| CARVIEW |
Select Language
HTTP/2 200
date: Wed, 23 Jul 2025 16:56:19 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
x-robots-tag: none
etag: W/"181c27ff841ce967358ca47cb4725e0e"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=%2FYfYNczDTHXAAKaGRqigBPXyWf%2FNKGdrhvriTJ%2B7Qnqh8PCqC0qhIo%2B8QiDLvzAi1SHTKvh%2BXjJG%2Fca3AuQTuR56%2BruxzDqVah8wD7MLNY3gY0OAPSZRO7%2FjzWsrwHxLWpRwSAinrqxkVlSIzXCeHIg29mIQ8i%2BMYel4ca9kUmZ0ju0QhqZoBeLFxOPG2FLpNmZ7kUeURXpslSxvAZ5%2BAmAcUZsekUoKc1yd2kme8ikH%2BxHphuDIvwq1DW9VOWiX%2FZCNwWvdfHR3YatkkOh2BQ%3D%3D--TP4ougblMJiEhrZP--0%2BL%2BjcgLO5mjQvf0kXwjBw%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.398248430.1753289779; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 16:56:19 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 16:56:19 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: BAF4:167F3A:EDB2CE:11918CF:68811433
Scan local files and directories · SAP/credential-digger Wiki · GitHub
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 55
Scan local files and directories
Marco Rosa edited this page Oct 25, 2021
·
4 revisions
Credential Digger now offers the possibility to scan files and directories from the local file system, regardless of being related to a git repository.
- Install the dipendencies
- Instantiate the client (either Postgres or Sqlite)
or
from credentialdigger import PgClient c = PgClient(dbhost='xxx.xxx.xxx.xxx', dbport=NUM, dbname='mydbname', dbuser='myusername', dbpassword='mypassword')
from credentialdigger import SqliteClient c = SqliteClient(path='/path/to/data.db')
- Launch the scan of a directory
new_discoveries = c.scan_path(scan_path=REPO_PATH, category=CATEGORY, models=MODELS, force=FORCE, debug=DEBUG, similarity=SIMILARITY, max_depth=MAX_DEPTH, ignore_list=IGNORE_LIST)
- scan_path: the path of the directory or file to scan
- category: if specified, scan the repo using all the rules of this category, otherwise use all the rules in the db
- models: a list of models for the ML false positives detection
- force: force a complete re-scan of the repository, in case it has already been scanned previously
- debug: flag used to decide whether to visualize the progressbars during the scan (e.g., during the insertion of the detections in the db)
-
generate_snippet_extractor: generate the extractor model to be used in the SnippetModel. The extractor is generated using the ExtractorGenerator. If[DEPRECATED IN v4.4]False, use the pre-trained extractor model - similarity: build the embedding model, compute and store discoveries embeddings to allow for automatic update of similar discoveries
- max_depth: the maximum depth to which traverse the subdirectories tree. A negative value will not affect the scan.
- ignore_list: a list of paths to ignore during the scan. This can include file names, directory names, or whole paths. Wildcards are supported as per the
fnmatchpackage.
The id of the discoveries detected by the scanner (excluded the ones classified as false positives).
- Installation instructions: Readme
- Preparation for the scanner's rules
- Deploy over HTTPS (Optional)
- How to update the project
- How to install on MacOS ARM
- Python library
- CLI
- Web UI through the Docker installation
- Pre-commit hook
Clone this wiki locally
You can’t perform that action at this time.