# Install noseyparker with Homebrew, Nix

Finds secrets and sensitive information in textual data and Git history. Version 0.24.0 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:noseyparker
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install noseyparker
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#noseyparker
```

  Evidence: nixpkgs package indexes: pkgs/by-name/no/noseyparker/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:noseyparker
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/noseyparker>
- **Version:** 0.24.0
- **Source summary:** Finds secrets and sensitive information in textual data and Git history
- **Homepage:** <https://github.com/praetorian-inc/noseyparker>
- **Repository:** <https://github.com/praetorian-inc/noseyparker>
- **Upstream docs:** <https://github.com/praetorian-inc/noseyparker#readme>
- **License:** Apache-2.0
- **Source archive:** <https://github.com/praetorian-inc/noseyparker/archive/refs/tags/v0.24.0.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- noseyparker (cli)
- noseyparker (alias)

## Build dependencies

- boost
- cmake
- pkgconf
- rust

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 0.24.0
- Local data: ok
- Upstream repository: https://github.com/praetorian-inc/noseyparker
- Upstream latest detected: v0.24.0 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

Nosey Parker is Praetorian's Apache-licensed secrets scanner for textual data and Git history. Its README documents scanning files, directories, full Git history, remote Git URLs, and GitHub users or organizations into a datastore, followed by reporting and triage.

### Project history

The GitHub repository was created on 2022-11-08. Help Net Security reported on 2022-12-14 that Praetorian had open-sourced the regular-expression scanning capabilities of its internal Nosey Parker secret scanning tool.

A 2023-03-03 Show HN post by the project author explained the older internal origin: Nosey Parker was originally created to help build a labeled dataset of secrets for machine-learning work, then proved useful on its own during Praetorian security engagements. The same post says it was reimplemented in Rust, released as open source in late 2022, and presented at Black Hat Arsenal.

The public project evolved from Git-repository scanning toward broader data-source scanning. Praetorian's 2023 blog said it had gained arbitrary file and directory scanning, Docker and firmware image use cases, memory-dump scanning, and simple OSINT enumeration of GitHub organizations and users. The changelog later records SARIF output, extensible enumerators, deduplication, and many new token-specific rules.

### Adoption history

Nosey Parker's adoption niche is application security, cloud security, red-team, and SRE workflows that need high-throughput, lower-noise secret discovery. The project had thousands of GitHub stars by 2026-07-01, is packaged by Homebrew and Nix, and has a companion `noseyparker-explorer` TUI for reviewing and annotating findings.

The repository was archived on GitHub on 2026-04-24, making the public repo read-only. That makes the package historically important but also changes its adoption posture: it remains available in package managers, but the upstream public development signal ended at the archive date unless Praetorian publishes a successor elsewhere.

### How it is used

Practical use starts with `noseyparker scan` against a directory, local Git repository, remote Git URL, or GitHub user/org. The scan writes a datastore such as `cpython.np`; users then generate reports or inspect findings, with deduplication and rules intended to reduce false positives.

The README example scans CPython Git history and reports throughput over Git blobs. The HN discussion emphasized Hyperscan-backed simultaneous regex matching as a core speed reason, and described Nosey Parker as especially useful where hardcoded credentials in source code, logs, and public repositories lead to real offensive-security findings.

### Why package nerds care

Nosey Parker matters because it is a Rust security CLI that treats Git history as first-class input, not just the working tree. It packages secret scanning as a fast local binary with release assets, datastore output, SARIF/reporting paths, GitHub enumeration, and a separate explorer TUI for triage.

### Timeline

- 2022-11-08: GitHub repository created.
- 2022-12-14: Praetorian open-source announcement covered by Help Net Security.
- 2023-03-03: Show HN post described the Rust rewrite, open-source release, and Black Hat Arsenal presentation.
- 2025-05-08: v0.24.0 release published.
- 2026-04-24: GitHub repository archived and made read-only.

### Related projects

- Related projects include noseyparker-explorer, Hyperscan, GitHub code search, trufflehog, Gitleaks, detect-secrets, and platform secret-scanning systems.

### Sources

- <https://api.github.com/repos/praetorian-inc/noseyparker>
- <https://api.github.com/repos/praetorian-inc/noseyparker/releases?per_page=10>
- <https://formulae.brew.sh/api/formula/noseyparker.json>
- <https://github.com/praetorian-inc/noseyparker>
- <https://github.com/praetorian-inc/noseyparker-explorer>
- <https://github.com/praetorian-inc/noseyparker/blob/main/CHANGELOG.md>
- <https://news.ycombinator.com/item?id=35004184>
- <https://www.helpnetsecurity.com/2022/12/14/nosey-parker/>
- <https://www.praetorian.com/blog/six-months-of-finding-secrets-with-nosey-parker/>


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** noseyparker
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - noseyparker: normalized package name match | nixpkgs package indexes: pkgs/by-name/no/noseyparker/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Database and data packages](https://www.automicvault.com/pkg/database-data-tools/) - Matched database, SQL, migration, or data-store metadata.
- [cmake](https://www.automicvault.com/pkg/brew/cmake/) - Build dependency declared by Homebrew.
- [pkgconf](https://www.automicvault.com/pkg/brew/pkgconf/) - Build dependency declared by Homebrew.
- [rust](https://www.automicvault.com/pkg/brew/rust/) - Build dependency declared by Homebrew.
- [ggshield](https://www.automicvault.com/pkg/brew/ggshield/) - Shares av.db curated category or tags: cli, secrets-scanning, security.
- [trufflehog](https://www.automicvault.com/pkg/brew/trufflehog/) - Shares av.db curated category or tags: cli, secrets-scanning, security.
- [talisman](https://www.automicvault.com/pkg/brew/talisman/) - Shares av.db curated category or tags: cli, secrets-scanning, security.
- [aide](https://www.automicvault.com/pkg/brew/aide/) - Shares av.db curated category or tags: cli, security.
- [aircrack-ng](https://www.automicvault.com/pkg/brew/aircrack-ng/) - Shares av.db curated category or tags: cli, security.
- [amass](https://www.automicvault.com/pkg/brew/amass/) - Shares av.db curated category or tags: cli, security.
- [anubis](https://www.automicvault.com/pkg/brew/anubis/) - Shares av.db curated category or tags: cli, security.
- [authoscope](https://www.automicvault.com/pkg/brew/authoscope/) - Shares av.db curated category or tags: cli, security.
- [git-secrets](https://www.automicvault.com/pkg/brew/git-secrets/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, git, information, scanning, secrets.
- [git-hound](https://www.automicvault.com/pkg/brew/git-hound/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, data, git, scanning, security.
- [two-ms](https://www.automicvault.com/pkg/brew/two-ms/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, git, scanning, secrets, secrets-scanning.

## Combined YAML source

View the package source record on GitHub. [combined/noseyparker.yml](https://github.com/automic-vault/db/blob/main/combined/noseyparker.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
