Betterleaks

Name: Betterleaks
Author: betterleaks

A Better Secrets Scanner built for configurability and speed

by betterleaks

Rating

0.0

Votes

score

Downloads

total

Price

Free

API key required

Works With

Claude CodeCursorWindsurfVS CodeDeveloper tool

About

Betterleaks

Betterleaks is a tool for detecting secrets like passwords, API keys, and tokens in git repos, files, and whatever else you wanna throw at it via stdin. If you wanna learn more about how the detection engine works check out this blog: Regex is (almost) all you need.

Betterleaks development is supported by Aikido Security

➜  ~/code(master) betterleaks git -v


  ○
  ○
  ●
  ○  Betterleaks v1.0.0

  Finding:     "export BUNDLE_ENTERPRISE__CONTRIBSYS__COM=cafebabe:deadbeef",
  Secret:      cafebabe:deadbeef
  RuleID:      sidekiq-secret
  Entropy:     2.609850
  File:        cmd/generate/config/rules/sidekiq.go
  Line:        23
  Commit:      cd5226711335c68be1e720b318b7bc3135a30eb2
  Author:      John
  Email:       john@users.noreply.github.com
  Date:        2022-08-03T12:31:40Z

Wait wtf this isn't Gitleaks. You're right, it's not but it's built by the same people who maintained Gitleaks and ships with some cool new features.

What's New?

A couple things:

Secrets Validation (using CEL) — check if a detected secret is live by firing an HTTP request
Token Efficiency Filter
Parallelized Git Scanning (--git-workers=8)
Optimized Recursive Decoding (for catching those nasty SHA1-HULUD variants)
Misc optimizations
Regex engine switching w/ (--regex-engine=stdlib/re2)
MORE RULES! Ahhh finally!

Benchmarks

Scan times compared against gitleaks on real-world repos (lower is better):

What's Coming?

Great question. Check out what we're cookin in the v2 branch.

Installation

# Package managers
brew install betterleaks
brew install betterleaks/tap/betterleaks

# Fedora Linux
sudo dnf install betterleaks

# Containers
docker pull ghcr.io/betterleaks/betterleaks:latest

# Source
git clone https://github.com/betterleaks/betterleaks
cd betterleaks
make betterleaks

Usage

Betterleaks scans code, past or present, for secrets

Usage:
  betterleaks [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  dir         scan directories or files for secrets
  git         scan git repositories for secrets
  help        Help about any command
  stdin       detect secrets from stdin
  version     display betterleaks version

Don't lose this

Three weeks from now, you'll want Betterleaks again. Will you remember where to find it?

Save it to your library and the next time you need Betterleaks, it’s one tap away — from any AI app you use. Group it into a bench with the rest of the team for that kind of task and you can pull the whole stack at once.

⚡ Pro tip for geeks: add a-gnt 🤵🏻‍♂️ as a custom connector in Claude or a custom GPT in ChatGPT — one click and your library is right there in the chat. Or, if you’re in an editor, install the a-gnt MCP server and say “use my [bench name]” in Claude Code, Cursor, VS Code, or Windsurf.

🤵🏻‍♂️

a-gnt's Take

Our honest review

This plugs directly into your AI and gives it new abilities it didn't have before. A Better Secrets Scanner built for configurability and speed. Once connected, just ask your AI to use it. It's completely free and works across most major AI apps. This one just landed in the catalog — worth trying while it's fresh.

Tips for getting started

Tap "Get" above, pick your AI app, and follow the steps. Most installs take under 30 seconds.

Heads up: this needs an API key to work. You'll get one from the service's website (usually free). The setup guide tells you exactly where.

Security