DeepScan is a powerful command-line tool designed to search for files based on filenames, paths, content, and encrypted secrets (SOPS). It works seamlessly in local file systems, GitHub, and GitLab repositories.
- OS File Search: Search local directories based on filename, path, or content.
- SOPS Decrypted Search: Handle and search within SOPS-encrypted files.
- GitHub Search: Scan GitHub organizations or individual repositories for matching files.
- GitLab Search: Scan GitLab groups or individual projects for matching files.
- Advanced Filtering: Apply filters for filenames, paths, content, and regex patterns.
- Exclusion Filters: Refine search results by excluding specific files or directories.
go install github.com/alican-uelger/deep-scan@latestEnsure you have Go installed, then run:
go build| Command | Description | Flags |
|---|---|---|
os search |
Scans a specified directory for matching files. | -d, --dir The root directory to scan [default: "."] |
gitlab search |
Scans a GitLab group for matching files. | -o, --org The GitLab group to scan · -r, --project A specific GitLab project to scan (mutually exclusive with --org) |
github search |
Scans a GitHub organization for matching files. | -o, --org The GitHub organization to scan · -r, --project A specific GitHub repository to scan (mutually exclusive with --org) |
These flags apply to all commands:
-l, --log-level Set the log level (DEBUG, INFO, WARN, ERROR) [default: INFO]-n, --name Search for files with specific names (exact match)
--name-contains Search for files with names containing this string
--name-regex Search for files with names matching this regex-p, --path Search in specific directories (exact match)
--path-contains Search in directories containing this string
--path-regex Search in directories matching this regex-c, --content Search for files containing specific content
--content-regex Search for files containing content matching this regex-s, --sops Search for SOPS-encrypted files
--sops-only Search for files that are only SOPS-encrypted
--sops-key Search for files encrypted with a specific key --exclude-name Exclude files with specific names (exact match)
--exclude-name-contains Exclude files with names containing this string
--exclude-path Exclude specific directories (exact match)
--exclude-path-contains Exclude directories containing this string
--exclude-content Exclude files containing specific content --output Output results to file (json, yaml)
--log-late Log results after the search completes instead of streaming them.
Useful for large searches where maximum throughput is preferred.deep-scan os search -d /my/projectSet the required environment variables:
export GITLAB_TOKEN=your_access_tokenOptionally, you can set the GitLab host (default is gitlab.com):
export GITLAB_HOST=https://gitlab.comScan an entire group:
deep-scan gitlab search -o my-groupScan a specific project:
deep-scan gitlab search -r my-group/my-projectSet the required environment variables:
export GITHUB_TOKEN=your_access_tokenOptionally, you can set the GitHub host (default is github.com):
export GITHUB_HOST=https://github.qkg1.topScan an entire organization:
deep-scan github search -o my-orgScan a specific repository:
deep-scan github search -r owner/my-repoSearch for files named secrets.yaml containing password in a specific GitLab project:
deep-scan gitlab search -r my-group/my-project -n secrets.yaml -c passwordSearch for SOPS-encrypted files across a GitHub organization, output as JSON:
deep-scan github search -o my-org --sops-only --output jsonSearch for files matching a content regex, excluding test directories:
deep-scan os search -d . --content-regex "api[_-]?key\s*=" --exclude-path-contains test