TruffleHog

Find credentials in Git repos and more

Description

TruffleHog scans for exposed credentials and secrets across Git repositories, S3 buckets, filesystems, and more. It uses over 800 credential detectors and verifies found secrets.

Installation

                        BASH
                        
                            # Using Homebrew
brew install trufflehog

# Using Docker
docker pull trufflesecurity/trufflehog

# Using Go
go install github.com/trufflesecurity/trufflehog/v3@latest

Basic Usage

BASH

                            # Scan a Git repo
trufflehog git https://github.com/org/repo.git

# Scan GitHub org
trufflehog github --org=target-org
                        

Advanced Usage

                        BASH
                        
                            # Scan filesystem
trufflehog filesystem --directory /path/to/code

# Only verified secrets
trufflehog git https://github.com/org/repo.git --only-verified

# JSON output
trufflehog git https://github.com/org/repo.git --json

# S3 scanning
trufflehog s3 --bucket=target-bucket

Back to Secret Discovery