santhsecurity/keyhog

v0.2.0 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 1mo Secrets & Credentials

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

api-keys credentials security git gpu hyperscan

+5 more

pre-commit rust secret-detection secret-scanner simd

Summary

AI summary

What's New, Decode-through, and Cross-platform enhancements add 896 detectors, GPU routing, multiline support, decode capabilities, ML scoring, checksum validation, and zero‑config multi‑OS scanning.

Full changelog

The fastest, most accurate secret scanner. Built in Rust.

Performance

| | KeyHog | Gitleaks | TruffleHog | Titus |
|---|---|---|---|---|
| Recall | 96% | 72% | 28% | 32% |
| Django FPs | 1 | - | 0 | 17,481 |
| Speed (86 MB) | 0.5s | 0.3s | 1.4s | 2.3s |

What's New

896 embedded detectors (AWS, Stripe, GitHub, Slack, OpenAI, Twilio, +890 services)
Parallel Hyperscan NFA scan — 95%+ of files skipped at zero cost
GPU auto-routing via warpstate (NVIDIA, AMD, Intel, Metal)
Entropy-gated generic key=value scanner
Multiline secret detection (backslash continuation, string concat)
Decode-through: base64, hex, URL, quoted-printable, Z85
ML confidence scoring with MoE classifier
Checksum validation (GitHub CRC32, npm, Slack, PyPI)
Cross-platform: Linux, macOS, Windows — zero configuration

Install

cargo install keyhog

Usage

keyhog scan .                    # Scan directory
keyhog scan . --verify           # Live verification
keyhog scan --git-history .      # Git history
keyhog scan . --format sarif     # SARIF output

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track santhsecurity/keyhog

Get notified when new releases ship.

About santhsecurity/keyhog

All releases →