TruffleHog: Open-source solution for scanning secrets

2024-02-21 05:30

TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack.

"TruffleHog was originally a research tool I independently authored in 2016. When I published it, no tools were scanning Git revision history for secrets. My hunch was a lot of secrets buried in older versions of code, but no tools existed to look for them. My hunch was right. The tool quickly took off and became very popular. These days, it's been starred on GitHub ~14,000 times and is wildly adopted in the industry," Dylan Ayrey, CEO at Truffle Security and original author of TruffleHog, told Help Net Security.

Features Comprehensive list of secrets it scans for, with over 700 types.

For every secret type, verification logic is implemented to log in with the secret and confirm its validity.

Besides scanning normal files, TruffleHog decodes dozens of encodings, including base64, zip files, docx files, and many more, and scans them for secrets.

"We have a lot of exciting plans, including new integration, more data enrichment, and leveraging a few cloud security tricks to continue to keep TruffleHog as the best-in-class secret scanner," Ayrey concluded.

News URL

https://www.helpnetsecurity.com/2024/02/21/trufflehog-open-source-solution-for-scanning-secrets/

#opensource