Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 07:04:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update AWS prefixes

Browse source
This commit is contained in:
Dustin Decker 2022-02-15 19:13:18 -08:00
parent c20e9f4732
commit b2a9d5b0a9
1 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
pkg/detectors/aws/aws.go
View file

@ -19,15 +19,28 @@ type Scanner struct{}
var _ detectors.Detector = (*Scanner)(nil) var _ detectors.Detector = (*Scanner)(nil)
var ( var (
// TODO: Support other key types https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids // Key types are from this list https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids
keyPat = regexp.MustCompile(`\b(AKIA[0-9A-Z]{16})\b`) keyPat = regexp.MustCompile(`\b((AKIA|ABIA|ACCA|AGPA|AIDA|AIPA|ANPA|ANVA|APKA|AROA|ASCA|ASIA)[0-9A-Z]{16})\b`)
secretPat = regexp.MustCompile(`\b([A-Za-z0-9+/]{40})\b`) secretPat = regexp.MustCompile(`\b([A-Za-z0-9+/]{40})\b`)
) )
// Keywords are used for efficiently pre-filtering chunks. // Keywords are used for efficiently pre-filtering chunks.
// Use identifiers in the secret preferably, or the provider name. // Use identifiers in the secret preferably, or the provider name.
func (s Scanner) Keywords() []string { func (s Scanner) Keywords() []string {
return []string{"AKI"} return []string{
"AKIA",
"ABIA",
"ACCA",
"AGPA",
"AIDA",
"AIPA",
"ANPA",
"ANVA",
"APKA",
"AROA",
"ASCA",
"ASIA",
}
} }
func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) ([]detectors.Result, error) { func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) ([]detectors.Result, error) {