/key-guard

A python tool that checks to find exposed authentication keys in a project and throws a warning. This prevents the sharing of sensitive data and enforces the use of best paractices like saving authentication keys and passwords to .env files.

Primary LanguagePythonMIT LicenseMIT

key-guard

A python tool that checks to find exposed authentication keys in a project and throws a warning. This prevents the sharing of sensitive data and enforces the use of best practices like saving authentication keys to .env files.

Features

  • Scan Project for exposed keys and passwords
  • Add words to guarded_words list to look out for when scanning
  • Exclude files from scanning
  • Include files for scanning

Core Requirements

  • Click

Using the CLI tool from Pip

  • Install the tool from pip by running:
pip install key-guard
  • Start by initializing the tool by running:
key-guard init
  • Quickly Scan your working directory by running:
key-guard scan
  • Add the --help option the command to check out the available options.
Usage: key-guard [OPTIONS] COMMAND [ARGS]...

Options:
  -l, --list            List all the guarded words
  -inc, --include TEXT  include a file to be scanned by removing it's name
                        from  .guard/.fileignore
  --help                Show this message and exit.

Commands:
  add     Add new words to .guard/.keyignore
  exempt  exempt a file from scanning by adding them to .guard/.fileignore
  init    create .guard folder and create .fileignore and .keyignore files
  scan    Scan the project for any key or token

Setting up the tool for local development

  • Clone this repository to your local machine.
  • Create a virtual environment for your project and activate it. Install all dependencies from requirements.txt file.
python3 -m venv .venv/
source .venv/bin/activate
pip install -r requirements.txt
  • In the root directory of the project, develop the project locally from the setup configuration.
python3 setup.py develop
  • A *.egg-info directory is created in your root directory for you to use the tool locally. Get started by running the following command:
key-guard init
  • the --help option the command to check out the available options.
Usage: key-guard [OPTIONS] COMMAND [ARGS]...

Options:
  -l, --list            List all the guarded words
  -inc, --include TEXT  include a file to be scanned by removing it's name
                        from  .guard/.fileignore
  --help                Show this message and exit.

Commands:
  add     Add new words to .guard/.keyignore
  exempt  exempt a file from scanning by adding them to .guard/.fileignore
  init    create .guard folder and create .fileignore and .keyignore files
  scan    Scan the project for any key or token

Contributing

  • Fork this repository to your GitHub account.
  • Clone the forked repository to your local machine.
  • Create a new branch for the feature you want to work on.
  • Make your contributions.
  • Push your local branch to your remote repository.
  • Open a pull request to the develop branch of this repository.