dumpsterdiver
Key features:
- it uses Shannon Entropy to find private keys,
- it searches through git logs,
- it unpacks compressed archives (e.g., zip, tar.gz, etc.),
- it supports advanced search using simple rules (details below),
- it searches for hardcoded passwords,
- it is fully customizable.
Basic Usage Example
Pass a path to the folder containing files to be analyzed, to the path-to-files
input:
![screenshot of dumpsterdiver node connected with the file input node in the workflow editor](https://res.cloudinary.com/db14crach/image/upload/v1700236798/docs/dumpsterdiver/dumpsterdiver_basic_usage.png)
Improvements
Customizing search
You can customize your search by using any of the following dumpstediver inputs:
min-key-length
- String type value, specifies the minimum key length to be analyzed (default is "").max-key-length
- String type value, specifies the maximum key length to be analyzed (default is "80").
![screenshot of the dumpsterdiver node connected with three input nodes in the workflow editor](https://res.cloudinary.com/db14crach/image/upload/v1700236798/docs/dumpsterdiver/dumpsterdiver_max_min_key_length_usage.png)
Additional analyzing using defined rules
Use advanced-analysis
boolean input to additionally analyzed all files using rules specified in tool's rules.yaml file:
![screenshot of the dumpsterdiver node connected with two input nodes in the workflow editor](https://res.cloudinary.com/db14crach/image/upload/v1700236797/docs/dumpsterdiver/dumpsterdiver_additional_analysis.png)