← All Cheatsheets

recon

GitLeaks & Source Code Recon — Secret Discovery

Gitleaks and other tools for finding secrets, credentials, and sensitive data in source code and git history.

17 views Apr 2026 lazyhackers

Gitleaks (6)

gitleaks detect --source=. -v

Scan current git repo for secrets

gitleaks scan repo

gitleaks detect --source=/path/to/repo -v

Scan specific git repository

gitleaks scan

gitleaks detect --source=. --report-path=report.json

Scan and save report as JSON

gitleaks report json

gitleaks detect --source=. --no-git

Scan directory without git history

gitleaks directory

gitleaks git --repo-path=. -v

Scan entire git history for secrets

gitleaks history

gitleaks detect -c .gitleaks.toml --source=.

Use custom config/rules file

gitleaks custom config

Git History Recon (7)

git log --all --oneline

List all commits in history

git history log

git log --all -p | grep -i password

Search all diffs for "password"

git grep password

Search diffs for common secret patterns

git grep secrets

git show COMMIT_HASH:path/to/file

View file at a specific commit

git show commit

git stash list && git stash show -p stash@{0}

Check stashed changes for secrets

git stash

git log --all --full-history -- "*.env" "*.key" "*.pem"

Find commits that touched sensitive file types

git files sensitive

git log --diff-filter=D --summary | grep delete

Find deleted files in history

git deleted files

truffleHog & Other Tools (7)

trufflehog git file://path/to/repo

truffleHog scan local git repo

trufflehog scan git

trufflehog github --repo=https://github.com/org/repo

truffleHog scan GitHub repo

trufflehog github

trufflehog filesystem /path/to/dir

truffleHog scan filesystem

trufflehog filesystem

grep -rn "BEGIN RSA PRIVATE KEY" .

Find private keys in source code

grep privkey

grep -rn "AWS_ACCESS_KEY_ID\|AKIA" .

Find AWS access keys

grep aws keys

find . -name "*.env" -o -name ".env*" -o -name "*.pem" -o -name "id_rsa"

Find sensitive files by name

find env pem ssh

find . -name "config.php" -o -name "config.yml" -o -name "settings.py" | xargs grep -l "password\|secret\|key"

Find config files containing secrets

find config secrets

GitHub Dorking (Online) (5)

org:target_org "password" OR "api_key" OR "secret" language:python

GitHub search: secrets in org Python files

github dorking search

org:target_org filename:.env

GitHub: find .env files in org

github dorking .env

org:target_org extension:pem

GitHub: find PEM certificate files

github dorking pem

org:target_org "BEGIN RSA PRIVATE KEY"

GitHub: find exposed private keys

github dorking privkey

"AKIA" site:github.com target_org

Google dork: AWS keys on GitHub for org

google dorking aws github