Find secrets in your codebase
Project description
trufflehog3
This is an enhanced version of the Python-based truffleHog scanner
Installation
Package is available on PyPI
pip install trufflehog3
Usage
Full API documentation is available at feeltheajf.github.io/trufflehog3.
You can always check available options by running
trufflehog3 --help
Here are some basic examples to get you started
# clone remote Git repository, scan 10 latest commits and output to stdout
$ trufflehog3 --depth 10 https://github.com/feeltheajf/trufflehog3
# disable Git history search, scan current directory and save report as JSON
$ trufflehog3 --no-history --format json --output report.json
# render HTML report from JSON
$ trufflehog3 -R report.json --output report.html
New
v3 was heavily updated both under the hood and from API perspective. See below for more details on new features.
Automatic Config Detection
.trufflehog3.yml is automatically detected in the root of the scanned directory. However, you can still specify custom path using -c/--config CLI argument. Do not forget to check out the updated .trufflehog3.yml config file format.
HTML Reports
HTML reports are now much prettier and more useful than ever. You can filter out specific rules or paths on the fly without fiddling with raw data. Have a look at a sample HTML report and try it on your own.
Inline Exclude
Inline nosecret comments are now supported for excluding false positives
# skip all rules
password = "" # nosecret
# only skip rule with specific id
password = "" # nosecret: generic.password
If for some reason you would like to avoid such behavior, there is a new --ignore-nosecret CLI flag which will tell trufflehog3 to ignore all inline comments.
Incremental Scan
You can now run an incremental scan by specifying the path to the baseline JSON report as -i/--incremental CLI argument. In this case, only the new issues compared to the baseline will be reported.
Multiprocessing
Multiprocessing support allows for much faster scans. You can alter the number of processes using -p/--processes CLI argument.
Thanks
Special thanks to Dylan Ayrey (@dxa4481), developer of the original truffleHog scanner
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file trufflehog3-3.0.10.tar.gz.
File metadata
- Download URL: trufflehog3-3.0.10.tar.gz
- Upload date:
- Size: 31.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.7.0 requests/2.25.1 setuptools/65.3.0 requests-toolbelt/0.9.1 tqdm/4.51.0 CPython/3.9.14
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 248a56005d4ad7693eca895ccecd14480c021a12178f01ac757e090bb1687be8 |
|
| MD5 | f56fc40f36055b654c671ac1b6a90c88 |
|
| BLAKE2b-256 | e62c5bea46d3c00bdac5ce0cd34b2d11516c1780641506e7804ef7b1dfd25b5f |
File details
Details for the file trufflehog3-3.0.10-py2.py3-none-any.whl.
File metadata
- Download URL: trufflehog3-3.0.10-py2.py3-none-any.whl
- Upload date:
- Size: 34.4 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.7.0 requests/2.25.1 setuptools/65.3.0 requests-toolbelt/0.9.1 tqdm/4.51.0 CPython/3.9.14
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 00374b361c1ecb38f6e573bcbf39ebe55fd51f5b21aede05b685d2541feaa0a9 |
|
| MD5 | d42e5ab5190cfd02cc27921d5589a7a7 |
|
| BLAKE2b-256 | 74f1294c9dbfbfe9a5455c3a6cd245e5b6e9d44900c644e9e407e9876cac9856 |
