frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Show HN: Layerleak – Like Trufflehog, but for Docker Hub

https://github.com/Brumbelow/layerleak
5•brumbelow•1h ago

Comments

brumbelow•1h ago
I couldn't find anything comparable to Trufflehog for Docker images, even though I have constantly read articles about "secrets discovered in public images." So I built my own (hopefully) comparable tool.
captn3m0•20m ago
But trufflehog supports docker images already? The trufflehog readme has examples[0]

    # to scan from a remote registry
    trufflehog docker --image trufflesecurity/secrets 
    # to scan from the local docker daemon

    trufflehog docker --image docker://new_image:tag

    # to scan from an image saved as a tarball
    trufflehog docker --image file://path_to_image.tar
[0]: https://github.com/trufflesecurity/trufflehog#11-scan-a-dock...
brumbelow•18m ago
That's true, but as you can see from your paste, Trufflehog requires the docker daemon and is generally pretty resource intensive while scanning.

layerleak has neither of those issues or requirements.

Try it and let me know what you think.

darknavi•40m ago
A small ask: Don't have the main tag like for your product refer to another product. I know what Docker Hub is, but I have no idea what Trufflehog is.

The first like of the GitHub README is much better IMO: layerleak the Docker Hub Secret Scanner

brumbelow•32m ago
Thanks for the advice! Did not even consider that. I just updated it

Deploytarot.com – tarot card reading for deployments

https://deploytarot.com/setup
1•rembish•3m ago•1 comments

Harness design for long-running application development

https://www.anthropic.com/engineering/harness-design-long-running-apps
1•rmuchall•3m ago•0 comments

Cloudflare's new Dynamic Workers ditch containers, run AI agent code 100x faster

https://venturebeat.com/infrastructure/cloudflares-new-dynamic-workers-ditch-containers-to-run-ai...
1•CharlesW•4m ago•0 comments

JCal – Jeffrey Epstein's Activities Recreated in Google Calendar

https://jmail.world/calendar
3•ilamont•5m ago•0 comments

Future Vision X Prize: One of the Largest SCI-FI Film Competitions

https://futurevisionxprize.com/
2•andersource•6m ago•0 comments

Ask HN: Personalized mRNA cancer vaccines, how real is the pipeline today?

2•imnotlost•7m ago•0 comments

How Much of AI Labs' Research Is Safety?

https://fi-le.net/safety-blogs/
2•mottiden•10m ago•0 comments

Tutorial: Analyzing Shell Scripts

https://blog.greenberg.science/posts/popl2026-tutorial/
2•vagozino•13m ago•0 comments

Global ocean heat content over the past 3M years

https://www.nature.com/articles/s41586-026-10116-3
2•CGMthrowaway•15m ago•0 comments

3-d genome reorganization foreshadows zygotic genome activation in Drosophila

https://www.nature.com/articles/s41588-026-02503-3
1•PaulHoule•15m ago•0 comments

Claude connects the dots on sleep apnea diagnosis

https://old.reddit.com/r/ClaudeAI/comments/1s41fny/25_years_multiple_specialists_zero_answers_one/
1•dnw•16m ago•0 comments

U.S. Stocks Have Their Biggest Drop Since Start of Iran War

https://www.nytimes.com/2026/03/26/business/oil-stock-gas-prices-iran.html
1•doener•16m ago•0 comments

I Put a Full JVM Inside a Browser Tab

https://bmarti44.substack.com/p/i-put-a-full-jvm-inside-a-browser
1•PaulHoule•19m ago•0 comments

The Little Book of C

https://little-book-of.github.io/c/books/en-US/book.html
1•ghostrss•21m ago•0 comments

New York City hospitals drop Palantir as controversial AI firm expands in UK

https://www.theguardian.com/technology/2026/mar/26/new-york-hospitals-palantir-ai
15•chrisjj•22m ago•1 comments

The Many Roots of Our Suffering: Reflections on Robert Trivers (1943–2026)

https://quillette.com/2026/03/25/the-many-roots-of-our-suffering-reflections-on-robert-trivers-19...
1•Petiver•22m ago•0 comments

Ask HN: Leaving Notion, Codebase as a Wiki?

1•kthaker1224•23m ago•0 comments

Engineers do get promoted for writing simple code

https://www.seangoedecke.com/simple-work-gets-rewarded/
1•dondraper36•25m ago•0 comments

AI comments drove Paul Graham off X notifications

https://twitter.com/gostroverhov/status/2037263858390147535
1•gostroverhov•26m ago•1 comments

Show HN: Photo Triager – Cull Raw Photos on iPhone with XMP Sidecars

https://photo-triager.junle.li/
2•lijunle•27m ago•0 comments

Show HN: Breakwater

https://www.breakwaterapp.com
2•stympy•27m ago•0 comments

Show HN: Illustrative – AI pipeline that turns books into graphic novels

https://arv.in/illustrative/
2•adangit•29m ago•0 comments

Agent Reliability Engineering

https://github.com/choutos/agent-reliability-engineering
1•choutos•30m ago•0 comments

Apple Gives FBI a User's Real Name Hidden Behind 'Hide My Email' Feature

https://www.404media.co/apple-gives-fbi-a-users-real-name-hidden-behind-hide-my-email-feature/
1•cdrnsf•31m ago•0 comments

Databuddy: Privacy-First Analytics

https://www.databuddy.cc
1•monssoen•31m ago•0 comments

Probabilistic feature analysis of facial perception of emotions [pdf]

https://sites.stat.columbia.edu/gelman/research/published/faces.pdf
1•luu•32m ago•0 comments

Unlimited Prep Cooks. Are You Going to Make Something?

https://milkcrunch.com/scaling-to-infinite/
1•mrdoornbos•32m ago•1 comments

Show HN: NPM install is a security hole, so we built a guard for it

https://github.com/safedep/pmg
1•Sahil121•32m ago•0 comments

The OpenAI Safety Bug Bounty Program

https://openai.com/index/safety-bug-bounty/
1•gmays•33m ago•0 comments

From trash to climate tech: Rubber gloves find new life as carbon capturers

https://phys.org/news/2026-02-trash-climate-tech-rubber-gloves.html
1•PaulHoule•33m ago•0 comments