Sniff out secrets in arbitrary text using the ClassiFinder API

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ThomasParas from gravatar.com ThomasParas

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Thomas Paras
  • Requires: Python >=3.10
  • Provides-Extra: clipboard , dev
Report project as malware

Project description

cfsniff

PyPI version Python versions License: MIT

Provenance: PyPI Trusted Publishing

A good dog that sniffs out leaked secrets in files, directories, and text — powered by the ClassiFinder API.

Install

pipx install cfsniff

Or with pip:

pip install cfsniff

Quick Start

# 1. Install
pipx install cfsniff

# 2. Set your API key (get one at https://classifinder.ai)
export CLASSIFINDER_API_KEY=cf_live_...

# 3. Sniff something
cfsniff audit

Usage

Scan a file

cfsniff secrets.txt

Scan a directory

cfsniff ./src

Pipe text in

echo "token=ghp_abc123..." | cfsniff

Scan your clipboard

cfsniff --clipboard

Audit current directory

cfsniff audit

Audit with extra paths

cfsniff audit --include logs

Audit and open an HTML report

cfsniff audit --report report.html --open

Output Formats

cfsniff audit                    # rich (default, color terminal output)
cfsniff audit --format plain     # plain text (CI-friendly)
cfsniff audit --format json      # machine-readable JSON

HTML Reports

The --report flag writes a self-contained HTML file with a full findings summary — useful for sharing with teammates or attaching to tickets.

cfsniff audit --report report.html --open

API Key

Get a free API key at https://classifinder.ai.

Set it via environment variable:

export CLASSIFINDER_API_KEY=cf_live_...

Verifying This Build

Every release is published via PyPI Trusted Publishing with PEP 740 build attestations. No long-lived API tokens. The wheel you pip install is byte-identical to what GitHub Actions built from a tagged commit.

To verify a release: visit the project page on PyPI, click Download files, and check the Provenance section under each artifact. You'll see the sigstore attestation, the GitHub workflow run, and the exact commit SHA — all logged to the public Sigstore transparency log for independent verification.

This answers "is the wheel what's in the source?" — the cryptographic chain proves this wheel was built from ClassiFinder/cfsniff at the tagged commit, by a GitHub-hosted runner, and cannot be tampered with after the fact.

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ThomasParas from gravatar.com ThomasParas

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Thomas Paras
  • Requires: Python >=3.10
  • Provides-Extra: clipboard , dev

Release history Release notifications | RSS feed

This version

0.1.5

0.1.4

0.1.4rc1 pre-release

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cfsniff-0.1.5.tar.gz (35.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cfsniff-0.1.5-py3-none-any.whl (23.5 kB view details)

Uploaded Python 3

File details

Details for the file cfsniff-0.1.5.tar.gz.

File metadata

  • Download URL: cfsniff-0.1.5.tar.gz
  • Upload date:
  • Size: 35.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for cfsniff-0.1.5.tar.gz
Algorithm Hash digest
SHA256 7beaabfe677c0c40b31185d21670633ae37814df444f0cfc171892a037062ec7
MD5 e50dd834a42bee4d268a5c1b5d9ee28d
BLAKE2b-256 80d97b4ecd940e059696d997544e88d44ae5f93a557076b72c7dcc104afeb3b3

See more details on using hashes here.

Provenance

The following attestation bundles were made for cfsniff-0.1.5.tar.gz:

Publisher: release.yml on ClassiFinder/cfsniff

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file cfsniff-0.1.5-py3-none-any.whl.

File metadata

  • Download URL: cfsniff-0.1.5-py3-none-any.whl
  • Upload date:
  • Size: 23.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for cfsniff-0.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 3546999bdf50b7488d4e8cf01997d5b5cb04548a37c80ed76e41bcb0f584f5e8
MD5 5e0a8606ac8c144c2b5ad43c8901e2ad
BLAKE2b-256 994621af2a1ee42b65978cb9e4f325adcbdd9d26edfafb8e320cc9ec5769830f

See more details on using hashes here.

Provenance

The following attestation bundles were made for cfsniff-0.1.5-py3-none-any.whl:

Publisher: release.yml on ClassiFinder/cfsniff

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page