Truffle Security
@trufflesec
The TruffleHog company
We find credentials, with open source
https://t.co/7CnEqo1inq
https://t.co/8vZxthRRXX
ID:1081974201781694464
https://trufflesecurity.com 06-01-2019 18:02:06
339 Tweets
3,3K Followers
1 Following
🤔 Why don’t bug bounty programs reward researchers for finding stolen credentials?
🔍We interviewed #HackerOne ’s CISO about new guidelines including:
🔑 Credential types & vulnerabilities
⚖️ Legal risks
🛠️ TruffleHog tools
trufflesecurity.com/blog/bug-bount…
CISA is now recommending all Sisense customers revoke all credentials shared with Sisense, following an attacker abusing an AWS key Sisense had laying around in a Git repo.
We (Truffle Security ) made howtorotate.com a while ago to make revocation as painless as we can.
Join us for an evening filled with expert security insights and valuable peer networking on 4/23 OWASPBayArea Meetup. Don't miss talks by Dylan, Sam Curry, and Denis Smajlović.
👉 Secure your spot now: meetup.com/bay-area-owasp…
New TruffleHog open-source script 🐷 helps make Docker Build Cloud is here! 🐳🧱☁️ 🐳more secure!
🔍 Scans every Docker image tag & architecture for leaked secrets
👉Get the script for a more comprehensive scan of Docker images: trufflesecurity.com/blog/scan-ever…
20 essential open-source cybersecurity tools that save you time - helpnetsecurity.com/2024/03/25/ess… - Lars Karlslund - mucking around with your AD Permiso Security ProjectDiscovery.io Mario Rojas Amged m-1-k-3 Josh Summitt Ajin Abraham Bojan Zdrnja FalconForce Official Truffle Security Travis CI ˗ˏˋ Alicia Sykes ˎˊ˗ 🚀 Harshit Raj Singh
⌨️ There's a keyboard button in Linux that can sometimes dump root memory when pressed.
😅 It's made worse with Marc Newlin 's bluetooth bugs, that can remotely press the button every 50ms
👉 Learn more: trufflesecurity.com/blog/the-keybo…