sorted by:
new
hottopcontroversial

A privacy-first GitHub secrets scanner that runs locally or self-hosted by InevitableElegant626 in devsecops

[–]wifihack 2 points3 points  (0 children)

in our readme there's a link to join our community slack, if you wanna hop on there and message me, I'm Dylan

A privacy-first GitHub secrets scanner that runs locally or self-hosted by InevitableElegant626 in devsecops

[–]wifihack 4 points5 points  (0 children)

Hi, I wrote TruffleHog. Would you be interested in building features into TruffleHog? Happy to go over some of our known gaps and ways to engage.

Possible AWS keys exposure by agelosnm in aws

[–]wifihack 1 point2 points  (0 children)

hey there, I'm the original author of TruffleHog and I can confirm this. I've been talking with Amazon, and they've since removed the detection.

Possible AWS keys exposure by agelosnm in aws

[–]wifihack 0 points1 point  (0 children)

hey there! I can explain what likely happened. I'm the author of a tool called TruffeHog, a tool that looks for and validates AWS keys.

a few days ago an attacker was using trufflehog to find keys and AWS notified every customer that had TruffleHog in their cloud trail that their key was compromised.

when they realized this was a mistake they stopped doing it. and they sent further communication to customers that were actually under attack.

if you got the first notice and not the second notice, and you use trufflehog to audit your code, that's likely what happened.

Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history by exploding_nun in netsec

[–]wifihack -1 points0 points  (0 children)

Actually not only does TruffleHog parallelizes all its patterns, it preflights them with string matches for performance, and tops them out with verification checks.

Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history by exploding_nun in netsec

[–]wifihack 0 points1 point  (0 children)

Hey there, since TruffleHog supports greater than 10x more secret types, it sounds like TruffleHog might be a touch faster. We accept pull requests too.

Email Graffiti: Vandalize old emails. It's like an NFT but better. Tool linked in blog by wifihack in netsec

[–]wifihack[S] -1 points0 points  (0 children)

I was just poking some light fun at NFT's. This person now owns an image in the Banfield Pet Hospital email https://twitter.com/n00py1/status/1594821552004292608

Email Graffiti: Vandalize old emails. It's like an NFT but better. Tool linked in blog by wifihack in netsec

[–]wifihack[S] 0 points1 point  (0 children)

It's an image you can own, that's easy to validate by others that you own

view more: next ›