#password #api #bug-bounty #security #leaks

yanked infogrep

A tool to grep for sensitive information

3.0.3 Sep 23, 2024

#18 in #bug-bounty

Download history 352/week @ 2024-09-21 27/week @ 2024-09-28

64 downloads per month

MIT license

75KB
242 lines

Logo

🏎️💨 Grep for sensitive info FAST! 🏎️💨

FeaturesInstallationUsageContribute to this project

Features

  • Grep files or directories for sensitive information using predefined patterns.
  • Add custom patterns in YAML format.

Installation

cargo install infogrep

Usage

The default pattern is 'secrets' wich points to default-patterns/rules-stable.yml, it contains a lot of regex for sensitive info such as Api Keys (aws, github and a lot more), Asymmetric Private Keys etc ... Another pre-installed patterns yaml is the 'pii', containing a lot of regex for emails, phone numbers and more.

Examples

Scan a file:

infogrep -i file1.txt

Scan a directory:

infogrep -i my_dir

Add a custom pattern in ~/.config/infogrep.patterns.json with "name" : "/path/to/yaml.yml"

Scan with a custom pattern:

infogrep -f file.js -p mypattern

Some regex might suck and match a lot of shit, you can use -t flag to truncate the output and see more results at once (default is 400 chars, if you want to see the whole thing set -t 0):

infogrep -i my_dir -t 1000

Contribute

if you find this tool helpfull and want to give a better/new regex or anything that can improve performace pull request will be welcomed!

Dependencies

~10–26MB
~330K SLoC