Custom Verifiers

Custom Verifiers

You can use Custom verifiers to set the endpoints for enterprise or non-publicly accessible instances. This will allow Trufflehog to verify secrets against those domains.

Custom verifiers can be configured in your config.yaml file under the customVerifiers field.

We currently support the following verifiers: github and gitlab

Example config

Each verifier can include one or more endpoints.

customVerifiers:
  - name: github
    endpoints:
    - https://example1.github.com
    - https://example2.github.com

Multple verifiers can be set at once.

customVerifiers:
  - name: gitlab
    endpoints:
    - https://example.gitlab.com
  - name: github
    endpoints:
    - https://example.github.com

Custom verifiers via command line

You can also set custom verifiers via our open source TruffleHog tool.

In the following example, we scan the currrent directory in our filesystem and pass-in two custom verifier endpoints for Github and one custom verifier endpoint for Gitlab.

trufflehog filesystem . --verifier github=example1.github.com,example2.github.com --verifier gitlab=example1.gitlab.com