MassHog is a command-line tool designed to help users efficiently scan multiple GitHub repositories for sensitive information using the TruffleHog tool. By providing a list of HTTPS URLs to repositories, MassHog simplifies the process of identifying secrets that may have been accidentally committed.
- Batch Scanning: Scan multiple GitHub repositories by providing a single file containing HTTPS URLs.
- Integration with TruffleHog: Leverage TruffleHog's powerful scanning capabilities for detecting secrets.
- User-friendly Interface: Easy-to-use command-line interface for quick setup and execution.
- Configurable Options: Customize the scan parameters for your specific needs.
- Go 1.23 or later
- TruffleHog installed on your machine
-
Install using
go installcommandgo install github.com/dmdhrumilmistry/masshog@latest
-
Clone the repository
git clone https://github.com/dmdhrumilmistry/masshog.git cd masshog -
Install
masshoggo install .
-
To scan multiple GitHub repositories, create a file (e.g.,
repos.txt) that contains the HTTPS URLs of the repositories you want to scan. Each URL should be on a new line:https://github.com/owner/repo1.git https://github.com/owner/repo2.git https://github.com/owner/repo3.git
-
Run MassHog with the following command
masshog -f repos.txt -s state.json -o results.json
-
For configurations and flags use
-hmasshog -h
Contributions are welcome! If you have suggestions or improvements, please create a pull request or open an issue.
-
Fork the repository
-
Create your feature branch
git checkout -b feature/my-feature
-
Commit your changes
git commit -m 'Add some feature' -
Push to the branch
git push origin feature/my-feature
-
Open a pull request
This project is licensed under the MIT License - see the LICENSE file for details.