Trufflehog

Sniffing out credentials

What is Trufflehog?

TruffleHog is a specialized Chrome extension aimed at enhancing digital safety and precision in pentests and code reviews. It significantly aids in identifying potential security loopholes by actively sniffing out API keys and credentials on the accessed websites. It’s an invaluable tool to ensure swift detection of potent risks that may go unnoticed or require strenuous manual effort to discover.

Download

Extension stats

By: dylan

View on Chrome Web Store

Users: 8,000+

Rating: 5.00 (7)

Version: 0.0.1 (Last updated: 2021-09-21)

Creation date: 2021-09-20

Risk impact: High risk impact

Risk likelihood: Low risk likelihood

Manifest version: 2

Permissions:

https://*/*
http://*/*
activeTab
tabs
storage

Size: 35.44K

Email: fo*****@trufflesec.com

Ranking

# 11837 ▼ 42

Other rankings

#6733 in Developer Tools ▼ 23 #236 in chrome extension keyword 83 ▲ 20

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

The TruffleHog chrome extension looks for API keys and credentials on websites visited, and alerts you if there are any present. This is useful for doing pentests and code reviews, because it helps identify keys that would otherwise either be missed or have to be searched for manually

User reviews

The popups are broken. Sometimes there are like ten of them with the same content. They block the browser until you interact with the pop-up. Notifications would work way better.