3.7 KiB
3.7 KiB
██████╗ ██████╗ ██████╗ ████████╗██╗ █████╗
██╔══██╗██╔═══██╗██╔══██╗╚══██╔══╝██║██╔══██╗
██████╔╝██║ ██║██████╔╝ ██║ ██║███████║
██╔═══╝ ██║ ██║██╔══██╗ ██║ ██║██╔══██║
██║ ╚██████╔╝██║ ██║ ██║ ██║██║ ██║
╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝
Secrets scanner for codebases and git repositories, written in Go.
This is a quick overview. Security theory, architecture, and full walkthroughs are in the learn modules.
What It Does
- 150 detection rules covering AWS, GitHub, GitLab, GCP, Azure, Slack, Stripe, Twilio, SendGrid, SSH/PGP keys, passwords, connection strings, JWTs, and 100+ more
- Shannon entropy analysis for detecting high-randomness strings
- HIBP breach verification via k-anonymity protocol (your secrets never leave your machine)
- Directory scanning and full git history scanning (branches, depth, date ranges)
- Output as colored terminal tables, JSON, or SARIF v2.1.0
- 5-layer false positive defense: keyword pre-filter, structural validation, stopwords, allowlists, entropy
- Concurrent pipeline with bounded worker pools
- TOML configuration via
.portia.tomlorpyproject.toml
Install
curl -fsSL https://raw.githubusercontent.com/CarterPerez-dev/portia/main/install.sh | bash
Or with Go:
go install github.com/CarterPerez-dev/portia/cmd/portia@latest
Quick Start
portia scan .
[!TIP] This project uses
justas a command runner. Typejustto see all available commands.Install:
curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin
Commands
| Command | Description |
|---|---|
portia scan [path] |
Scan a directory for secrets |
portia git [repo] |
Scan git history for secrets |
portia init |
Initialize .portia.toml configuration |
portia pyproject |
Create pyproject.toml with [tool.portia] config |
portia config rules |
List all 150 detection rules |
portia config show |
Show active configuration |
Flags: --format (terminal/json/sarif), --verbose, --no-color, --exclude, --max-size, --hibp, --config
Git flags: --branch, --since, --depth, --staged
Learn
This project includes step-by-step learning materials covering security theory, architecture, and implementation.
| Module | Topic |
|---|---|
| 00 - Overview | Prerequisites and quick start |
| 01 - Concepts | Secret sprawl, entropy, and breach databases |
| 02 - Architecture | System design and data flow |
| 03 - Implementation | Code walkthrough |
| 04 - Challenges | Extension ideas and exercises |
License
AGPL 3.0