Cybersecurity-Projects/PROJECTS/intermediate/secrets-scanner
dependabot[bot] 05b08531c6
chore(deps): bump golang.org/x/crypto
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.51.0 to 0.52.0.
- [Commits](https://github.com/golang/crypto/compare/v0.51.0...v0.52.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.52.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-09 21:25:45 +00:00
..
cmd/portia feat: did a couple things idk 2026-02-28 14:08:36 -05:00
internal fix: resolve CI lint failures across frontend and Go projects 2026-05-08 05:40:04 -04:00
learn feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
pkg/types feat: did a couple things idk 2026-02-28 14:08:36 -05:00
testdata/fixtures feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
.gitignore feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
.golangci.yml feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
.portia.toml.example feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
Justfile feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
LICENSE feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
README.md feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00
go.mod chore(deps): bump golang.org/x/crypto 2026-07-09 21:25:45 +00:00
go.sum chore(deps): bump golang.org/x/crypto 2026-07-09 21:25:45 +00:00
install.sh feat: Complete Go secrets scanner - Portia 2026-02-22 20:02:38 -05:00

README.md

██████╗  ██████╗ ██████╗ ████████╗██╗ █████╗
██╔══██╗██╔═══██╗██╔══██╗╚══██╔══╝██║██╔══██╗
██████╔╝██║   ██║██████╔╝   ██║   ██║███████║
██╔═══╝ ██║   ██║██╔══██╗   ██║   ██║██╔══██║
██║     ╚██████╔╝██║  ██║   ██║   ██║██║  ██║
╚═╝      ╚═════╝ ╚═╝  ╚═╝   ╚═╝   ╚═╝╚═╝  ╚═╝

Cybersecurity Projects Go License: AGPLv3 HIBP

Secrets scanner for codebases and git repositories, written in Go.

This is a quick overview. Security theory, architecture, and full walkthroughs are in the learn modules.

What It Does

  • 150 detection rules covering AWS, GitHub, GitLab, GCP, Azure, Slack, Stripe, Twilio, SendGrid, SSH/PGP keys, passwords, connection strings, JWTs, and 100+ more
  • Shannon entropy analysis for detecting high-randomness strings
  • HIBP breach verification via k-anonymity protocol (your secrets never leave your machine)
  • Directory scanning and full git history scanning (branches, depth, date ranges)
  • Output as colored terminal tables, JSON, or SARIF v2.1.0
  • 5-layer false positive defense: keyword pre-filter, structural validation, stopwords, allowlists, entropy
  • Concurrent pipeline with bounded worker pools
  • TOML configuration via .portia.toml or pyproject.toml

Install

curl -fsSL https://raw.githubusercontent.com/CarterPerez-dev/portia/main/install.sh | bash

Or with Go:

go install github.com/CarterPerez-dev/portia/cmd/portia@latest

Quick Start

portia scan .

[!TIP] This project uses just as a command runner. Type just to see all available commands.

Install: curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin

Commands

Command Description
portia scan [path] Scan a directory for secrets
portia git [repo] Scan git history for secrets
portia init Initialize .portia.toml configuration
portia pyproject Create pyproject.toml with [tool.portia] config
portia config rules List all 150 detection rules
portia config show Show active configuration

Flags: --format (terminal/json/sarif), --verbose, --no-color, --exclude, --max-size, --hibp, --config

Git flags: --branch, --since, --depth, --staged

Learn

This project includes step-by-step learning materials covering security theory, architecture, and implementation.

Module Topic
00 - Overview Prerequisites and quick start
01 - Concepts Secret sprawl, entropy, and breach databases
02 - Architecture System design and data flow
03 - Implementation Code walkthrough
04 - Challenges Extension ideas and exercises

License

AGPL 3.0