Detectors that fail verification should still report the unverified secret (#440)

* Detectors that fail verification should still report the unverified secret * fixup - change microsoft webhook keywords, filter false positives for old github detector * fixup - fix typo
2024-11-10 15:14:38 +00:00 · 2022-04-21 18:32:26 -04:00 · 2022-04-21 18:32:26 -04:00 · b5743277a3
commit b5743277a3
parent 913c75db15
21 changed files with 232 additions and 326 deletions
--- a/pkg/detectors/dropbox/dropbox.go
+++ b/pkg/detectors/dropbox/dropbox.go
@ -6,10 +6,9 @@ import (
 	"net/http"
 	"regexp"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -53,10 +52,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			}
 			req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", match[1]))
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				return results, err
+				res.Body.Close() // The request body is unused.
 			}
 			defer res.Body.Close()
 				// 200 means good key for get current user
 				// 400 is bad (malformed)
@ -65,11 +62,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					s.Verified = true
 				}
 			}
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, s)
--- a/pkg/detectors/elasticemail/elasticemail.go
+++ b/pkg/detectors/elasticemail/elasticemail.go
@ -2,15 +2,12 @@ package elasticemail
 import (
 	"context"
-	// "log"
+	"encoding/json"
 	"io"
 	"net/http"
 	"regexp"
 	"strings"
 	// "fmt"
 	"encoding/json"
 	"io/ioutil"
 	"net/http"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
@ -56,36 +53,25 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 				continue
 			}
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				continue
+				data, readErr := io.ReadAll(res.Body)
-			}
+				res.Body.Close()
-			defer res.Body.Close()
+				if readErr == nil {
 			var byteData []byte
 			_, err = res.Body.Read(byteData)
 			if err != nil {
 				continue
 			}
 			defer res.Body.Close()
 			data, readErr := ioutil.ReadAll(res.Body)
 			if readErr != nil {
 				continue
 			}
 					var ResVar struct {
 						Success bool `json:"success"`
 					}
-			if err := json.Unmarshal(data, &ResVar); err != nil {
+					if err := json.Unmarshal(data, &ResVar); err == nil {
 				continue
 			}
 						if ResVar.Success {
 							s1.Verified = true
-			} else {
+						}
 					}
 				}
 			}
 		}
-				if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
+		if !s1.Verified && detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
 			continue
 		}
 			}
 		}
 		results = append(results, s1)
 	}
--- a/pkg/detectors/github/github.go
+++ b/pkg/detectors/github/github.go
@ -73,24 +73,19 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			req.Header.Add("Content-Type", "application/json; charset=utf-8")
 			req.Header.Add("Authorization", fmt.Sprintf("token %s", token))
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
 				break
 			}
 			defer res.Body.Close()
 			if res.StatusCode >= 200 && res.StatusCode < 300 {
 				var userResponse userRes
 				err = json.NewDecoder(res.Body).Decode(&userResponse)
 				res.Body.Close()
 				if err == nil {
 					s.Verified = true
 				}
 			}
 		}
-		if !s.Verified {
+		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		}
 		results = append(results, s)
 	}
--- a/pkg/detectors/github_old/github_old.go
+++ b/pkg/detectors/github_old/github_old.go
@ -75,21 +75,24 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			req.Header.Add("Content-Type", "application/json; charset=utf-8")
 			req.Header.Add("Authorization", fmt.Sprintf("token %s", token))
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
 				break
 			}
 			defer res.Body.Close()
 				if res.StatusCode >= 200 && res.StatusCode < 300 {
 					var userResponse userRes
 					err = json.NewDecoder(res.Body).Decode(&userResponse)
 					res.Body.Close()
 					if err == nil {
 						s.Verified = true
 					}
 				}
 			}
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(token, detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, s)
 	}
-	return
+	return detectors.CleanResults(results), nil
 }
--- a/pkg/detectors/gitlab/gitlab.go
+++ b/pkg/detectors/gitlab/gitlab.go
@ -6,10 +6,9 @@ import (
 	"net/http"
 	"regexp"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -59,10 +58,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			}
 			req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", match[1]))
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				return results, err
+				res.Body.Close() // The request body is unused.
 			}
 			defer res.Body.Close()
 				// 200 means good key and has `read_user` scope
 				// 403 means good key but not the right scope
@ -71,15 +68,14 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					secret.Verified = true
 				}
 			}
 		if !secret.Verified {
 			if detectors.IsKnownFalsePositive(string(secret.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !secret.Verified && detectors.IsKnownFalsePositive(string(secret.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, secret)
 	}
-	return
+	return detectors.CleanResults(results), nil
 }
--- a/pkg/detectors/gitlabv2/gitlab.go
+++ b/pkg/detectors/gitlabv2/gitlab.go
@ -6,10 +6,9 @@ import (
 	"net/http"
 	"regexp"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -59,10 +58,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			}
 			req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", match[1]))
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				return results, err
+				res.Body.Close() // The request body is unused.
 			}
 			defer res.Body.Close()
 				// 200 means good key and has `read_user` scope
 				// 403 means good key but not the right scope
@ -71,11 +68,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					secret.Verified = true
 				}
 			}
 		if !secret.Verified {
 			if detectors.IsKnownFalsePositive(string(secret.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !secret.Verified && detectors.IsKnownFalsePositive(string(secret.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, secret)
--- a/pkg/detectors/jdbc/jdbc.go
+++ b/pkg/detectors/jdbc/jdbc.go
@ -45,30 +45,27 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			Redacted:     redact,
 		}
-		if verify {
+		//if verify {
-			//TODO can this be verified? Possibly. Could triage verification to other DBMS strings
+		//	// TODO: can this be verified? Possibly. Could triage verification to other DBMS strings
-			s.Verified = false
+		//	s.Verified = false
 		//	client := common.SaneHttpClient()
 		//	req, err := http.NewRequestWithContext(ctx, "GET", "https://jdbcci.com/api/v2/me", nil)
-			if err != nil {
+		//	if err != nil {
-				continue
+		//		continue
-			}
+		//	}
 		//	req.Header.Add("Accept", "application/json;")
 		//	req.Header.Add("Jdbc-Token", token)
 		//	res, err := client.Do(req)
-			// if err != nil {
+		//	if err == nil {
 			// 	break
 			// }
 		//		if res.StatusCode >= 200 && res.StatusCode < 300 {
 		//			s.Verified = true
 		//		}
-		}
+		//	}
 		//}
-		if !s.Verified {
+		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, false) {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, false) {
 			continue
 		}
 		}
 		results = append(results, s)
 	}
--- a/pkg/detectors/mailchimp/mailchimp.go
+++ b/pkg/detectors/mailchimp/mailchimp.go
@ -54,23 +54,18 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			}
 			req.SetBasicAuth("anystring", match)
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				break
+				res.Body.Close() // The request body is unused.
-			}
+
 			defer res.Body.Close()
 				if res.StatusCode == 200 {
 					s.Verified = true
-			} else {
+				}
-				s.Verified = false
+			}
 		}
-		}
+		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		}
 		results = append(results, s)
 	}
--- a/pkg/detectors/microsoftteamswebhook/microsoftteamswebhook.go
+++ b/pkg/detectors/microsoftteamswebhook/microsoftteamswebhook.go
@ -2,7 +2,7 @@ package microsoftteamswebhook
 import (
 	"context"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"regexp"
 	"strings"
@ -27,7 +27,7 @@ var (
 // Keywords are used for efficiently pre-filtering chunks.
 // Use identifiers in the secret preferably, or the provider name.
 func (s Scanner) Keywords() []string {
-	return []string{"microsoft"}
+	return []string{"webhook.office.com"}
 }
 // FromData will find and optionally verify MicrosoftTeamsWebhook secrets in a given set of bytes.
@ -54,25 +54,20 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			}
 			req.Header.Add("Content-Type", "application/json")
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				continue
+				body, err := io.ReadAll(res.Body)
-			}
+				res.Body.Close()
-			defer res.Body.Close()
+				if err == nil {
 			body, err := ioutil.ReadAll(res.Body)
 			if err != nil {
 				continue
 			}
 					if res.StatusCode >= 200 && string(body) == "1" {
 						s1.Verified = true
-			} else {
+					}
-				//This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key
+				}
-				if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, false) {
+			}
 		}
 		if !s1.Verified && detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, false) {
 			continue
 		}
 			}
 		}
 		results = append(results, s1)
 	}
--- a/pkg/detectors/midise/midise.go
+++ b/pkg/detectors/midise/midise.go
@ -6,10 +6,9 @@ import (
 	"net/http"
 	"regexp"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -54,20 +53,17 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", match))
 			req.Header.Add("Content-Type", "application/json")
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				return results, err
+				res.Body.Close() // The request body is unused.
 			}
 			defer res.Body.Close()
 				if res.StatusCode == http.StatusOK {
 					s.Verified = true
 				}
 			}
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, s)
--- a/pkg/detectors/onelogin/onelogin.go
+++ b/pkg/detectors/onelogin/onelogin.go
@ -63,26 +63,23 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					req.Header.Add("Authorization", fmt.Sprintf("client_id:%s, client_secret:%s", clientID[1], clientSecret[1]))
 					req.Header.Add("Content-Type", "application/json; charset=utf-8")
 					res, err := client.Do(req)
-					if err != nil {
+					if err == nil {
-						return results, err
+						res.Body.Close() // The request body is unused.
-					}
+
 					defer res.Body.Close()
 						if res.StatusCode >= 200 && res.StatusCode < 300 {
 							s.Verified = true
-						break
+						}
 					}
 				}
 			}
-			if !s.Verified {
+			if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 			}
 			}
 			results = append(results, s)
 		}
 	}
-	return
+	return detectors.CleanResults(results), nil
 }
--- a/pkg/detectors/pivotaltracker/pivotaltracker.go
+++ b/pkg/detectors/pivotaltracker/pivotaltracker.go
@ -5,10 +5,9 @@ import (
 	"net/http"
 	"regexp"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -57,24 +56,21 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			req.Header.Add("Content-Type", "application/json; charset=utf-8")
 			req.Header.Add("X-TrackerToken", token)
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				break
+				res.Body.Close() // The request body is unused.
-			}
+
 			defer res.Body.Close()
 				if res.StatusCode >= 200 && res.StatusCode < 300 {
 					s.Verified = true
 				}
-
+			}
 		}
-		if !s.Verified {
+		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		}
 		results = append(results, s)
 	}
-	return
+	return detectors.CleanResults(results), nil
 }
--- a/pkg/detectors/privatekey/privatekey.go
+++ b/pkg/detectors/privatekey/privatekey.go
@ -9,10 +9,9 @@ import (
 	"time"
 	log "github.com/sirupsen/logrus"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct {
@ -62,14 +61,14 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) ([]dete
 		if verify {
 			data, err := lookupFingerprint(fingerprint, s.IncludeExpired)
-			if err != nil {
+			if err == nil {
 				log.Warn(err)
 				return nil, err
 			}
 				secret.StructuredData = data
 				if data != nil {
 					secret.Verified = true
 				}
 			} else {
 				log.Warn(err)
 			}
 		}
 		results = append(results, secret)
--- a/pkg/detectors/rechargepayments/rechargepayments.go
+++ b/pkg/detectors/rechargepayments/rechargepayments.go
@ -54,25 +54,22 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 				req.Header.Add("Content-Type", "application/json")
 				req.Header.Add("X-Recharge-Access-Token", token)
 				res, err := client.Do(req)
-				if err != nil {
+				if err == nil {
-					return results, err
+					res.Body.Close() // The request body is unused.
 				}
 				defer res.Body.Close()
 					if res.StatusCode == http.StatusOK {
 						s.Verified = true
 					}
 				}
 			if !s.Verified {
 				if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 					continue
 			}
 			if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 			}
 			results = append(results, s)
 		}
 	}
-	return
+	return detectors.CleanResults(results), nil
 }
--- a/pkg/detectors/sendgrid/sendgrid.go
+++ b/pkg/detectors/sendgrid/sendgrid.go
@ -60,10 +60,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", res))
 			req.Header.Add("Content-Type", "application/json")
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				return results, err
+				res.Body.Close() // The request body is unused.
 			}
 			defer res.Body.Close()
 				// 200 means good key and has `templates` scope
 				// 403 means good key but not the right scope
@ -72,11 +70,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					s.Verified = true
 				}
 			}
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, s)
--- a/pkg/detectors/square/square.go
+++ b/pkg/detectors/square/square.go
@ -67,10 +67,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			// unclear if this version needs to be set or matters, seems to work without, but docs want it
 			//req.Header.Add("Square-Version", "2020-08-12")
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				return results, err
+				res.Body.Close() // The request body is unused.
 			}
 			defer res.Body.Close()
 				// 200 means good key and has `merchants` scope - default allowed by square
 				// 401 is bad key
@ -78,11 +76,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					s.Verified = true
 				}
 			}
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, s)
--- a/pkg/detectors/squareapp/squareapp.go
+++ b/pkg/detectors/squareapp/squareapp.go
@ -9,10 +9,9 @@ import (
 	"regexp"
 	"strings"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -75,21 +74,18 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 				// unclear if this version needs to be set or matters, seems to work without, but docs want it
 				//req.Header.Add("Square-Version", "2020-08-12")
 				res, err := client.Do(req)
-				if err != nil {
+				if err == nil {
-					return results, err
+					res.Body.Close() // The request body is unused.
 				}
 				defer res.Body.Close()
-				// 404 = Correct crentials. The fake access token should not be found
+					// 404 = Correct credentials. The fake access token should not be found.
 					if res.StatusCode == http.StatusNotFound {
 						s.Verified = true
 					}
 				}
 			if !s.Verified {
 				if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 					continue
 			}
 			if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 			}
 			results = append(results, s)
--- a/pkg/detectors/stripe/stripe.go
+++ b/pkg/detectors/stripe/stripe.go
@ -6,10 +6,9 @@ import (
 	"net/http"
 	"regexp"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -56,20 +55,17 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", match))
 			req.Header.Add("Content-Type", "application/json")
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
-				return results, err
+				res.Body.Close() // The request body is unused.
 			}
 			defer res.Body.Close()
 				if res.StatusCode == http.StatusOK || res.StatusCode == http.StatusForbidden {
 					s.Verified = true
 				}
 			}
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		results = append(results, s)
--- a/pkg/detectors/twilio/twilio.go
+++ b/pkg/detectors/twilio/twilio.go
@ -7,10 +7,9 @@ import (
 	"regexp"
 	"strings"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct{}
@ -69,20 +68,18 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 				req.Header.Add("Accept", "*/*")
 				req.SetBasicAuth(sid, key)
 				res, err := client.Do(req)
-				if err != nil {
+				if err == nil {
-					break
+					res.Body.Close() // The request body is unused.
-				}
+
 				defer res.Body.Close()
 					if res.StatusCode >= 200 && res.StatusCode < 300 {
 						s.Verified = true
 					}
 				}
 			}
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 				continue
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, true) {
 			continue
 		}
 		if len(keyMatches) > 0 {
--- a/pkg/detectors/uri/uri.go
+++ b/pkg/detectors/uri/uri.go
@ -4,16 +4,15 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/url"
 	"regexp"
 	"strings"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
 	"github.com/trufflesecurity/trufflehog/v3/pkg/common"
 )
 type Scanner struct {
@ -109,34 +108,25 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			}
 			req.Header.Add("Content-Type", "application/json")
 			res, err := client.Do(req)
-			if err != nil {
+			if err == nil {
 				// log.WithError(err).Warn("Error in http post to SSRF proxy")
 				continue
 			}
 			defer res.Body.Close()
 				result := proxyRes{}
-			body, err := ioutil.ReadAll(res.Body)
+				body, err := io.ReadAll(res.Body)
-			if len(body) == 0 || err != nil {
+				res.Body.Close()
-				continue
+				if len(body) != 0 && err == nil {
 			}
 					err = json.Unmarshal(body, &result)
-			if err != nil {
+					if err == nil && result.Verified {
 				// log.WithField("body", string(body)).WithError(err).Debug("Error decoding SSRF proxy response")
 				continue
 			}
 			if result.Verified {
 						s.Verified = true
 					}
 				}
 		if !s.Verified {
 			if detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, false) {
 				continue
 			}
 		}
 		if !s.Verified && detectors.IsKnownFalsePositive(string(s.Raw), detectors.DefaultFalsePositives, false) {
 			continue
 		}
 		results = append(results, s)
 	}
-	return
+	return detectors.CleanResults(results), nil
 }
--- a/pkg/detectors/webex/webex.go
+++ b/pkg/detectors/webex/webex.go
@ -2,10 +2,8 @@ package webex
 import (
 	"context"
 	// "fmt"
 	// "log"
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"regexp"
 	"strings"
@ -21,8 +19,6 @@ type Scanner struct{}
 var _ detectors.Detector = (*Scanner)(nil)
 var (
 	client = common.SaneHttpClient()
 	keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"webex"}) + `\b([A-Za-z0-9_-]{64})\b`)
 	idPat  = regexp.MustCompile(detectors.PrefixRegex([]string{"webex"}) + `\b([A-Za-z0-9_-]{65})\b`)
 )
@ -64,39 +60,32 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 					continue
 				}
 				req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
 				client := common.SaneHttpClient()
 				res, err := client.Do(req)
-				if err != nil {
+				if err == nil {
-					continue
+					body, err := io.ReadAll(res.Body)
-				}
+					res.Body.Close()
-
+					if err == nil {
 				defer res.Body.Close()
 				body, err := ioutil.ReadAll(res.Body)
 				if err != nil {
 					continue
 				}
 						var message struct {
 							Message string `json:"message"`
 						}
-				if err := json.Unmarshal(body, &message); err != nil {
+						if err := json.Unmarshal(body, &message); err == nil {
 					continue
 				}
 							var getError = regexp.MustCompile(detectors.PrefixRegex([]string{"error"}) + `(redirect_uri_mismatch)`)
 							result := getError.FindAllStringSubmatch(message.Message, -1)
 							if len(result) > 0 {
 								s1.Verified = true
-				} else {
+							}
-					if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
+						}
-						continue
+					}
 				}
 			}
 			if !s1.Verified && detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
 				continue
 			}
 			results = append(results, s1)
 		}
 	}
 	return detectors.CleanResults(results), nil