Hawk Eye: Open-source scanner uncovers secrets and PII across platforms

Hawk Eye is an open-source tool that helps find sensitive data before it leaks. It runs from the command line and checks many types of storage for PII and secrets: passwords, API keys, and personal information.

“Unlike most open-source tools that only scan cloud buckets for PII, this solution is designed for deep integration across your entire ecosystem. It supports 350+ file types (including videos, images, and documents), uses advanced OCR, and ensures complete data privacy by running entirely on-prem. No data ever leaves your environment,” Rohit Kumar, the developer of Hawk Eye, told Help Net Security.

Features

Hawk Eye works across a wide range of sources: S3 buckets, databases like MySQL and PostgreSQL, messaging apps like Slack, file systems, and cloud platforms like Google Drive and Google Cloud Storage. It also scans Redis, Firebase, CouchDB, and MongoDB.

The tool doesn’t stop at looking through text. It uses OCR and other techniques to pull data from images, PDFs, Office files, compressed folders, and even video files. It supports formats like docx, xlsx, pptx, zip, tar, rar, jpg, png, and gif.

Security teams can use it to catch exposed data before it becomes a problem.

Future plans and download

“We’re adding LLM-powered contextual detection to move beyond basic regex matching, making the tool smarter and more accurate. A full-featured UI is also in development to simplify management and visibility,” Kumar said.

Hawk Eye is available for free on GitHub.

Must read:

• GitHub CISO on security strategy and collaborating with the open-source community
• Don’t let these open-source cybersecurity tools slip under your radar
• 33 open-source cybersecurity solutions you didn’t know you needed

Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!