Trufflehog

Sniffing out credentials

What is Trufflehog?

TruffleHog is a specialized Chrome extension aimed at enhancing digital safety and precision in pentests and code reviews. It significantly aids in identifying potential security loopholes by actively sniffing out API keys and credentials on the accessed websites. It’s an invaluable tool to ensure swift detection of potent risks that may go unnoticed or require strenuous manual effort to discover.

Download

Stats

By: dylan

View on Chrome Web Store

Users: 7,000+

Rating: 5.00 (6) ▲ 1 new ratings

Version: 0.0.1 (Last updated: 2021-09-21)

Creation date: 2021-09-20

Risk impact: High risk impact

Risk likelihood: Low risk likelihood

Manifest version: 2

Permissions:

https://*/*
http://*/*
activeTab
tabs
storage

Size: 35.44K

Email: fo*****@trufflesec.com

URLs: Website

Stats date:

Chrome-Stats Rank

# 12378 ▼ 10

Other rankings

#5489 in Developer Tools ▼ 6 #226 in visited sites keyword 9 ▲ 13

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

The TruffleHog chrome extension looks for API keys and credentials on websites visited, and alerts you if there are any present. This is useful for doing pentests and code reviews, because it helps identify keys that would otherwise either be missed or have to be searched for manually

User reviews

api keys exposed

Paranjay Singh, 2024-04-20

perfect

error fiat, 2024-01-15

easy to grep. ;)

Vimal Vinz (Vimal Vinz), 2023-12-06

View all user reviews

Safety

Risk impact

Trufflehog is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this extension. Review carefully before installing. We recommend that you only install Trufflehog if you trust the publisher.