Trufflehog

Sniffing out credentials

TruffleHog: Sniffing Out Credentials with Ease

TruffleHog is a specialized Chrome extension aimed at enhancing digital safety and precision in pentests and code reviews. It significantly aids in identifying potential security loopholes by actively sniffing out API keys and credentials on the accessed websites. It’s an invaluable tool to ensure swift detection of potent risks that may go unnoticed or require strenuous manual effort to discover.
Download
Install from Chrome Web Store

Extension stats

Manifest V2
By: dylan
Users: 8,000+
Rating: 4.56
(9)
0.06
Version: 0.0.1 (Last updated: 2021-09-21)
Creation date: 2021-09-20
Permissions:
  • https://*/*
  • http://*/*
  • activeTab
  • tabs
  • storage
Size: 35.44K
Full description: See detailed description

Ranking

# 11,273 ▲ 68
Other rankings
#6680 in Developer Tools ▲ 90

Other platforms

Not available on Android
Not available on Firefox
Not available on Edge

User reviews

Great extension. Quickly identifies secrets.
by Kelly Woods, 2025-03-07
The popups are broken. Sometimes there are like ten of them with the same content. They block the browser until you interact with the pop-up. Notifications would work way better.
by Radek Raczkowski, 2024-11-09
thanks for publishing this extension
by abhishek dirisipo, 2024-05-01
View all user reviews

Extension safety

Risk impact

Trufflehog requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.

Risk impact analysis details
  • Critical Allows access to all websites, posing a significant security risk as it can monitor and modify data from any visited site.
  • Critical ****** ****** ** ******* ***** ***** *** ** **** ** ***** **** ******** ****** *** ******** ********** * ******* ********
  • High ******* ******* **** *** ****** ***** *** ***** ** ******* **** ********* ********* ** * *********** *****
  • Low ******* ****** ** *** ********* ********
Risk likelihood

We don't have sufficient data to confidently determine the risk likelihood of Trufflehog. Use it at your own risk.

Risk likelihood analysis details
  • High This extension has low user count. Unpopular extensions may not be stable or safe.
  • Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
  • Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
  • Good **** ********* *** **** **** *******
Upgrade to see full risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to Trufflehog:

DotGit
DotGit
davtur19
10K 4.83 (12)
Shodan
Shodan
https://shodan.io
100K 4.54 (136)
YesWeHack VDP Finder
YesWeHack VDP Finder
acc+browserext
1,000 5.00 (3)
Vulners Web Scanner
Vulners Web Scanner
vankyver
9K 4.55 (20)
XSS
XSS
totofish2021
2K 5.00 (6)
OWASP Penetration Testing Kit
OWASP Penetration Testing Kit
https://pentestkit.co.uk
20K 4.81 (43)
FindSomething
FindSomething
ResidualLaugh
20K 4.86 (36)
Hack-Tools
Hack-Tools
Ludovic COULON & Riadh BOUCHAHOUA
30K 4.57 (28)
CounterXSS
CounterXSS
playarun93
485 5.00 (3)
S3BucketList
S3BucketList
Alec Blance
585 5.00 (1)
retire.js
retire.js
jadwigaostrowska803
20K 4.89 (9)
Bishop Vulnerability Scanner
Bishop Vulnerability Scanner
Jack Kingsman
3K 3.75 (12)