DeepTrace-AI is an advanced Python tool that scans GitHub repositories, files, and URLs for hardcoded secrets using both regex patterns and AI-based classification (CodeBERT).
- β Regex + AI detection for secrets like API keys, tokens, passwords
- β‘ Fast scanning with multithreading
- π― Confidence threshold to reduce false positives
- π Scans public GitHub repos using the GitHub API
- π Supports
.env, config files, and raw URLs
pip install torch transformers requests- Uses CodeBERT (microsoft/codebert-base)
- Binary classification: Sensitive vs Non-sensitive code lines
python deeptrace_ai_scanner.pyThen choose one of the options:
1οΈβ£ Scan Laravel default .env.example
2οΈβ£ Scan any GitHub repo recursively
3οΈβ£ Scan a raw file URL
Scanning file: .env.example ...
Error [Regex] Generic Password in .env.example, line 15: password=mysecret
Error [AI] Sensitive line in config.py, line 42: stripe_api_key = "sk_test_..."
=== Scan Summary ===
Total files scanned: 5
Files with sensitive info detected: 2
Total issues found: 6
Secure files: 3
- AWS Access Keys
- Google API Keys
- JWT Secrets
- Bearer Tokens
- Database URLs
- Stripe Keys
- Private SSH Keys
- Generic passwords & API keys
MIT License Β© 2025
Dharmik Dudhat
Feel free to β the repo or contribute improvements!