Credfence is a high-performance secret and credential scanning engine built in Rust.
It scans Git repositories for exposed API keys, tokens, and secrets — locally, in CI.
Stop secrets before they ship.
./credfence
--repo <REPO_URL>
--output-format <json|table>
--rules-source
--scan-id
- 🔐 Secret & credential detection (API keys, tokens, passwords, etc.)
- ⚡ High-performance Rust engine
- 🧱 Reusable library + thin CLI
- 🧠 Deep history scanning (full or diff-only)
- 📄 JSON & SARIF output (GitHub code scanning compatible)
- 🚫 Safe by design — secrets are masked before storage or output
Visit https://credfence.com/docs for complete documentation, including installation guides, CLI reference, details, and deployment patterns for production and SaaS environments.
❤️ If you find this project useful, you can support me with a coffee: Buy Me a Coffee
