pillager v0.8.1 releases: recursively search directories for sensitive information in files

by do son · Published February 3, 2021 · Updated October 25, 2022

Pillager

Pillager is designed to provide a simple means of leveraging Go’s strong concurrency model to recursively search directories for sensitive information in files. It does this by standing on the shoulders of a few giants. Once pillager finds files that match the specified pattern, the file is scanned using a series of concurrent workers that each take a line of the file from the job queue and hunt for sensitive pattern matches. The available pattern filters can be found on the hunt command’s help page.

Configuration

Gitleaks Rules

Pillager provides full support for Gitleaks rules. This can either be passed in with rules.toml file, or you can use the default ruleset by leaving the rules flag blank.

Currently entropy is not implemented, but it is absolutely planned to add support for Gitleaks’ entropy configs in future updates.

# rules.toml

title = "pillager rules"

[[rules]]

description = "AWS Access Key"

regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''

tags = ["key", "AWS"]

[[rules]]

description = "Email Address"

regex = '''(?i)([A-Za-z0-9!#$%&'*+\/=?^_{|.}~-]+@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)'''

tags = ["email", "User Info"]