all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

truffleHog - Searches Through Git Repositories For High Entropy Strings And Secrets, Digging Deep Into Commit History

Add to bookmarks
Feb. 12, 2022, 8:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.


Join The Slack

Have questions? Feedback? Jump in slack and hang out with me

https://join.slack.com/t/trufflehog-community/shared_invite/zt-pw2qbi43-Aa86hkiimstfdKH9UCpPzQ

NEW

truffleHog previously functioned by running entropy checks on git diffs. This functionality still exists, but high signal regex checks have been added, and the ability to suppress entropy checking has also been added.

truffleHog --regex --entropy=False https://github.com/dxa4481/truffleHog.git

or

truffleHog file:///user/dxa4481/codeprojects/truffleHog/

With the --include_paths …

git history regex secret secrets strings subdomain trufflehog

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

LOLSpoof - An Interactive Shell To Spoof Some LOLBins Command Line 17 hours ago | www.kitploit.com
call clear command command line +15
SQLMC - Check All Urls Of A Domain For SQL Injections 1 day, 17 hours ago | www.kitploit.com
pentesting pentest tool python3 sqlinjection +1
BadExclusionsNWBO - An Evolution From BadExclusions To Identify Folder Custom Or Undocumented Exclusions On AV/EDR 2 days, 17 hours ago | www.kitploit.com
badexclusionsnwbo edr evasion pentesting redteam
Ioctlance - A Tool That Is Used To Hunt Vulnerabilities In X64 WDM Drivers 3 days, 17 hours ago | www.kitploit.com
analysis blue code detect +18
NTLM Relay Gat - Powerful Tool Designed To Automate The Exploitation Of NTLM Relays 4 days, 2 hours ago | www.kitploit.com
ntlm relay gat ntlm_relay_gat
Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries 5 days, 17 hours ago | www.kitploit.com
api command command line deimosc2 +17
HardeningMeter - Open-Source Python Tool Carefully Designed To Comprehensively Assess The Security Hardening Of Binaries … 6 days, 17 hours ago | www.kitploit.com
hardeningmeter protection python python3 +2
JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post … 1 week ago | www.kitploit.com
js-tap multithreaded taken traffic +3
MasterParser - Powerful DFIR Tool Designed For Analyzing And Parsing Linux Logs 1 week, 1 day ago | www.kitploit.com
cyber security dfir automation digital forensic masterparser +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Associate, Cybersecurity Operations

@ Ares Management Corporation | Los Angeles, CA - CULVER CITY
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Diverto | Zagreb, Croatia
View on infosec-jobs.com

Lead DevSecOps Engineer

@ DTCC | Tampa, FL, United States
View on infosec-jobs.com

Incident Responder (Fraud Threat Management)

@ Scotiabank | Toronto, ON, CA, M5H1H1
View on infosec-jobs.com

Penetration Tester, Expert (Federal agency) - Tysons, VA - Full Time

@ iSoftTek Solutions | Tysons, Virginia, United States
View on infosec-jobs.com
View more jobs