Short Bytes: A hacker has published an open source tool for helping administrators strengthen the security of their networks. Dubbed TruffleHog, this tool scans the commit history and branches for high entropy keys, and prints them. A similar tool is already used by Amazon to scan leaked AWS keys, a Reddit user claimed.A security researcher has released an open source tool that scans git repositories and finds secret keys. This tool, named TruffleHog, can save the administrators from exposing their potentially sensitive data.
Dylan Ayrey, the developer of this tool, says that the tool will locate any high entropy key. It digs deep into commit history and branches to perform its job.
How TruffleHog works?
The hacker says that the module, after going through the entire commit history, “checks each diff from each commit, and evaluate the shannon entropy for both the base64 char set and hexadecimal char set for every blob of text greater than 20 characters comprised of those character sets in each diff.”
Just in case, a high entropy string ( > 30 characters) is detected, it’s printed on the screen.
How to setup TruffleHog?
The only prerequisite for TruffleHog is GitPython. Install it using the following command:
pip install -r requirements.txt
Now, run this code:
python truffleHog.py https://github.com/dxa4481/truffleHog.git
AWS already uses a similar tool to search GitHub for AWS keys that might have been leaked by accident and blocks them, an AWS user wrote on Reddit.
While this tool aims to make the networks more secure, notorious hackers can surely use this tool for scanning open source apps and find zero-day exploits.
Did you find this open source tool interesting? Don’t forget to share your views and feedback.
Also Read: 77 Projects Open Sourced By Facebook In 2016