Hi, everyone.
-
Hi, everyone. I've just stumbled onto 3200 #Terraform .tfstate files at work and I'd like to see what secrets are exposed. (To be clear, this is authorized.) Is there an easy way to audit/scan these? Thanks.
-
Hi, everyone. I've just stumbled onto 3200 #Terraform .tfstate files at work and I'd like to see what secrets are exposed. (To be clear, this is authorized.) Is there an easy way to audit/scan these? Thanks.
@FritzAdalis TruffleHog?
-
@FritzAdalis TruffleHog?
@vees @FritzAdalis TruffleHog. And then for seeking encodings I’d use Securing DumpsterDiver, but looks like that project has now been archived.
-
@vees @FritzAdalis TruffleHog. And then for seeking encodings I’d use Securing DumpsterDiver, but looks like that project has now been archived.
@badsamurai @vees
Ah, Trufflehog. I've only used their browser extension, I'll give it a shot! Thanks. -
Hi, everyone. I've just stumbled onto 3200 #Terraform .tfstate files at work and I'd like to see what secrets are exposed. (To be clear, this is authorized.) Is there an easy way to audit/scan these? Thanks.
@FritzAdalis I'd love to help but not if it's authorized.
-
R relay@relay.infosec.exchange shared this topic
