Dive into the world of Tartufo, a powerful tool designed for scanning and managing security vulnerabilities through regular expressions.
This article offers a comprehensive API reference guide for all public classes and functions within Tartufo, from configuring scans to compiling and applying rules.
Learn how to effectively utilize Tartufo to enhance your security protocols and streamline your codebase examination process.
This part of the documentation lists the full API reference of all public classes and functions.
tartufo.config.compile_path_rules(patterns)
Take a list of regex strings and compile them into patterns.
Any line starting with # will be ignored.Parameters
patterns (Iterable
[str
]) – The list of patterns to be compiledReturn type
tartufo.config.compile_rules(patterns)
Take a list of regex string with paths and compile them into a List of Rule.Parameters
patterns (Iterable
[Dict
[str
, str
]]) – The list of patterns to be compiledReturn type
List of Rule objects
tartufo.config.configure_regexes(include_default=True, rule_patterns=None, rules_repo=None, rules_repo_files=None)
Build a set of regular expressions to be used during a regex scan.Parameters
bool
) – Whether to include the built-in set of regexesOptional
[Iterable
[Dict
[str
, str
]]]) – A set of previously-collected rulesOptional
[str
]) – A separate git repository to load rules fromOptional
[Iterable
[str
]]) – A set of patterns used to find files in the rules repoReturn type
Set of Rule objects to be used for regex scans
tartufo.config.load_config_from_path(config_path, filename=None, traverse=True)
Scan a path for a configuration file, and return its contents.
All key names are normalized to remove leading “-“/”–” and replace “-” with “_”. For example, “–repo-path” becomes “repo_path”.
In addition to checking the specified path, if traverse
is True
, this will traverse up through the directory structure, looking for a configuration file in parent directories. For example, given this directory structure:
working_dir/
|- tartufo.toml
|- group1/
| |- project1/
| | |- tartufo.toml
| |- project2/
|- group2/
|- tartufo.toml
|- project1/
|- project2/
|- tartufo.toml
For more information click here.
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…
Embark on the journey of becoming a certified Red Team professional with our definitive guide.…
This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…
This took me like 4 days (+2 days for an update), but I got it…
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…