TruffleHog is a tool used to find leaked credentials by scanning repositories for high entropy strings, which are likely to be secrets or passwords. It offers various installation options including Docker, binary releases, and compiling from source.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
A PHP OAuth 2.0 authorization server implementation with support for various grants and RFCs.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.