You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Kingfisher is a blazingly fast secret‑scanning and live validation tool built in Rust. It combines Intel’s SIMD accelerated regex engine (Hyperscan) with language‑aware source code parsing, and **ships with hundreds of built‑in rules** to detect, validate, and triage secrets before they ever reach production
11
-
</p>
10
+
Kingfisher is a blazingly fast secret-scanning and **live validation** tool built in Rust.
11
+
12
+
It combines Intel’s SIMD-accelerated regex engine (Hyperscan) with language-aware parsing to achieve high accuracy at massive scale,
13
+
and **ships with hundreds of built-in rules** to detect, **validate**, and triage secrets before they ever reach production.
14
+
15
+
For a look at how Kingfisher has grown from its early foundations into today's full-featured scanner, see [Lineage and Evolution](#lineage-and-evolution).
12
16
13
-
Originally forked from Praetorian’s Nosey Parker, Kingfisher has since significantly expanded and diverged, adding live validation, 10+ new scan targets, and major architectural enhancements. See [Origins and Divergence](#origins-and-divergence) for details.
17
+
</p>
14
18
15
19
## Key Features
16
20
@@ -143,7 +147,7 @@ See ([docs/COMPARISON.md](docs/COMPARISON.md))
-[Origins and Divergence](#origins-and-divergence)
150
+
-[Lineage and Evolution](#lineage-and-evolution)
147
151
-[Roadmap](#roadmap)
148
152
-[License](#license)
149
153
@@ -156,7 +160,7 @@ See ([docs/COMPARISON.md](docs/COMPARISON.md))
156
160
Pre-built binaries are available from the [Releases](https://github.com/mongodb/kingfisher/releases) section.
157
161
158
162
### Homebrew
159
-
163
+
160
164
161
165
```bash
162
166
brew install kingfisher
@@ -1286,20 +1290,22 @@ kingfisher scan --help
1286
1290
```
1287
1291
1288
1292
1289
-
## Origins and Divergence
1293
+
## Lineage and Evolution
1294
+
1295
+
Kingfisher began as an internal fork of Nosey Parker, used as a high-performance foundation for secret detection.
1290
1296
1291
-
Kingfisher began as a fork of Praetorian’s Nosey Parker, as our experiment with adding live validation support and embedding that validation directly inside each rule.
1297
+
Since then it has evolved far beyond that starting point, introducing live validation, hundreds of new rules, additional scan targets, and major architectural changes across nearly every subsystem.
1292
1298
1293
-
Since that initial fork, it has diverged heavily from Nosey Parker:
1294
-
-Added support for live validation of discovered secrets
1295
-
-Added hundreds of new rules
1296
-
-Added support for analyzing compressed files
1297
-
-Added support for building "baselines" to allow for only reporting on newly discovered secrets
1298
-
-Added Tree-Sitter based source code parsing on top of Hyperscan for deeper language-aware detection
1299
-
-Expanded support for new targets (GitLab, BitBucket, Gitea, Jira, Confluence, Slack, S3, GCS, Docker, Hugging Face, etc.)
1300
-
-Replaced the SQLite datastore with an in-memory store + Bloom filter
1301
-
-Collapsed the workflow into a single scan-and-report phase with direct JSON/BSON/SARIF outputs
1302
-
-Delivered cross-platform builds, including native Windows
1299
+
**Key areas of evolution**
1300
+
-**Live validation** of detected secrets directly within rules
1301
+
-**Hundreds of new built-in rules** and an expanded YAML rule schema
1302
+
-**Baseline management** to suppress known findings over time
1303
+
-**Tree-sitter parsing** layered on Hyperscan for language-aware detection
0 commit comments