Secret scanning using trufflehog
Trufflehog is a tool that can scan multiple sources (filesystem, git, have a pre commit hook, Postman), integrate in CI / Docker environment, etc... .
Easy start :
In the directory, with a docker daemon started
docker run --rm -it -v "${PWD}:/pwd" trufflesecurity/trufflehog filesystem /pwd
you will have a report with unverified result (probable issue), and confirmed issue.
Top comments (0)