VELKA
The Code Sin Judge
Blazing-fast secret scanning written in Rust. Detect leaked credentials, API keys, and tokens in milliseconds. Zero telemetry. Zero compromise.
$ cargo install velka --locked
Everything you need. Nothing you don't.
One binary. Zero dependencies. Absolute privacy.
52+ Detection Rules
AWS, GCP, GitHub, Stripe, Slack, Twilio, SendGrid, private keys, JWTs and more. Compiled regex for maximum speed.
Zero Telemetry
No network calls, no analytics, no tracking. Your secrets stay on your machine. Always.
High Performance
Memory-mapped I/O, parallel file walking, lock-free channels. Thousands of files in milliseconds.
ML Classifier
Ensemble scoring with Shannon entropy and structural validation. No ML runtime needed.
LSP Server
Real-time detection in VS Code, Neovim, Helix, Zed, and any LSP-compatible editor.
K8s & IaC Scanning
Admission webhook blocking secrets in Pods. Native scanning of Terraform, Kubernetes manifests, and Dockerfiles.
Baseline Management
Save a clean snapshot and diff future scans against it. Only new secrets are flagged β zero noise.
AST Scope Analysis
Filters false positives from test functions, docstrings, and test files. ~40% fewer false positives out of the box.
See it in action
A typical scan across a project with leaked secrets.
$ velka scan . --deep-scan
Scanning 2,847 files across 143 directories...
Installation
One command. No runtime dependencies.
Cargo (recommended)
cargo install velka --locked Shell installer (Linux / macOS)
curl -sSL https://github.com/wesllen-lima/velka/releases/latest/download/velka-installer.sh | sh No Rust required
Binary (GitHub Releases)
gh release download --repo wesllen-lima/velka Linux Β· macOS Β· Windows
By the numbers
Built for speed, accuracy, and privacy.