Skip to content

Trufflehog doesn't detect multiple occurrences of a secret.Β #4535

New issue
New issue
Open
Open
Trufflehog doesn't detect multiple occurrences of a secret.#4535
Labels
bug
@makuartur

Description

@makuartur
makuartur
opened on Nov 4, 2025

TruffleHog Version

3.90.12

Trace Output

➜  trufflehog_aws trufflehog filesystem ./ --results=verified --log-level=5
2025-11-04T14:34:24+01:00	info-2	trufflehog	trufflehog 3.90.12
πŸ·πŸ”‘πŸ·  TruffleHog. Unearth your secrets. πŸ·πŸ”‘πŸ·

2025-11-04T14:34:24+01:00	info-4	trufflehog	default engine options set
2025-11-04T14:34:24+01:00	info-4	trufflehog	engine initialized
2025-11-04T14:34:24+01:00	info-4	trufflehog	setting up aho-corasick core
2025-11-04T14:34:24+01:00	info-4	trufflehog	set up aho-corasick core
2025-11-04T14:34:24+01:00	info-2	trufflehog	starting scanner workers	{"count": 8}
2025-11-04T14:34:24+01:00	info-2	trufflehog	starting detector workers	{"count": 64}
2025-11-04T14:34:24+01:00	info-2	trufflehog	starting verificationOverlap workers	{"count": 8}
2025-11-04T14:34:24+01:00	info-2	trufflehog	starting notifier workers	{"count": 8}
2025-11-04T14:34:24+01:00	info-0	trufflehog	running source	{"source_manager_worker_id": "2wcI7", "with_units": true}
2025-11-04T14:34:24+01:00	info-2	trufflehog	enumerating source	{"source_manager_worker_id": "2wcI7"}
2025-11-04T14:34:24+01:00	info-3	trufflehog	chunking unit	{"source_manager_worker_id": "2wcI7", "unit_kind": "unit", "unit": "./"}
2025-11-04T14:34:24+01:00	info-3	trufflehog	scanning file	{"source_manager_worker_id": "2wcI7", "unit_kind": "unit", "unit": "./", "path": "secrets.txt"}
2025-11-04T14:34:24+01:00	info-5	trufflehog	dataErrChan closed, all chunks processed	{"source_manager_worker_id": "2wcI7", "unit_kind": "unit", "unit": "./", "path": "secrets.txt", "mime": "text/plain; charset=utf-8", "timeout": 60}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "mc516"}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "8Ihdd"}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "vGZHv"}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "TQxme"}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "YPHVU"}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "CkxpJ"}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "G7uWR"}
2025-11-04T14:34:24+01:00	info-4	trufflehog	finished scanning chunks	{"scanner_worker_id": "y6TS6"}
2025-11-04T14:34:24+01:00	info-5	trufflehog	Starting to detect chunk	{"detector_worker_id": "oGbJE", "detector": {"type":"AWS"}, "decoder_type": "PLAIN", "chunk_source_name": "trufflehog - filesystem", "chunk_source_id": 1, "chunk_source_metadata": "filesystem:{file:\"secrets.txt\"}"}
2025-11-04T14:34:26+01:00	info-4	trufflehog	link is empty, skipping update	{"detector_worker_id": "oGbJE", "detector": {"type":"AWS"}, "decoder_type": "PLAIN", "chunk_source_name": "trufflehog - filesystem", "chunk_source_id": 1, "chunk_source_metadata": "filesystem:{file:\"secrets.txt\"}", "timeout": 10}
2025-11-04T14:34:26+01:00	info-4	trufflehog	link is empty, skipping update	{"detector_worker_id": "oGbJE", "detector": {"type":"AWS"}, "decoder_type": "PLAIN", "chunk_source_name": "trufflehog - filesystem", "chunk_source_id": 1, "chunk_source_metadata": "filesystem:{file:\"secrets.txt\"}", "timeout": 10}
2025-11-04T14:34:26+01:00	info-5	trufflehog	Finished detecting chunk	{"detector_worker_id": "oGbJE", "detector": {"type":"AWS"}, "decoder_type": "PLAIN", "chunk_source_name": "trufflehog - filesystem", "chunk_source_id": 1, "chunk_source_metadata": "filesystem:{file:\"secrets.txt\"}"}
βœ… Found verified result πŸ·πŸ”‘
Detector Type: AWS
Decoder Type: PLAIN
Raw result: AKIAQYLPMN5HHHFPZAM2
Account: 052310077262
Message: This is an AWS canary token generated at canarytokens.org.
Is_canary: true
Arn: arn:aws:iam::052310077262:user/canarytokens.com@@c20nnjzlioibnaxvt392i9ope
Resource_type: Access key
File: secrets.txt
Line: 3

2025-11-04T14:34:26+01:00	info-0	trufflehog	finished scanning	{"chunks": 1, "bytes": 264, "verified_secrets": 1, "unverified_secrets": 0, "scan_duration": "1.213425792s", "trufflehog_version": "3.90.12", "verification_caching": {"Hits":0,"Misses":1,"HitsWasted":0,"AttemptsSaved":0,"VerificationTimeSpentMS":1210}}

Expected Behavior

Trufflehog detects and logs all secrets.

Actual Behavior

Trufflehog detects the first match and displays only that one.

Steps to Reproduce

mkdir trufflehog_aws; cd trufflehog_aws;
cat << EOF > ./secrets.txt
[default]
aws_access_key_id = AKIAQYLPMN5HHHFPZAM2
aws_secret_access_key = 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

[default]
AWS_ACCESS_KEY_ID=AKIAQYLPMN5HHHFPZAM3
AWS_SECRET_ACCESS_KEY=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
EOF
trufflehog filesystem ./ --results=verified

Additional Context

OS: macOS
Version 15.7.1

References

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions