Scan
pipeleak gh scan
Scan GitHub Actions
Synopsis
Scan GitHub Actions workflow runs and artifacts for secrets
| pipeleak gh scan [no options!] [flags]
|
Examples
| # Scan owned repositories including their artifacts
pipeleak gh scan --token github_pat_xxxxxxxxxxx --artifacts --owned
# Scan repositories of an organization
pipeleak gh scan --token github_pat_xxxxxxxxxxx --artifacts --maxWorkflows 10 --org apache
# Scan public repositories
pipeleak gh scan --token github_pat_xxxxxxxxxxx --artifacts --maxWorkflows 10 --public
# Scan by search term
pipeleak gh scan --token github_pat_xxxxxxxxxxx --artifacts --maxWorkflows 10 --search iac
# Scan repositories of a user
pipeleak gh scan --token github_pat_xxxxxxxxxxx --artifacts --user firefart
|
Options
| -a, --artifacts Scan workflow artifacts
--confidence strings Filter for confidence level, separate by comma if multiple. See readme for more info.
-h, --help help for scan
--maxWorkflows int Max. number of workflows to scan per repository (default -1)
--org string GitHub organization name to scan
--owned Scan user onwed projects only
-p, --public Scan all public repositories
-s, --search string GitHub search query
--threads int Nr of threads used to scan (default 4)
-t, --token string GitHub Personal Access Token
--truffleHogVerification Enable the TruffleHog credential verification, will actively test the found credentials and only report those. Disable with --truffleHogVerification=false (default true)
--user string GitHub user name to scan
-v, --verbose Verbose logging
|
Options inherited from parent commands
| --coloredLog Output the human-readable log in color (default true)
--json Use JSON as log output format
-l, --logfile string Log output to a file
|
SEE ALSO