Join us

ContentUpdates and recent posts about TruffleHog..
 Activity
@work4bots started using tool Spring , 4 weeks, 1 day ago.
 Activity
@work4bots started using tool Helm , 4 weeks, 1 day ago.
 Activity
@work4bots started using tool Azure Pipelines , 4 weeks, 1 day ago.
 Activity
@work4bots started using tool Azure Kubernetes Service (AKS) , 4 weeks, 1 day ago.
 Activity
@work4bots started using tool Azure , 4 weeks, 1 day ago.
 Activity
@work4bots added a new tool Bicep , 4 weeks, 1 day ago.
Story FAUN.dev() Team
@eon01 shared a post, 4 weeks, 1 day ago
Founder, FAUN.dev

AWX in Action is out, and there's a course

Ansible AWX

"AWX in Action: Ansible Orchestration at Scale" is now available in print and ebook. It covers running AWX on Kubernetes for real, not a sandbox demo that falls over the moment you add a second execution node.

AWX in Action - Ansible Orchestration at Scale
Link
@varbear shared a link, 4 weeks, 1 day ago
FAUN.dev()

Design Patterns Are Dead. Long Live Design Patterns.

Design patterns were created for human comprehension, not machines, serving as a shared vocabulary to communicate complex ideas quickly, manage working memory, and standardize solutions. Even in the era of AI-generated code, design patterns are crucial for containing the limitations of AI models and.. read more  

Link
@varbear shared a link, 4 weeks, 1 day ago
FAUN.dev()

AI costs how much? GitHub Copilot users react to new usage-based pricing system.

GitHub began usage-based Copilot billing, and some developers say they used up the AI credits GitHub grants for a month in under 24 hours. Developers burn credits through "premium requests". GitHub counts prompts to advanced models, agent tasks, edits, and some Copilot features against the allowance.. read more  

AI costs how much? GitHub Copilot users react to new usage-based pricing system.
Link
@varbear shared a link, 4 weeks, 1 day ago
FAUN.dev()

GitHub breach: The development ecosystem is in the hot seat

GitHub is reeling from an infrastructure breach by TeamPCP, highlighting the vulnerability of developer environments. Privileged access was achieved not through traditional perimeter exploitation, but by targeting trusted developer tools like IDE extensions. This incident serves as a stark reminder .. read more  

GitHub breach: The development ecosystem is in the hot seat
TruffleHog is a high-accuracy secret-detection tool designed to uncover exposed credentials such as API keys, tokens, private keys, and cloud secrets across large codebases. Originally created to scan Git commit history, it has evolved into a multi-source scanning engine capable of analyzing GitHub, GitLab, Bitbucket, Docker images, file systems, Terraform states, and cloud environments.

The scanner combines entropy detection, an extensive library of regular expression detectors, and live credential validation to minimize false positives. TruffleHog is widely used in security research, supply chain security, DevSecOps workflows, and bug bounty programs. Its speed, accuracy, and broad ecosystem coverage make it a core tool for identifying and preventing credential leakage in modern software development.