Scan4secrets
SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source code scanner and for URL that detects hardcoded secrets like API keys, credentials, and sensitive information across files and folders.
Install / Use
/learn @m14r41/Scan4secretsREADME
scan4secrets
A lightweight, high-performance secret scanner built for both SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing).
Key Features
-
400+ advanced detection rules to uncover secrets, tokens, keys, and misconfigurations.
-
Supports scanning across 260+ file extensions.
-
Tailored wordlists for real-world tech stacks, including:
CloudProvider-ServiceDocker-Compose-KubernetesKeys-SSH-CertificateNode.js-Express.jsOtherConfig-CI-DevOpsPython-Django-FlaskReact-Next.js-Vite-Frontendcommon,.env,php-laravel-symfony-drupal,wordpress, and more.
-
Output formats: CSV, Excel, PDF, HTML.
-
Custom output paths supported for easy integration into pipelines and workflows.
Report
Reports are saved in the current working directory by default.
Installation
git clone https://github.com/m14r41/scan4secrets.git
cd scan4secrets
pip install -r requirements.txt
Usage
Scan a directory and generate an Excel file
python3 main.py --path /path/to/code
Generate multiple output formats
python main.py --path /path/to/code --formats excel pdf csv html --output scan_report
Output as HTML only
python main.py --path /var/www/html --formats html --output web_secrets
Sample Output for SAST (Source Code Review)
Sample Output for Websites
python3 main.py --url m14r41.in
Contribution
Feel free to contribute. Thank you!
