Sensitive search is a configurable cli tool to find sensitive information stored in files such as passwords and usernames that need to be stored in an environment variable or vault. Sensitive Seach will search for password, username and user by default but this is configurable as listed below.
- Python 3.6 or later
- Git
git clone https://github.com/vatdaell/sensitive-search.git
To scan a single file for sensitive data:
python main.py path/to/your/file.txt
To scan an entire directory and its subdirectories for sensitive data:
python main.py -r path/to/your/directory
If your file uses a specific encoding, you can specify it with the -e
or --encoding
option, the default encoding is UTF-8:
python main.py path/to/your/file.txt -e encoding
For example, to use UTF-8 encoding:
python main.py path/to/your/file.txt -e utf-8
To use custom patterns for scanning, specify a JSON file containing your patterns with the -p
or --patterns
option:
python main.py path/to/your/file.txt -p path/to/your/patterns.json
patterns.json
{
"patterns": [
"\\bpassword\\s*=\\s*.+",
"\\buser(name)?\\s*=\\s*.+",
"...other patterns..."
]
}
To generate a text file output of the scan results, use the -t
or --text
option followed by the desired output filename:
python main.py path/to/your/file.txt -t output.txt
Please ensure that the paths to files or directories, pattern JSON file, and output text file are correctly specified according to your filesystem.