2025-03-14 21:59:59 -06:00
|
|
|
# trufflehog
|
|
|
|
|
|
|
|
|
|
> Find and verify credentials in files, Git repositories, S3 buckets, and Docker images.
|
|
|
|
|
> More information: <https://github.com/trufflesecurity/trufflehog>.
|
|
|
|
|
|
|
|
|
|
- Scan a Git repository for verified secrets:
|
|
|
|
|
|
|
|
|
|
`trufflehog git {{https://github.com/trufflesecurity/test_keys}} --only-verified`
|
|
|
|
|
|
|
|
|
|
- Scan a GitHub organization for verified secrets:
|
|
|
|
|
|
2025-07-24 22:27:13 -06:00
|
|
|
`trufflehog github --org {{trufflesecurity}} --only-verified`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Scan a GitHub repository for verified keys and get JSON output:
|
|
|
|
|
|
|
|
|
|
`trufflehog git {{https://github.com/trufflesecurity/test_keys}} --only-verified --json`
|
|
|
|
|
|
|
|
|
|
- Scan a GitHub repository along with its Issues and Pull Requests:
|
|
|
|
|
|
2025-07-24 22:27:13 -06:00
|
|
|
`trufflehog github --repo {{https://github.com/trufflesecurity/test_keys}} --issue-comments --pr-comments`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Scan an S3 bucket for verified keys:
|
|
|
|
|
|
2025-07-24 22:27:13 -06:00
|
|
|
`trufflehog s3 --bucket {{bucket name}} --only-verified`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Scan S3 buckets using IAM Roles:
|
|
|
|
|
|
2025-07-24 22:27:13 -06:00
|
|
|
`trufflehog s3 --role-arn {{iam-role-arn}}`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Scan individual files or directories:
|
|
|
|
|
|
|
|
|
|
`trufflehog filesystem {{path/to/file_or_directory1 path/to/file_or_directory2 ...}}`
|
|
|
|
|
|
|
|
|
|
- Scan a Docker image for verified secrets:
|
|
|
|
|
|
|
|
|
|
`trufflehog docker --image {{trufflesecurity/secrets}} --only-verified`
|
