leakos
Search leaks in a github org or in the responses of urls
Details
Category: Static Code Analysis
Publisher: trickest-mhmdiaa
Created Date: 9/9/2022
Container: quay.io/trickest/leakos:2db4a6a
Source URL: https://github.com/carlospolop/leakos
Parameters
debug
boolean
Command:
--debug
- Debugnot-rex
boolean
Command:
--not-rex
- Do not use rex checksthreads
string
Command:
--threads
- Number of threads to usetimeout
string
Command:
--tools-timeout
- Custom timeout while executing the toolsmax-urls
string
Command:
--max-urls
- Maximun number of URLs to checknot-exts
string
Command:
--not-exts
- Do not search for leaks in urls with these extensions (comma separated)urls-file
file
requiredCommand:
--urls-file
- Search leaks in responses from web urls. Path to file containing URLs to search for leaks.github-orgs
string
Command:
--github-orgs
- Github orgs names (comma separated). Users will be searched also in the orgs.rex-regexes
file
Command:
--rex-regex-path
- Custom regexes file for rexgithub-repos
string
Command:
--github-repos
- Github repos (comma separated)github-token
string
requiredCommand:
--github-token
- Token to access github api (doesn't require any permission)github-users
string
Command:
--github-users
- Github user names (comma separated)not-gitleaks
boolean
Command:
--not-gitleaks
- Do not use gitleaks checksavoid-sources
string
Command:
--avoid-sources
- Lower case comma separated list of sources from trufflehog and gitleaks to avoidonly-verified
boolean
Command:
--only-verified
- Get only verified leaks (only use trufflehog)not-trufflehog
boolean
Command:
--not-trufflehog
- Do not use trufflehog checksgithub-orgs-file
file
requiredCommand:
--github-orgs-file
- Github orgs names from filegithub-repos-file
file
Command:
--github-repos-file
- Github repos from file.github-users-file
file
Command:
--github-users-file
- Github users names from filemax-secret-length
string
Command:
--max-secret-length
- Max length of valid secretsadd-org-repos-forks
boolean
Command:
--add-org-repos-forks
- Check an org repo even if it's a forkgeneric-leak-in-web
boolean
Command:
--generic-leak-in-web
- Accept generic leaks in web (disabled by defult)add-user-repos-forks
boolean
Command:
--add-user-repos-forks
- Check an user repo even if it's a forkfrom-trufflehog-only-verified
boolean
Command:
--from-trufflehog-only-verified
- From trufflehog get only verified leaks