and past changes.

How It Works

1
🔍 Discover the Scanner

You find a helpful tool that checks your online projects for hidden sensitive info like passwords accidentally left in code.

2
📥 Get It Ready

Download the program to your computer and set it up with easy preparation steps.

3
👤 Name Your Account

Enter your project account name, and optionally add permission to check private projects too.

4
Pick Your Scan

Choose a quick look at current files or a deep check including past changes for thoroughness.

5
🕵️‍♂️ Watch It Hunt

The tool quietly reviews all your projects, searching every bit for anything sensitive.

6
📊 View the Report

See a clear, colorful summary of what it found, with safe previews of any issues.

Projects Protected

You now know your projects are clean or exactly what to fix to keep secrets safe.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 17 to 14 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is Git-Secrets?

Git-Secrets is a Python CLI tool that scans all repositories owned by a GitHub user or org for accidentally committed secrets like API keys, tokens, passwords, and private keys. It queries the GitHub API, clones repos temporarily, and checks both current files and full commit history using 20+ regex patterns for AWS, GitHub, Stripe, Slack, and more. Run it with `python scanner.py username` for a thorough git secrets scan, or add flags like `--fast` for latest commits only and `--output report.json` for CI pipelines.

Why is it gaining traction?

It stands out by default-scanning commit history to catch secrets deleted long ago, unlike basic file scanners, with options for fast mode, PAT support to bypass rate limits and access privates, and JSON exports for git secrets github action workflows. Colored terminal reports redact snippets for readability, and it auto-cleans clones while skipping forks and binaries. Developers hook it into GitHub Actions easily, filling a gap for simple git secrets management without heavy setup.

Who should use this?

Security engineers auditing org repos before breaches, open-source maintainers scanning for leaks in forks, and DevOps teams adding it to CI/CD as a git secrets pre commit hook alternative. It's ideal for Python CLI users wanting quick python github actions integration or a git secrets tutorial starting point, especially those handling multiple public repos.

Verdict

Worth trying for lightweight GitHub-specific git secrets scanning—solid docs, MIT license, and CI-friendly exit codes make it practical despite 14 stars and 1.0% credibility score signaling early maturity. Pair with established tools like truffleHog for production use.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.