Find git secrets and private API keys – RECON FOR BUG BOUNTY | TRUFFLEHOG TOOL | R0X4R
iSpeech.org
truffleHog - Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
This module will go through the entire commit history of each branch, and check each diff from each commit, and check for secrets. This is both by regex and by entropy. For entropy checks, truffleHog will evaluate the Shannon entropy for both the base64 charset and hexadecimal charset for every blob of text greater than 20 characters comprised of those character sets in each diff. If at any point a high entropy string 20 characters are detected, it will print to the screen.
Github Repo: https://github.com/dxa4481/truffleHog
By: Eshan Singh [R0X4R]
#RECONFORBUGBOUNTY #R0X4R #BUGBOUNTY #HACKING
------------------------------------------------------------------------------------------
Follow Me:
WEBSITE: https://eshansingh.in/
TWITTER: https://twitter.com/R0X4R
INSTAGRAM: https://www.instagram.com/indianeshansingh
MEDIUM: https://medium.com/@R0X4R
GITHUB: https://github.com/R0X4R
LINKEDIN: https://www.linkedin.com/in/r0x4r
FACEBOOK: https://www.facebook.com/R0X4R/
video, sharing, camera phone, video phone, free, upload
2019-12-14 12:45:01
source
Gloss