Nosey Parker – The Essential Tool for Detecting Secrets in Your Git Repositories

We all have secrets to hide, but that doesn’t prevent some developers from inadvertently exposing these secrets in their Git repositories. By ‘secrets’, I mostly refer to identifiers and API keys that could, unfortunately, end up in plain text in code files or text documents pushed to GitHub.

So, what can you do to prevent this?

Whether for defensive or offensive purposes, Nosey Parker is the tool you need to uncover the little secrets hidden in the dark corners of GitHub’s code and text files.

This tool can scan files, directories, and the entire history of Git repositories. It combs through them using regular expressions and, upon finding something, stores it in a datastore.

This enables you to conduct code audits or simply ensure you’re not the ‘distracted developer’ I mentioned at the start of this article.

To use Nosey Parker, you can launch it via Docker or download the tool for macOS or Linux from the provided link.

To scan a local Git repository and store the results in a datastore, you should use the following command:

noseyparker scan --datastore cpython cpython.git

If you wish to scan a Git repository online, it’s straightforward:

noseyparker scan --datastore noseyparker --git-url https://github.com/praetorian-inc/noseyparker

To review a scan’s findings from its datastore:

noseyparker summarize --datastore noseyparker

And for a detailed report:

noseyparker report --datastore noseyparker

There you have it: detailed insights into any data leaks. Obviously, Nosey Parker should be used responsibly to secure your own code or for authorized audit missions.

You can find Nosey Parker here.

Mohamed SAKHRI
Mohamed SAKHRI

I'm the creator and editor-in-chief of Tech To Geek. Through this little blog, I share with you my passion for technology. I specialize in various operating systems such as Windows, Linux, macOS, and Android, focusing on providing practical and valuable guides.

Articles: 1747

Newsletter Updates

Enter your email address below and subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked *