Automic VaultAutomic Vault

brew

Install trufflehog with Homebrew, chocolatey, MacPorts, Nix, scoop, zypper

Find and verify credentials. Version 3.95.8 via Homebrew; verified 2026-07-03.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install trufflehog

local Homebrew formula metadata

MacPortsverified · 94%
sudo port install trufflehog

MacPorts ports tree · security/trufflehog/Portfile · source: api.github.com

Linux

Nixverified · 92%
nix profile install nixpkgs#trufflehog

nixpkgs package indexes · pkgs/by-name/tr/trufflehog/package.nix · source: api.github.com

openSUSE zypperverified · 92%
sudo zypper install trufflehog

openSUSE Tumbleweed package metadata · trufflehog · source: download.opensuse.org

Windows

Chocolateyverified · 92%
choco install trufflehog

Chocolatey community package catalog · trufflehog · source: community.chocolatey.org

Scoopverified · 92%
scoop install main/trufflehog

Scoop official bucket manifest trees · bucket/trufflehog.json · source: api.github.com

overview

Package summary

Find and verify credentials

Commands and aliases

  • trufflehog

history

Project history and usage

TruffleHog is an open-source secrets scanner for finding, classifying, verifying, and analyzing leaked credentials across Git repositories and many other sources.

Project history

The original TruffleHog was written to detect API keys, passwords, and secrets committed to Git. In April 2022, Truffle Security introduced TruffleHog v3 as a major rewrite focused on speed, broader detector coverage, and automatic validation for supported secrets.

The v3 announcement positioned verification as the central change: instead of only matching strings, the scanner can call provider APIs to determine whether a discovered secret is live. The project also moved toward a larger open detector ecosystem, with hundreds of supported key types and contribution paths for new detectors.

The current README describes TruffleHog as a discovery, classification, validation, and analysis tool that scans Git, chats, wikis, logs, API-testing platforms, object stores, filesystems, and more. It also documents enterprise monitoring as a commercial layer while keeping the core scanner open source.

Adoption history

TruffleHog spread because secret leakage is a concrete, recurring operational problem: a key committed once may remain in Git history even after later commits remove it. Truffle Security's GitHub Actions guide shows the tool used in CI to scan pull requests and pushes before leaks move farther into deployment pipelines.

The tool's package-manager footprint is broad: Homebrew, Docker images, binary releases, install scripts, and distro packages all make it easy to drop into local audits, CI jobs, pre-commit workflows, and incident response scripts.

How it is used

Common CLI usage includes scanning a remote Git repository, a GitHub organization, a local Git repository, S3 or GCS buckets, Docker images, filesystems, Jira, Slack, and other collaboration surfaces. Security teams often run it with verified-only results to prioritize active credentials.

For package nerds, TruffleHog is a canonical 'install this before you publish or rotate credentials' tool: it is easy to add to a shell, CI workflow, or one-off audit and it returns structured JSON when automation needs to consume findings.

Why package nerds care

TruffleHog matters because it turned secrets scanning into a normal CLI/package-manager concern. The same binary can be used interactively with Homebrew, containerized through Docker, or pinned in CI, which fits how security tooling actually lands in developer environments.

Its distinction from simple grep-like scanners is verification. Package users care because reducing false positives changes the economics of adopting a scanner in every repository.

Timeline

  • Circa 2017: The original TruffleHog is written to find secrets committed to Git, based on the 2022 v3 announcement's five-year lookback.
  • 2022-04-04: Truffle Security introduces TruffleHog v3.
  • 2023-05-18: Truffle Security documents the TruffleHog GitHub Action for pull request and push scanning.
  • 2024-02-21: Truffle Security publishes a detailed explanation of TruffleHog secret verification.

Related projects

  • Gitleaks is mentioned by the v3 announcement as inspiration for some Git improvements.
  • GitHub Actions is a common integration surface for running TruffleHog on pull requests and pushes.
  • Driftwood is referenced by Truffle Security as a related technique for private encryption key checks.

security posture

No protected-tool coverage found yet

No matching local secret-handling manifest was found for trufflehog. Nucleus package metadata is still published here so future coverage has a stable package URL.

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
trufflehogcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version3.95.8
manager updated2026-07-03
local dataok
upstreamcurrent
latest detectedv3.95.8

https://github.com/trufflesecurity/trufflehog

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:trufflehog
Version3.95.8
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/trufflehog
Homepagehttps://trufflesecurity.com/
Repositoryhttps://github.com/trufflesecurity/trufflehog
Upstream docshttps://github.com/trufflesecurity/trufflehog#readme
LicenseAGPL-3.0-only
Source archivehttps://github.com/trufflesecurity/trufflehog/archive/refs/tags/v3.95.8.tar.gz
Last updated2026-07-03T00:12:26Z
Pulseupdated
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nametrufflehog
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

trufflehog

nix profile install nixpkgs#trufflehog
  • normalized package name match
  • Matched by: Trufflehog
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/tr/trufflehog/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
zypper95%

trufflehog 3.95.4-1.1

CLI tool to find exposed secrets in source and archives

https://github.com/trufflesecurity/trufflehog

sudo zypper install trufflehog
  • License: AGPL-3.0-or-later
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: trufflehog
  • 1 dependencies
  • 1 provides
  • normalized package name match
  • Matched by: Trufflehog
openSUSE Tumbleweed package metadata · download.opensuse.org · openSUSE Tumbleweed package metadata: trufflehog from https://download.opensuse.org/tumbleweed/repo/oss/repodata/be8d3611d25469107f32075a1697e69ec57a2b850b42348a658cc671ad5ec2b50760d02c3e59524d50da9a11d5be799bdaffba2e166e8ca8858512e3c0bd665d-primary.xml.zst
MacPorts95%

trufflehog

sudo port install trufflehog
  • normalized package name match
  • Matched by: Trufflehog
MacPorts ports tree · api.github.com · MacPorts ports tree: security/trufflehog/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
Chocolatey95%

trufflehog

choco install trufflehog
  • normalized package name match
  • Matched by: Trufflehog
Chocolatey community package catalog · community.chocolatey.org · Chocolatey community package catalog: trufflehog from http://community.chocolatey.org/api/v2/Packages?$filter=IsLatestVersion&$select=Id&$top=1000&$skiptoken='11','timberwinr'
Scoop95%

main/trufflehog

scoop install main/trufflehog
  • normalized package name match
  • Matched by: Trufflehog
Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/trufflehog.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment