Install TruffleHog on Ubuntu 24.04

Install TruffleHog on Ubuntu 24.04

TruffleHog is an open-source security scanner that digs through Git repositories and other sources to uncover secrets such as API keys, credentials, and tokens. It helps teams ensure that sensitive data isn't accidentally exposed in version control systems. This tutorial explains how to install TruffleHog on Ubuntu 24.04.

Prepare environment

Verify that Git is already installed on the system. If not, check out the post on installing it.

Install TruffleHog

First, fetch the latest release number directly from the TruffleHog GitHub repository and store it in a variable:

TRUFFLEHOG_VERSION=$(curl -s "https://api.github.com/repos/trufflesecurity/trufflehog/releases/latest" | grep -Po '"tag_name": "v\K[0-9.]+')

Next, download the corresponding archive:

wget -qO trufflehog.tar.gz https://github.com/trufflesecurity/trufflehog/releases/latest/download/trufflehog_${TRUFFLEHOG_VERSION}_linux_amd64.tar.gz

Extract the binary into /usr/local/bin:

sudo tar xf trufflehog.tar.gz -C /usr/local/bin trufflehog

Verify the installation by checking the TruffleHog version:

trufflehog --version

After confirming the setup, you can safely remove the downloaded archive:

rm -rf trufflehog.tar.gz

Testing TruffleHog

To see TruffleHog in action, try scanning a public repository with known test credentials:

trufflehog git https://github.com/trufflesecurity/test_keys --no-update --results=verified,unknown

This command analyzes the provided repository and prints any findings. Example output (truncated):

...
Detector Type: AWS
Decoder Type: PLAIN
Raw result: AKIAQYLPMN5HHHFPZAM2
Resource_type: Access key
Account: 052310077262
Message: This is an AWS canary token generated at canarytokens.org.
Is_canary: true
Arn: arn:aws:iam::052310077262:user/canarytokens.com@@c20nnjzlioibnaxvt392i9ope
Commit: 0416560b1330d8ac42045813251d85c688717eaf
Email: counter <hello@trufflesec.com>
File: new_key
Line: 2
Repository: https://github.com/trufflesecurity/test_keys
Repository_local_path: /tmp/trufflehog-3517-3656196599
Timestamp: 2023-10-19 02:56:37 +0000
...

Uninstall TruffleHog

If you need to uninstall TruffleHog, just delete the binary from the system:

sudo rm -rf /usr/local/bin/trufflehog

Related

Leave a Comment

Cancel reply

Your email address will not be published.