PassDetective

PassDetective is a command-line tool designed to scan shell command history for sensitive information such as passwords, API keys, and other secrets that may have been mistakenly entered. It employs regular expressions to identify potential sensitive data, aiding users in preventing accidental exposure of credentials in their history files.

The primary use case is for security-conscious users and system administrators who want to audit their shell history for leaked credentials. By analyzing command history change descriptions, it can extract passwords used in previous commands for inspection or further use, enhancing data hygiene and security practices.

This tool is particularly useful in environments where developers or operators might inadvertently type secrets into commands, such as during testing or scripting, providing a quick way to detect and mitigate such risks.

PassDetective analyzes shell command history files, using regular expressions to match patterns indicative of passwords, API keys, and secrets. The 'extract' command specifically processes history change descriptions to automatically identify and pull out potential passwords from prior commands for display and review.