Skip to content
Peter Mueller edited this page Feb 19, 2026 · 1 revision

Frequently Asked Questions

What is Titus?

Titus is an open source secret scanner built in Go by Praetorian. It detects leaked credentials, API keys, and tokens across source code, binary files, and HTTP traffic. It runs as a CLI tool, a Go library, a Burp Suite extension, or a Chrome browser extension, all sharing the same detection engine and rule set.

How many detection rules does Titus include?

Titus ships with over 450 detection rules drawn from two sources: roughly 200 rules from Nosey Parker covering credential patterns commonly found during security engagements, and 250+ rules from Kingfisher (MongoDB's Nosey Parker fork) covering a long tail of SaaS platforms and services including Stripe, Twilio, SendGrid, Datadog, and more.

Can Titus validate whether detected secrets are live?

Yes. Titus can check whether a detected secret is actually live by making a controlled request against the relevant API. Run titus scan path/to/code --validate and each finding is tagged as confirmed, denied, or unknown. The scanner uses concurrent validation workers (4 by default, configurable with --validate-workers).

What file formats can Titus scan?

Beyond plaintext source code, Titus can extract and scan secrets from binary file formats including Office documents (xlsx, docx, pptx), PDFs, Jupyter notebooks, SQLite databases, and common archive formats (zip, tar, tar.gz, jar, war, ear, apk, ipa, crx). Archives are recursively extracted up to configurable depth and size limits. Use titus scan path/to/files --extract=all to enable extraction.

How does Titus compare to Nosey Parker?

Titus is a Go reimplementation of Nosey Parker's detection engine. Nosey Parker was written in Rust and offered excellent raw performance, but the Go rewrite enables native integration with Praetorian's Go-based tooling ecosystem. Titus carries forward Nosey Parker's battle-tested rules and adds new capabilities like secrets validation, binary file extraction, and a Burp Suite extension.

How does Titus compare to Gitleaks or TruffleHog?

Titus differentiates with three key features: live credential validation against source APIs, binary file extraction (scanning Office docs, PDFs, archives, mobile packages), and multiple interfaces beyond the CLI (Go library, Burp Suite extension, Chrome extension). It also ships with a larger rule set (450+ rules from both Nosey Parker and Kingfisher).

How do I install Titus?

Download a prebuilt binary from the Releases page for Linux, macOS, or Windows. The Burp Suite extension JAR and Chrome extension ship alongside them. You can also build from source with make build.

Can I add custom detection rules?

Yes. Titus uses the same rule format as Nosey Parker. You can create custom YAML rule files and load them with titus scan path/to/code --rules path/to/custom-rules.yaml. See the repository for rule format documentation.