Integrate Betterleaks with Vulnetix. Scan git repositories, files, and stdin for leaked secrets using regex patterns combined with entropy analysis. Export findings as SARIF.
All languages (regex + entropy)CLI toolSARIFJSONCSV
Install & scan
$ # Homebrew (macOS/Linux) brew install betterleaks # Binary download from releases curl -L https://github.com/betterleaks/betterleaks/releases/latest/download/betterleaks_Linux_x86_64.tar.gz | tar xz sudo mv betterleaks /usr/local/bin/ $ # Scan git repository with SARIF output betterleaks git -f sarif -r betterleaks.sarif .
Run Betterleaks in CI
Scan on every push and upload the results to Vulnetix:
- name: Betterleaks secret scan
run: |
curl -L https://github.com/betterleaks/betterleaks/releases/latest/download/betterleaks_Linux_x86_64.tar.gz | tar xz
sudo mv betterleaks /usr/local/bin/
betterleaks git -f sarif -r betterleaks.sarif .
- name: Upload to Vulnetix
run: vulnetix upload --file betterleaks.sarif
Centralise Betterleaks results in Vulnetix
Upload Betterleaks SARIF, JSON, CSV output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.