From 995eb64d3864466082d119ee0199adc838b9c566 Mon Sep 17 00:00:00 2001
From: Zachary Rice <zachary.rice@trufflesec.com>
Date: Fri, 22 Sep 2023 15:26:20 -0500
Subject: [PATCH] examples folder (#1734)

* wip examples folder

* Rename examples.md to README.md
---
 examples/README.md   | 14 ++++++++++++++
 examples/generic.yml | 15 +++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 examples/README.md
 create mode 100644 examples/generic.yml

diff --git a/examples/README.md b/examples/README.md
new file mode 100644
index 000000000..affcd3a2e
--- /dev/null
+++ b/examples/README.md
@@ -0,0 +1,14 @@
+# Examples
+This folder contains various examples like custom detectors, scripts, etc. Feel free to contribute!
+
+### Generic Detector
+An often requested feature for TruffleHog is a generic detector. By default, we do not support generic detection as it would result in lots of false positives. However, if you want to attempt detect generic secrets you can use a custom detector. 
+
+#### Try it out:
+```
+wget UPDATE ONCE MERGED
+trufflehog filesystem --config=$PWD/generic.yml $PWD
+
+# to filter so that _only_ generic credentials are logged:
+trufflehog filesystem --config=$PWD/generic.yml --json --no-verification $PWD | awk '/generic-api-key/{print $0}'
+```
diff --git a/examples/generic.yml b/examples/generic.yml
new file mode 100644
index 000000000..04a226d21
--- /dev/null
+++ b/examples/generic.yml
@@ -0,0 +1,15 @@
+detectors:
+- name: generic-api-key
+  keywords:
+  - key
+  - api
+  - token
+  - secret
+  - client
+  - passwd
+  - password
+  - auth
+  - access
+  regex:
+    # borrowing the gitleaks generic-api-key regex
+    generic-api-key: "(?i)(?:key|api|token|secret|client|passwd|password|auth|access)(?:[0-9a-z\\-_\\t .]{0,20})(?:[\\s|']|[\\s|\"]){0,3}(?:=|>|:{1,3}=|\\|\\|:|<=|=>|:|\\?=)(?:'|\"|\\s|=|\\x60){0,5}([0-9a-z\\-_.=]{10,150})(?:['|\"|\\n|\\r|\\s|\\x60|;]|$)"