The project has moved to monorepo. See https://github.com/pownjs/pown for more information.
Pown Leaks is a comprehensive database of regular expressions that help you search for leaks, such as passwords, keys, tokens and other sensitive strings in files.
Some signatures were borrowed or heavily inspired by the following projects:
- gitleaks - https://github.com/zricethezav/gitleaks
- shhgit - https://github.com/eth0izzle/shhgit
- SecretsScanner - https://github.com/deepfence/SecretScanner/
This tool is part of secapps.com open-source initiative.
___ ___ ___ _ ___ ___ ___
/ __| __/ __| /_\ | _ \ _ \/ __|
\__ \ _| (__ / _ \| _/ _/\__ \
|___/___\___/_/ \_\_| |_| |___/
https://secapps.com
This tool is meant to be used as part of Pown.js, but it can be invoked separately as an independent tool.
Install Pown first as usual:
$ npm install -g pown@latest
Install leaks:
$ pown modules install @pown/leaks
Invoke directly from Pown:
$ pown leaks
Install this module locally from the root of your project:
$ npm install @pown/leaks --save
Once done, invoke pown cli:
$ POWN_ROOT=. ./node_modules/.bin/pown-cli leaks
You can also use the global pown to invoke the tool locally:
$ POWN_ROOT=. pown leaks
WARNING: This pown command is currently under development and as a result will be subject to breaking changes.
pown-cli leaks <command>
Leaks / secrets detection tool
Commands:
pown-cli leaks [location] Find leaks [default]
pown-cli leaks export [file] Export leaks database
Options:
--version Show version number [boolean]
--help Show help [boolean]
--request-concurrency, -c The number of requests to send at the same time [number] [default: Infinity]
--method, -X Custom method [string]
--header, -H Custom header [string]
--connect-timeout, -t, --timeout Maximum time allowed for the connection to start [number] [default: 30000]
--data-timeout, -T Maximum time allowed for the data to arrive [number] [default: 30000]
--accept-unauthorized, -k, --insecure Accept unauthorized TLS errors [boolean] [default: false]
--filter-response-code, --response-code, --filter-status Filter responses with code [string] [default: ""]
--content-sniff-size, --content-sniff, --sniff-size Specify the size of the content sniff [number] [default: 5]
--print-response-body, --print-body Print response body [boolean] [default: false]
--download-response-body, --download-body Download response body [boolean] [default: false]
--proxy-url, --proxy Setup proxy [string] [default: ""]
--task-concurrency, -C [number] [default: Infinity]
--silent, -s [boolean] [default: false]
--json, -j [boolean] [default: false]
--unique, -u [boolean] [default: false]
--embed, -e [boolean] [default: false]
--write, -w [string] [default: ""]
--tokenizer, -z [string] [choices: "none", "code-line"] [default: "code-line"]
--filter-title, --title, --filter-name, --name [string] [default: ""]
--filter-severity, --severity, --filter-level, --level [number] [default: 0]
Have a look at the ./database
folder which contains all signatures. Insert your signatures using the naming convention and format and submit a pull request.