Skip to content
Search files for high entropy strings.
Python
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README
README.md
entro.py

README.md

entro.py

entro.py searches files for strings with high shannon entropy. Similar to trufflehog but for local files rather than git repos.

Install

git clone https://github.com/tehryanx/entro.py

What it does

entro.py will dig secrets out of a file or a group of files by returning strings with high shannon entropy. This can be used to quickly pull secret keys out of a large collection of files like a local sourcecode repo.

How to

To use entro.py on a single file use:

entro.py -f ./filename

You can also search all the files in the current directory using:

entro.py

or recursively search all the files in the current directory and all of its subdirectories using:

entro.py -r

By default entro.py only considers strings that are at least 20 characters long. You can adjust this using:

entro.py -m 33

It also only considers strings that conform either to the hexidecimal or base64 charsets. By default it will return hex strings with a shannon entropy of greater than 3 and base64 strings with a shannon entropy greater than 4.5. These values can be adjusted as follows:

entro.py -b64entropy 5
entro.py -hexentropy 4

By default, output will be in the form - path/to/file : line number : secret

entro.py
...
./target/325643454.txt : 451 : 706c100d319514ebd09e2c34286be31d
...

use -v for more detail

entro.py -v
-----------
File: entro.py
Line: 10
Type: Base64
Shannon Entropy: 6.02236781303
Secret: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=
Full Line:
        BASE64_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123
456789+/="
You can’t perform that action at this time.