Titus is a high-performance secrets scanner designed to detect credentials, API keys, and tokens across various data sources. It leverages Hyperscan/Vectorscan for accelerated regex matching, with a pure-Go fallback for broad platform compatibility, ensuring fast and efficient scanning.
Key Features:
- High-Performance Scanning: Utilizes hardware-accelerated regex matching (Hyperscan/Vectorscan) for speed, with a portable pure-Go engine.
- Extensive Detection Rules: Comes with 459 detection rules, covering hundreds of services and credential types, derived from NoseyParker and Kingfisher.
- Live Credential Validation: Reduces false positives and prioritizes remediation by checking detected secrets against their source APIs to confirm activity.
- Multiple Interfaces: Available as a command-line interface (CLI), a Go library for integration into custom tools, a Burp Suite extension for passive and active HTTP traffic scanning, and a Chrome browser extension for web page assessments.
- Binary File Extraction: Capable of extracting and scanning secrets from various binary formats, including Office documents, PDFs, archives (zip, tar, 7z), and mobile applications (APK, IPA).
Use Cases:
- Security Engineers: Quickly identify and verify leaked secrets in codebases.
- Penetration Testers: Integrate into testing workflows to find secrets in HTTP traffic (Burp Suite) or web pages (Chrome extension).
- DevSecOps Teams: Automate secret detection in CI/CD pipelines and across development environments.
- Code Audits: Perform deep scans of source code and git history to uncover hidden credentials.
