GitGuardian Unveils Free Toolset: HasMySecretLeaked
October 17, 2023

GitGuardian unveiled HasMySecretLeaked, a free toolset to help security engineers proactively verify if their organization’s secrets have leaked on GitHub.com.

HasMySecretLeaked is a private database with over 20 million records of hashed secrets leaked in public sources, including GitHub.com. Users can query the database by submitting a hashed version of their secret in the search console, and GitGuardian will look for their perfect matches–without revealing any other secrets or their locations.

“Knowing whether your ‘vaulted’ secrets have leaked publicly is just one API call away. We built a privacy-safe and secure process that returns an unequivocal answer to the crucial question: Has my secret leaked?” said Eric Fourrier, co-founder and CEO of GitGuardian.

GitGuardian users can also harness HasMySecretLeaked directly from the command-line interface ggshield. In addition, ggshield includes plug-ins for pulling secrets from popular tools like HashiCorp Vault and AWS Secrets Manager and staging them in local environments before leak inspection.

The capability is also already integrated into the GitGuardian Platform. It will notify security teams if their hardcoded secrets, found in organization-owned repositories, Slack workspaces, or Jira projects, are unintentionally leaked to public sources the organization cannot control or see.

“It’s more than just visibility. Undetected public exposure makes all the difference between a simple alert and a critical incident. It’s the context security teams badly need to prioritize remediation,” said Edouard Viot, Vice President of Product at GitGuardian.

GitGuardian scans every public commit on GitHub for leaks, spanning API keys, database assignments, and developer secrets. In 2020, it uncovered 3 million exposed secrets, surging to 6 million in 2021 and an astounding 10 million in 2022.

GitGuardian also understands the importance of protecting secrets from unwanted exposure and has designed HasMySecretLeaked in a way that does not read or access users’ secrets.

“We’re leveraging concepts such as k-anonymity and zero-knowledge, making it impossible for us or anyone else to see or reconstruct the secrets, all while determining whether they have leaked in public sources,” said Eric Fourrier.

Share this

Industry News

April 07, 2025

Appfire announced its launch of the Appfire Cloud Advantage Alliance.

April 07, 2025

Salt Security announced API integrations with the CrowdStrike Falcon® platform to enhance and accelerate API discovery, posture governance and threat protection.

April 07, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.

April 03, 2025

Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.

April 03, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.

April 02, 2025

Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.

April 02, 2025

Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.

April 02, 2025

Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.

April 02, 2025

Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)

April 02, 2025

Opsera raised $20M in Series B funding.

April 02, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.

April 01, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.

April 01, 2025

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.