Skip to content

README.md

Latest commit

 

History

History
91 lines (68 loc) · 3.57 KB

README.md

File metadata and controls

91 lines (68 loc) · 3.57 KB

CredFinder

GitHub License GitHub Stars GitHub Issues GitHub Pull Requests GitHub Last Commit GitHub Release GitHub repo size GitHub contributors Bash Security

CredFinder is a powerful Bash utility designed to scan codebases and configuration files for hardcoded credentials and secrets, helping developers identify potential security vulnerabilities.

Features

  • 🔍 Recursively scans directories for hardcoded credentials
  • 🔧 Customizable search patterns and file extensions
  • ⚡ Performance optimized with file size limits
  • 📊 Detailed reporting with line-by-line context
  • 🚫 Configurable exclusion patterns for directories
  • 📝 Output to file option for further analysis
  • 🔄 Duplicate file detection to avoid redundant scanning
  • 🎨 Visual progress bar with real-time scanning statistics
  • 📦 Pretty output formatting with boxed headers

Usage

./cred_finder.sh [OPTIONS] [DIRECTORY]

If DIRECTORY is specified, it can be absolute or relative path.

Options

  -h, --help             Show this help message and exit
  -r, --recursive        Scan subdirectories recursively
  -d, --depth NUM        Limit recursion depth (default: unlimited)
  -e, --exclude PATTERN  Exclude directories matching pattern (can be used multiple times)
  -p, --pattern PATTERN  Custom search pattern
  -x, --extensions LIST  Comma-separated list of file extensions to scan
  -m, --max-size SIZE    Maximum file size to scan in MB (default: 5 MB)
  -v, --verbose          Enable verbose/debug output
  -o, --output FILE      Save all findings to specified file

Examples

./cred_finder.sh -r                       # Recursive scan from current directory
./cred_finder.sh -r -e "node_modules"     # Exclude node_modules directory
./cred_finder.sh -r -d 2                  # Limit recursion to 2 levels deep
./cred_finder.sh -p "api_key|password"    # Custom search pattern
./cred_finder.sh -x "js,py,json"          # Only scan specific extensions
./cred_finder.sh -o output.log            # Save findings to a file

Output

The script provides a rich visual output:

  • ASCII art banner with project information
  • Real-time progress bar showing scan status
  • Detailed findings with pretty box-style formatting
  • Counts of scanned files, duplicates skipped, and credentials found
  • Greppable summary for easy parsing by other tools

Installation

Clone the repository and make the script executable:

git clone https://github.com/fredycibersec/credFinder.git
cd credFinder
chmod +x cred_finder.sh

License

This project is licensed under the MIT License - see the LICENSE file for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. See the CONTRIBUTING.md file for guidelines.

Disclaimer

This tool is intended for security research and responsible use only. Always ensure you have proper authorization before scanning codebases that you do not own.