Consider Filtering Discovered Secrets from Future HTTP Data

[joeleonjr]

The extension executes TruffleHog every 10 seconds. TruffleHog will cache across each individual execution but not across executions. As a result, the same secret might be sent for verification every 10 seconds (if it appears consistently in HTTP traffic). This could cause unintended side effects due to rate limiting, fraud & abuse detection engineering, and account lockout policies.

A couple options:

• String replace raw secret values from HTTP data. This would probably work well in 99% of cases, but I'm sure there are edge cases where doing this will alter data to the point where we will miss a new secret.
• Add a cache tied to each Burp Suite session.

[joeleonjr]

If filtering by strings, we'd want to take into account the URL and raw secret value. Otherwise, we'd not report other pages where the secret is found.