-
Notifications
You must be signed in to change notification settings - Fork 0
Home
penumbraforge edited this page Apr 1, 2026
·
3 revisions
The first secret scanner that fixes what it finds. For free.
Gate catches secrets before they're committed, verifies if they're live, and auto-fixes them across 9 languages. It generates compliance reports, incident documentation, and git history purge scripts.
- Installation -- npm, npx, Homebrew, and manual install
- Quick Start -- First scan in 60 seconds
-
Configuration --
.gatercand.gateignoresetup
- Secret Detection -- 148 detection rules, entropy analysis, and custom rules
-
Auto-Fix Engine -- Extract secrets to
.envacross 9 languages - Credential Verification -- Check if detected secrets are live
- Interactive Remediation -- Single-keypress fix, vault, or ignore per finding
- Vault Encryption -- AES-256-GCM local secret encryption
- Incident Response -- 5-step guided workflow for leaked secrets
- Git History Scanning -- Find secrets in past commits
-
Purge Scripts -- Generate
git-filter-reposcripts to scrub history - Exposure Assessment -- LOCAL / COMMITTED / PUSHED classification
- Compliance Reports -- OWASP, NIST, CIS, SOC 2 mappings
- SARIF Output -- GitHub Advanced Security integration
- Audit Trail -- SHA-256 integrity-chained local audit log
- CLI Reference -- All commands and flags
- Detection Rules -- Full rule catalog with patterns
- Architecture -- How Gate works internally
- FAQ