This is an enhanced version of truffleHog scanner
- Python 3.6
- flake8 compliant code
- output to file option
- option to disable Git history checks - scan simple files/folders
- option to exclude files/directories
Package is available on PyPI
pip install truffleHog3
List of regexes was moved into repository, see regexes.json
usage: trufflehog3 [options] source
Find secrets in your codebase.
positional arguments:
source URL or local path for secret searching
optional arguments:
-h, --help show this help message and exit
-r, --rules ignore default regexes and source from json
-o, --output write report to file
-b, --branch name of the branch to be scanned
-m, --max-depth max commit depth for searching
-s, --since-commit scan starting from a given commit hash
--json output in JSON
--exclude exclude paths from scan
--no-regex disable high signal regex checks
--no-entropy disable entropy checks
--no-history disable commit history check
Special thanks to Dylan Ayrey (@dxa4481), developer of the original truffleHog scanner