You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
But when i download the latest version about trufflehog to compare with built-in trufflehog. I find that i can't find any secret. I don't know what causes this result。Can u help me to search for the truth?Thank u~
@rufherg that guide is referencing an old version of TruffleHog(v2). The secret it is likely scanning is not live and/or may be a multi-part credential. Trufflehog does not flag secrets based on entropy alone anymore as that caused a lot of false positives.
Scene
I use the k8s-goat to learn k8s security. And then it recomand the tool which named 'trufflehog'.
https://madhuakula.com/kubernetes-goat/docs/scenarios/scenario-1/sensitive-keys-in-codebases-in-kubernetes-containers/welcome/#-method-2
It's built in the pod. I can use the built-in trufflehog to find some secrets as the paper say.
But when i download the latest version about trufflehog to compare with built-in trufflehog. I find that i can't find any secret. I don't know what causes this result。Can u help me to search for the truth?Thank u~
The latest version command
The text was updated successfully, but these errors were encountered: