Skip to content

tcdsv/2ms

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Latest Release License GitHub Discussions

2ms Mascot

Too many secrets (2MS) is an open source project dedicated to helping people protect their sensitive information like passwords, API keys from appearing in public websites and communication services.

During the software development lifecycle (SDLC), developers ofen communicate and exchange secret data in various ways. While there are tools available for detecting secrets in source code and Git repositories, there are few options for identifying secrets in plain text documents, emails, chat logs, content managment systems and more. Some of them are public, or have a mixture of private / public, meaning it's easy to make an onest mistake and publish secret data to the world wide web.

2ms is built over a secret detection engine (currently gitleaks) and includes various plugins to interact with popular platforms. This means anyone can contribute, improve and extend 2ms quite easily. We believe that by working together, we can create a more secure digital world. You're welcome to join our community.

Supported Platforms

  • Confluence
  • Discord
  • Slack
  • Git
  • Paligo
  • Local directory / files

Getting 2ms

curl -LO https://github.com/Checkmarx/2ms/releases/latest/download/2ms && chmod +x 2ms
./2ms

Docker

docker run -v path/to/my/repo:/repo checkmarx/2ms git /repo

(For git command, you have to mount your git repository to /repo inside the container)

Getting started

2ms Secrets Detection: A tool to detect secrets in public websites and communication services.

Usage:
  2ms [command]

Commands
  confluence  Scan Confluence server
  discord     Scan Discord server
  filesystem  Scan local folder
  git         Scan local Git repository
  paligo      Scan Paligo instance
  slack       Scan Slack team

Additional Commands:
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  rules       List all rules

Flags:
      --config string          config file path
      --exclude-rule strings   exclude rules by name or tag to apply to the scan (removes from list, starts from all)
  -h, --help                   help for 2ms
      --include-rule strings   include rules by name or tag to apply to the scan (adds to list, starts from empty)
      --log-level string       log level (trace, debug, info, warn, error, fatal) (default "info")
      --regex stringArray      custom regexes to apply to the scan, must be valid Go regex
      --report-path strings    path to generate report files. The output format will be determined by the file extension (.json, .yaml, .sarif)
      --stdout-format string   stdout output format, available formats are: json, yaml, sarif (default "yaml")
  -v, --version                version for 2ms

Use "2ms [command] --help" for more information about a command.

Made by Checkmarx with ❤️

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 98.9%
  • Other 1.1%