# gitleaks

> Detect secrets and API keys leaked in Git repositories.
> More information: <https://github.com/gitleaks/gitleaks>.

- Scan a remote repository:

`gitleaks detect --repo-url {{https://github.com/username/repository.git}}`

- Scan a local directory:

`gitleaks detect --source {{path/to/repository}}`

- Output scan results to a JSON file:

`gitleaks detect --source {{path/to/repository}} --report {{path/to/report.json}}`

- Use a custom rules file:

`gitleaks detect --source {{path/to/repository}} --config-path {{path/to/config.toml}}`

- Start scanning from a specific commit:

`gitleaks detect --source {{path/to/repository}} --log-opts {{--since=commit_id}}`

- Scan uncommitted changes before a commit:

`gitleaks protect --staged`

- Display verbose output indicating which parts were identified as leaks during the scan:

`gitleaks protect --staged --verbose`