Skip to main content

ggshield hmsl decrypt

Beta program

Please note that Has My Secret Leaked features are currently in beta.


Decrypt query's output and show secrets information.

ggshield hmsl decrypt [OPTIONS] PATH


  • -m, --mapping FILENAME: File containing the hashes and their names.

    Default: mapping.txt.

  • --json: Use JSON output.

This command supports all ggshield global options.


Thanks to the mapping file computed in the first stage, filter and decrypt the result of our API call.

$ ggshield hmsl decrypt results.dump
Found 2 leaked secrets.

> Secret 1
Secret name: "hjshnk5**************************89sjkja"
Secret hash: "e9b39209f72228f30b60c19493a3f756ac97dc02ae7f52db2a3abbe3c3269339"
Distinct locations: 96
First occurrence:
URL: ""

> Secret 2
Secret name: "sup3*************orGG"
Secret hash: "d775db0302080c1b7516109e929dd4b214a0f353ed3b66ff2e56c47d55a102ed"
Distinct locations: 33
First occurrence:
URL: ""

It expects to find a mapping.txt file in the current directory. If you used a prefix, or moved the file, use the -m option to specify the location of the mapping file.