UNEARTH
Your
Secrets

TruffleHog is an open source secret-scanning engine that helps resolve exposed secrets across your company’s entire tech stack.

TRUFFLEHOG
Digs deep
TruffleHog scans for sensitive keys in hidden content and version history from commonly used tools across your company

INTEGRATIONS

Find secrets shared insecurely across the entire SDLC, not just in code.

Truffle's integrations

SIGNAL

TruffleHog’s open source engine actively verifies 700+ unique credential types against the key provider to eliminate false positives.

REMEDIATIONS

TruffleHog’s remediation workflows ‘shift-left’ key rotation by automating a secret remediation process with the developer who leaked the key.

Open source
BY THE
NUMBERS

Security tooling should be transparent and open.

50
K+
Times run per day
6
K+
Daily installs
14
M+
Downloaded over 7 million times
11
K+
GitHub stars

Our scanning engine and integrations are open source so that we can all transparently and openly collaborate together on improving security.

Our Customers

“TruffleHog is elegant security design. It operates in a standalone manner, and I get a notification in Slack when I need to do something to resolve an alert. It’s seamless.”
Jake King
Co-founder of CMD & Tech Lead @ Elastic Security
“TruffleHog is elegant security design. It operates in a standalone manner, and I get a notification in Slack when I need to do something to resolve an alert. It’s seamless.”
Jake King
Co-founder of CMD & Tech Lead @ Elastic Security
“TruffleHog solves a large problem in the industry, and the validation piece within TruffleHog is something that we love. It doesn’t just show us a billion secrets that have been leaked, it validates and focuses on the secrets that we need to remediate in order to prevent a bigger problem.”
Yashvier Kosaraju
VP of Security, Comp

News Feed

Blog

Thousands of GitHub Comments Leak Live API Keys

Blog

How to Rotate: Key Rotation Tutorials

Blog

How Secrets Leak out of Docker Images

Take control of your secrets with TruffleHog. Contact us to get started on a free 7-day trial.

© 2022 Truffle Security. All Rights Reserved.