Detectors

Detectors is a credential detection system developed by Truffle Security that identifies exposed API keys, tokens, and other authentication credentials across numerous cloud services and platforms. The tool scans for credentials from over 100 different services including AWS, Azure, Google Cloud Platform, GitHub, Slack, Stripe, and many others. The system detects various types of credentials including API keys, OAuth tokens, personal access tokens, session keys, and service-specific authentication mechanisms. Each detector is designed to identify credentials for specific services such as AWS access keys, GitHub tokens, Stripe API keys, Slack tokens, and authentication credentials for SaaS platforms. Detectors covers a wide range of service categories including cloud infrastructure providers, payment processors, communication platforms, development tools, marketing automation services, database services, monitoring solutions, and business applications. The tool identifies both long-lived credentials like API keys and short-lived credentials such as AWS session tokens. The detection capabilities extend across infrastructure services, developer tools, business applications, and specialized APIs. This includes credentials for services like Kubernetes, Docker registries, CI/CD platforms, CRM systems, analytics platforms, and IoT services. Detectors functions as part of a secrets scanning solution to prevent credential exposure in code repositories, configuration files, and other locations where sensitive authentication data might be inadvertently stored.