Created
November 21, 2025 00:48
-
-
Save plmi/91d3ecdd90e1448e180c4e6091e29f62 to your computer and use it in GitHub Desktop.
Custom .gitleaks.toml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [[rules]] | |
| id = "md5-hash" | |
| description = "MD5 hash detected, ignoring images" | |
| regex = '''\b[a-fA-F0-9]{32}\b''' | |
| severity = "medium" | |
| [[rules.allowlists]] | |
| paths = [ | |
| ".*\\.jpg$", | |
| ".*\\.png$" | |
| ] | |
| [[rules]] | |
| id = "sha1-hash" | |
| description = "Detect SHA-1 hashes, ignoring anything inside .git directory" | |
| regex = '''\b[a-fA-F0-9]{40}\b''' | |
| severity = "medium" | |
| [[rules.allowlists]] | |
| # Allow any file path under .git directory | |
| paths = [ | |
| '''.*\.git/.*''' | |
| ] | |
| [[rules]] | |
| id = "apache-apr1-hash" | |
| description = "Detect Apache APR1 (MD5-based) password hashes" | |
| regex = '''\$apr1\$[A-Za-z0-9./]{1,8}\$[A-Za-z0-9./]{22}''' | |
| secretGroup = 0 | |
| severity = "high" | |
| [[rules]] | |
| id = "rsa-private-key" | |
| description = "RSA private key" | |
| regex = '''-----BEGIN RSA PRIVATE KEY-----''' | |
| severity = "critical" | |
| [[rules]] | |
| id = "ssh-private-key" | |
| description = "OpenSSH private key" | |
| regex = '''-----BEGIN OPENSSH PRIVATE KEY-----''' | |
| severity = "critical" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment