The creator of the popular secret detection tool Gitleaks has launched a new open-source scanner called BetterLeaks. Backed by Aikido Security, this modern utility is an advanced successor to its predecessor, designed to detect exposed credentials in directories and Git repositories.
BetterLeaks works as a drop-in replacement for Gitleaks, ensuring compatibility with existing CLI options and configurations. The project is published under the MIT license and maintained by a team of four security experts from companies such as Red Hat, Amazon, and RBC. This community-driven governance model aims to ensure long-term stability.
Key features of BetterLeaks include BPE tokenization-based scanning for improved efficiency and accuracy, rule-defined validation using Common Expression Language (CEL), a pure Go architecture without CGO or Hyperscan dependencies, automatic handling of encoded secrets, and parallel Git scanning. Future updates are expected to support additional data sources, AI-assisted secret classification, automated credential revocation, and permission mapping.
BetterLeaks is specifically designed for development environments driven by AI, enabling agents to automatically scan generated code or enhance bug bounty workflows.