Sponsored by security firm Aikido, Betterleaks is designed as a modern successor to Gitleaks, offering faster scanning, improved filtering, and expanded capabilities for detecting exposed credentials across codebases, files, and Git repositories.
Secrets such as API keys, access tokens, passwords, and private credentials frequently leak into source code repositories or configuration files.
Attackers actively search for these exposed secrets because they can provide immediate access to cloud services, databases, or internal systems. Tools like Betterleaks aim to automatically detect these leaks before they are exploited.
Rice first began developing secret detection tools eight years ago when he discovered exposed credentials on GitHub.
His original project, Gitleaks, grew into one of the most widely used open‑source secrets scanners, accumulating millions of downloads and becoming a common security tool used by developers, enterprises, and security researchers.
However, Rice no longer has full control over the Gitleaks repository and brand, which led him to launch a new project.
Betterleaks was created to continue advancing secrets detection with modern scanning techniques while maintaining compatibility with existing Gitleaks workflows.
Betterleaks acts as a drop‑in replacement for Gitleaks, meaning organizations can migrate without changing their existing configurations or command‑line options.
Users can run the same commands and configurations while benefiting from improved performance and new detection features.
The first release, Betterleaks v1.0.0, introduces several technical improvements designed to enhance accuracy and scanning speed.
Key features include:
Betterleaks can currently scan Git repositories, directories, files, and standard input streams, making it suitable for integration into development pipelines, CI/CD systems, and security automation workflows.
The project is also designed with future automation in mind. Planned Version 2 features include scanning additional data sources, integrating LLM‑assisted classification for ambiguous secrets, automated secret revocation through provider APIs, and permission mapping to determine what exposed credentials can access.
Betterleaks is released under the MIT open‑source license and is backed by multiple maintainers from organizations including Amazon, Red Hat, and the Royal Bank of Canada, helping ensure long‑term project stability and community governance.
As secret exposure remains a persistent security risk in modern software development, tools like Betterleaks aim to provide developers and security teams with faster and more accurate methods for detecting sensitive data before attackers can exploit it.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
The post Betterleaks: New Open-Source Tool for Scanning Files, Directories, and Git Repositories appeared first on Cyber Security News.
Emily Wood considers herself news savvy. She stays on top of current events and is…
Target’s massive Pokémon collaboration is now available online. The collection, announced back in April, celebrates…
NORTHAMPTON — Light rain and cool temperatures didn’t dampen the spirits at Hampshire Pride, which…
SOUTHAMPTON — Residents took the first step to passing either a $2.5 or $1.9 million Proposition…
SUNDERLAND — In a 430-188 vote, Sunderland voters gave the final approval needed for an…
WILLIAMSBURG — Voters will decide one contested race in Monday’s town election ballot as incumbent…
This website uses cookies.