Home

Home

Vexil is a specialized static secret scanner designed to catch hardcoded credentials in CI/CD pipelines before they reach production. It focuses on preventing accidental developer error in regulated, air-gapped, or network-restricted environments where external verification is not an option.

Vexil combines a dual-class detection engine (Tokens vs. Credentials) with a mathematical Shannon entropy gate and an offline Compliance Enrichment Layer (v2.6.0).

Wiki Pages:

• How It Works
• Architecture
• Detection Patterns
• False Positive Reduction
• CI/CD Integration
• Adding Custom Patterns
• Testing
• Contributing

//: # Copyright (c) 2026 André Ataíde. All rights reserved. Vexil Signature: 2c3e07e432503abe0fa86d84db7e4ced210a6535ecb8956fdde7f48f321a983b

​‌​‌‌‌‌‌​‌‌‌​​‌‌​‌‌​‌​​​​‌‌​​​​‌​‌‌​‌‌‌​​‌‌​‌‌‌​​‌‌​‌‌‌‌​‌‌​‌‌‌​​‌​‌‌‌‌‌​‌‌​​‌​‌​‌‌​‌‌‌​​‌‌‌​‌​​​‌‌‌​​‌​​‌‌​‌‌‌‌​‌‌‌​​​​​‌‌‌‌​​‌​‌​‌‌‌‌‌​‌‌​​​‌​​‌‌​​​​‌​‌‌‌​​‌‌​‌‌​​‌​‌​‌‌​‌‌​​​‌‌​‌​​‌​‌‌​‌‌‌​​‌‌​​‌​‌​​‌​​​​​​​‌‌‌‌​‌​​‌​​​​​​​‌​​​‌​​‌‌​​​​‌​​‌‌‌​​​​‌‌​​‌‌​​​‌‌​‌​‌​‌‌​​‌‌​​​‌‌​​​‌​​‌‌​‌‌​​​‌‌​‌‌‌​‌‌​​‌‌​​​‌‌​‌​​​​‌‌​‌​​​‌‌​​‌‌​​​‌‌​‌​​​​‌‌‌​​‌​​‌‌​‌‌​​​‌‌​‌​​​‌‌​​‌​‌​​‌‌​‌‌​​‌‌​​​‌‌​​‌‌‌​​‌​​‌‌‌​​‌​​‌‌‌​​​​‌‌​​‌​​​‌‌​​‌​‌​‌‌​​‌​‌​​‌‌‌​​​​​‌‌​​‌​​​‌‌​‌‌‌​​‌‌​​​‌​​‌‌​​​‌​​‌‌​​​​​‌‌​​​‌‌​​‌​​​‌​‍