Deleted doesn't mean gone. We explain how TruffleHog recovers secrets from git history.
When a developer commits a secret and then removes it in a follow-up commit, the secret persists in git history forever. TruffleHog scans every commit, every branch, and every dangling object in the git object store. This post explains the internal architecture of our git scanner and how it reconstructs file contents across the full history graph.