Add macOS keychain source

Please review the [Community Note](https://github.com/trufflesecurity/trufflehog/blob/main/.github/community_note.md) before submitting

Is this something in scope of trufflehog?

## Description
Some tools store credentials in macOS Keychain in an unsafe way by using the `security` tool. This allows any other process to read this credential without any user prompt.

Create a secret:
```sh
 security add-generic-password \
           -a "test-account" \
           -s "trufflehog-test-service" \
           -w "super-secret-value" \
           -U
```

Enumerate secrets readable by `security` (takes a long time):
```sh
security dump-keychain -a | less
# search for /usr/bin/security
```

Read the secret:
```sh
security find-generic-password -a test-account -g
```

```
# ...
# password: "super-secret-value"
```

### Preferred Solution
Ideally a new trufflehog source:
1. Enumerate all unlocked macOS keychains.
2. Enumerate all readable secrets in each keychain.
3. Read each secret and pass it further down the pipeline.

### Additional Context
None.

#### References
None.




Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add macOS keychain source #4728

Description

Preferred Solution

Additional Context

References

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add macOS keychain source #4728

Description

Description

Preferred Solution

Additional Context

References

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions