TruffleHog Forager is a scanning tool that monitors the public internet for exposed cloud service credentials and secrets. The tool scans millions of push events on GitHub and NPM packages to identify leaked keys for cloud services including AWS and Google Cloud Platform. The product verifies discovered secrets to determine if they are live and active. It links detected secrets to specific organizations using email addresses, AWS and GCP account IDs, or GitHub organization member information. This linking capability works regardless of the commit email used by the developer. The tool provides alerting within minutes when a live key is detected. It supports over 800 detectors for different types of credentials and secrets. The detection capabilities can be extended through open-source contributions. TruffleHog Forager is available in two versions: a free community edition that scans the public internet and provides leak detection for company domains, and an enterprise version that integrates with TruffleHog Enterprise. The enterprise version offers enhanced linking capabilities beyond domain matching, connecting leaks to specific AWS or GCP account IDs and GitHub usernames. It includes a centralized dashboard for monitoring both internal and external leaks.