hardcodedcredsdetect
is a static analysis tool for Go that detects hard-coded secrets in source code and helps identify security risks.
hardcodedcredsdetect
provides the following features:
- Detect if variables that may contain sensitive information are hard-coded
You can install hardcodedcredsdetect
using the following command:
$ go install github.com/kyosu-1/hardcodedcredsdetect
You can use hardcodedcredsdetect
by running the following command:
$ go vet -vettool=which hardcodedcredsdetect <package_directory>
hardcodedcredsdetect uses the following regular expression to detect variable names that may contain sensitive information:
(?i)password|passwd|pwd
(?i)credential|cred|auth.*token|api.*key
The following is an example of code that hardcodedcredsdetect
will detect:
package main
import "fmt"
func main() {
password := "password123" // This will be detected by hardcodedcredsdetect
fmt.Println(password)
}