Skip to content

ghostsecurity/poltergeist

Repository files navigation

Poltergeist Banner

Ghost Security Poltergeist

High-performance secret scanner for source code, using Vectorscan/Hyperscan for fast multi-pattern matching. Poltergeist is designed to be easy to use by humans and AI agents alike. For AI agent integration, see Ghost Security Skills.

Demo

Quick Start

Supports Linux, macOS, and Windows (via Git Bash, MSYS2, or Cygwin).

curl -sfL https://raw.githubusercontent.com/ghostsecurity/poltergeist/main/scripts/install.sh | bash

Alternatively, download a release directly from GitHub Releases.

As a Go library:

go get github.com/ghostsecurity/poltergeist

Usage

Point Poltergeist at a file or directory and it scans with the built-in rules, printing redacted matches by default:

poltergeist /path/to/code

Common flags let you change the engine, the output format, and the destination:

# Emit JSON to a file using the pure-Go engine.
poltergeist -engine go -format json -output findings.json /path/to/code

# Scan with a custom rule file instead of the embedded rules.
poltergeist -rules ./my-rules.yaml /path/to/code

Use -engine to choose between auto, go, and hyperscan, -format to choose text, json, or md, -dnr to show unredacted matches, and -low-entropy to include matches below their entropy threshold. Run poltergeist -help for the full list.

Building from Source

Building requires Go and the Vectorscan/Hyperscan development library, since the default engine binds to it through CGO. On Debian and Ubuntu install libhyperscan-dev, and on macOS install vectorscan or hyperscan with Homebrew. When the native library is unavailable you can still run the tool with the pure-Go engine by passing -engine go.

git clone https://github.com/ghostsecurity/poltergeist.git
cd poltergeist
make build
./poltergeist --version

Development

The Makefile drives the common workflows, and make help lists every target:

make test        # run the full test suite
make test-rules  # validate the built-in rules against their own test cases
make lint        # run golangci-lint, whose default checks include go vet
make docs        # regenerate docs/rules.md after editing pkg/rules

Run make test and make lint before opening a pull request, and run make docs whenever you change a rule so the generated documentation stays current. See CONTRIBUTING for the full contribution workflow and CLAUDE.md for an architecture-level guide aimed at coding agents.

Comprehensive Documentation

Full documentation, tutorials, and video guides at oss.ghostsecurity.ai.

Contributions, Feedback, Feature Requests, and Issues

Open an Issue per the Contributing guidelines and Code of Conduct

Acknowledgments

We'd like to thank the following projects for providing inspiration for Poltergeist and doing tremendous work in the secret scanning space:

License

This repository is licensed under the Apache License 2.0. See LICENSE for details.

About

A fast secret scanner for source code

Resources

License

Code of conduct

Contributing

Stars

Watchers

Forks

Packages

 
 
 

Contributors