A Source Code Analysis Tool to detect hard coded secrets. Written in C++, it uses Entropy, Regex and in the future machine learning algorithm for detection.
This is a project started in P6 as part of our studies at IMT Nord Europe
To use our tool make sure your computer has Make or Makefile. You will then simply place yourself at the root of the project and enter :
makefile mainThen access the executable in the bin folder, and enjoy. The tool is still in beta
| title | arguments | example | description |
|---|---|---|---|
| Help | --help/-h |
main -h |
Shows how to use the program |
| Directory | --dir/-d |
main -d "path" -r "path.json" |
Path for the directory you want to analyze |
| Rules | --rules/-r |
main -d "path" -r "path.json" |
Path to the rules json file we need to follow |
| entropy | --entropy/-e |
main -d "path" -r "path.json" -e |
Activates the entropy rules, secrets out of bound from there rules entropy will be removed |
| Log output | --log/-l |
main -d "path" -r "path.json" -l "path.txt" |
Path for the log output |
- BREAKING CHANGE:
- build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
- ci: Changes to our CI configuration files and scripts (examples: CircleCi, SauceLabs)
- docs: Documentation only changes
- feat: A new feature
- fix: A bug fix
- perf: A code change that improves performance
- refactor: A code change that neither fixes a bug nor adds a feature
- test: Adding missing tests or correcting existing tests