entro.py

entro.py searches files for strings with high shannon entropy. Similar to trufflehog but for local files rather than git repos.

Install

git clone https://github.com/tehryanx/entro.py

What it does

entro.py will dig secrets out of a file or a group of files by returning strings with high shannon entropy. This can be used to quickly pull secret keys out of a large collection of files like a local sourcecode repo.

How to

To use entro.py on a single file use:

entro.py -f ./filename

You can also search all the files in the current directory using:

entro.py

or recursively search all the files in the current directory and all of its subdirectories using:

entro.py -r

By default entro.py only considers strings that are at least 20 characters long. You can adjust this using:

entro.py -m 33

It also only considers strings that conform either to the hexidecimal or base64 charsets. By default it will return hex strings with a shannon entropy of greater than 3 and base64 strings with a shannon entropy greater than 4.5. These values can be adjusted as follows:

entro.py -b64entropy 5
entro.py -hexentropy 4

By default, output will be in the form - path/to/file : line number : secret

entro.py
...
./target/325643454.txt : 451 : 706c100d319514ebd09e2c34286be31d
...

use -v for more detail

entro.py -v
-----------
File: entro.py
Line: 10
Type: Base64
Shannon Entropy: 6.02236781303
Secret: ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=
Full Line:
        BASE64_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123
456789+/="