Skip to content

CompassSecurity/pipeleek

BranchesTags

Repository files navigation

GitHub Release GitHub commits since latest release

Pipeleek

Pipeleek is a tool designed to scan CI/CD logs and artifacts for secrets.

It supports the following platforms:

  • GitLab
  • GitHub
  • BitBucket
  • Azure DevOps
  • Gitea

Once secrets are discovered, further exploitation often requires additional tooling. Pipeleek provides several helper commands to assist with this process.

Getting Started

To begin using Pipeleek, download the latest binary from the Releases page.

Quick Install (Linux/macOS)

Install the latest version with a single command:

curl -sL https://compasssecurity.github.io/pipeleek/install.sh | sh

⚠️ Security Warning: Piping scripts directly to sh can be dangerous. Always review the script contents first at https://compasssecurity.github.io/pipeleek/install.sh before executing.

Install with Go

Alternatively, install using Go:

go install github.com/CompassSecurity/pipeleek/cmd/pipeleek@latest

Detailed command documentation can be found in the documentation.

Formerly known as Pipeleak. Name and design idea credits to @sploutchy.

About

Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them

compasssecurity.github.io/pipeleek/introduction/getting_started/

Topics

golang renovate secret-scanning pipeleek

Resources

Readme

License

AGPL-3.0 license

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

15 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases 70

v0.48.0 Latest
Dec 4, 2025
+ 69 releases

Contributors 7

Languages