シークレットスキャナー
コード内の漏洩したシークレットと認証情報をスキャンします。コミット前にAWSキー、GitHubトークン、APIキーなどを検出。
All scanning happens locally in your browser
Detected Secret Types:
• AWS Access Key• AWS Secret Key• GitHub Token• GitHub Personal Access Token (Classic)• Slack Token• Slack Webhook• Google API Key• Stripe Secret Key• Stripe Publishable Key• Stripe Test Key• Twilio API Key• SendGrid API Key• Mailchimp API Key• npm Token• PyPI Token• Heroku API Key• Private Key• Password in URL
Note: This scanner uses pattern matching and may produce false positives. Always review detected items manually. Placeholders and environment variables are typically filtered out.
Secret Detection - 技術的な詳細
Accidentally committing secrets to version control is a common security issue. Secrets include API keys, database passwords, OAuth tokens, and private keys. Use pre-commit hooks and secret scanning tools to prevent leaks.
コマンドラインでの代替方法
# Use git-secrets or gitleaks\ngitleaks detect --source .\n\n# Pre-commit hook example\npre-commit install