Skip to main content

Posts

Showing posts from May, 2021

Identify security leaks in code

  We will be using Gitleaks software to find security leaks. Here are the steps to identify leaks in your code repo - Install gitleaks on your local machine. Click here to install . Check if it is installed successfully on your local machine.  Website> gitleaks --version If its installed, it should show version of gitleaks. Download sample.config file( see attachment ) and copy on your local machine( this is the sample file with configuration/rules, you may change it as per your requirements ). Now git clone the repo on your local machine and goto your code folder. Once you are in code folder, run gitleaks command. Website> gitleaks --path=./ --config-path=../sample.config --verbose where, --path=./ => path of .git folder --config-path=../sample.config => path of sample.config file You can also download the report of leaks for sharing it with your team - Website> gitleaks -v --pretty --path [RepoPath] --config-path=../sample.config --report= [PathtosaveRepo...