FICHA · AUR

trufflehog

Tool for finding secrets like private keys and credentials.

  • App
  • CLI
  • SECURITY
  • Launchable
  • Runs in terminal
official+codex · reviewed · Jun 5, 2026 description in en

Description

Secret leaks in repositories and files can be found before they reach production. TruffleHog scans for private keys, tokens, and credentials, helping developers and security teams verify whether sensitive strings are present or still valid.

Run `trufflehog` from a terminal against repositories, paths, or supported sources. It may print sensitive findings, so protect scan output and avoid sending credentials to untrusted logs.

How to run

trufflehog

Commands: trufflehog

Permissions

Permissions not analysed for this source yet.