dinosn

dinosn / ghleaks

Public

Search for github leaks by combining gitleaks and git-hound capabilities with rate control and exhaustive search.

17
1
100% credibility
Found Feb 19, 2026 at 11 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

A searching tool that looks for files matching your keywords across all public GitHub code and checks them for leaked sensitive information using proven detection methods.

How It Works

1
🔍 Discover ghleaks

You hear about a helpful tool that hunts for accidentally shared sensitive info across all public projects on GitHub.

2
💻 Get the tool ready

Download the searcher and set it up on your computer so you can start looking.

3
🔗 Link your GitHub

Connect your GitHub account to give it permission to explore public code everywhere.

4
✏️ Choose search words

Type in simple words like your company name or private terms to track down.

5
Pick search style
Quick scan

Fast check that covers the basics right away.

🔬
Deep hunt

Thorough exploration that uncovers even more hidden matches.

6
▶️ Launch the hunt

Start the search and watch it comb through files, patiently waiting if needed.

7
📊 Review discoveries

Get a clear report listing any matches found, with handy links to check them out.

Stay secure

You've spotted potential leaks and can now protect your info or alert others.

Sign up to see the full architecture

6 more

Sign Up Free

Star Growth

See how this repo grew from 11 to 17 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is ghleaks?

ghleaks is a Go CLI tool for searching GitHub code across all public repositories, gists, organizations, and users to detect leaked secrets like tokens and credentials. It combines GitHub's code search API with gitleaks' 100+ detection rules, handling rate control and exhaustive query splitting by language, filename, extensions, and size to bypass the 1000-result cap. Users get JSON or CSV reports with direct GitHub URLs, entropy scores, and optional secret redaction.

Why is it gaining traction?

It merges gitleaks' advanced capabilities—like recursive Base64 decoding and false-positive filtering—with git-hound-style GitHub-wide searches, plus smart rate limiting that pauses and resumes automatically. Standout features include targeting specific orgs, users, repos for strings, filenames, or even commit hashes, and gist support out of the box. Developers grab it for quick CLI runs like `ghleaks --query "acmecorp.com" --exhaustive --report leaks.json`.

Who should use this?

Security leads at SMBs hunting company domains or internal strings leaked in public GitHub repos or organizations. Bug bounty hunters searching GitHub users, repos, or filenames for high-value secrets. DevOps pros auditing actions, container registries, or forks before supply chain risks bite.

Verdict

Solid docs and focused CLI make it usable now, but 10 stars and 1.0% credibility score signal early-stage immaturity—build from source and expect tweaks. Try it for targeted GitHub leak hunts if local scans fall short.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.