Searches through files and directories for high entropy strings and secrets.
Similar to trufflehog but for local files rather than git repos. Based also on entro.py.
pip3 install entropeerentropeer will dig secrets out of a file or a folder returning strings with high shannon entropy or secrets matching some rules. This can be used to quickly pull secret keys out of a large collection of files like a local sourcecode repo.
Scan a single file:
entropeer -f ./filenameSearch all the files in the current directory:
entropeerSearch all the files in a custom directory:
entropeer -d /tmp/codeRecursively search all the files in the current directory and all of its subdirectories:
entropeer -rBy default entropeer does Regex-based scan but you can change to Entropy-based scan with -E or --entropy
entropeer -Erd /tmp/codeComplete help dialog
usage: entropeer [-h] [-f FILE | -d DIRECTORY] [-r] [-E | -X] [--rules RULES] [-M] [-v] [-t THREADS] [-V]
Search files for strings with high shannon entropy.
optional arguments:
-h, --help show this help message and exit
-f FILE, --filename FILE
File to search.
-d DIRECTORY, --directory DIRECTORY
Search all files in directory.
-r, --recurse Search directories recursively starting in the current directory. Use with -d
-E, --entropy Enable entropy checks
-X, --regex Enable high signal regex checks
--rules RULES Load external rules from json list file
-M, --match-only Print only the matching string
-v, --verbose Verbose output
-t THREADS, --threads THREADS
Number of threads/processes to start
-V, --version show program's version number and exit