Run truffleHog on directories recusively and not just in git repos #92
Comments
|
I've got a script here that scans archives, tar.gz's, will this work for you? https://github.com/dxa4481/santaHog/blob/master/santaHog/scan_archives.py |
|
I'll add making a PR for this on my to-do list. |
|
+1 for this - I'm not sure why git is necessary, I'd like to use this on some dump files! |
|
There is already a pull request on this: #37 It's waiting for approval. |
|
https://github.com/feeltheajf/truffleHog3 implemented this feature. |
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.20 to 1.43.21. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](aws/aws-sdk-go@v1.43.20...v1.43.21) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
Hey there, we've just released the next major version of TruffleHog! It includes a new filesystem scanner to do this! It is a complete rewrite that scans more data sources and now supports detecting and verifying over 600 credentials. https://trufflesecurity.com/blog/introducing-trufflehog-v3 We're no longer maintaining v2 so I am closing this issue. |
I would assume it's easy to setup a dummy git repo and scan it, but would be nice to use the tool to scan any file or directory even outside git.
One example is to scan database dumps of project trackers (jira)
The text was updated successfully, but these errors were encountered: