Commit graph

219 commits

Author SHA1 Message Date
ahmed
2744a5ffc9 Merge branch 'main' into add-flexport-detector 2024-08-30 14:55:51 -04:00
Shreyas Sriram
15faaba61c
Add Robinhood Crypto detector (#3254)
* Add Robinhood Crypto detector

* Address comment - use single keyword
2024-08-29 14:05:52 -07:00
ahmed
71c3ada9c7 Added Flexport Detector
Co-authored-by: Nash <163340682+LaraCroftDev@users.noreply.github.com>
2024-08-29 11:38:10 -04:00
joeleonjr
7d606e2480
CFOR Commit Scanner (#3145)
* alpha feature for scanning hidden commits on github

* improvements re: git operations

* lint updates

* updating with exec block due to no gh token

* reworked logic into new source

* fixed collisions threshold flag input

* fixed IOutil issues

* removed additions from GH config

---------

Co-authored-by: Joe Leon <joe.leon@trufflesec.com>
2024-08-01 23:04:20 -04:00
0x1
b4b4ebaa03
nitro detector was removed and needed to be deprecated (#3102) 2024-07-31 07:07:35 -07:00
trufflesteeeve
c01428d107
Remove onwater detector (#3088) 2024-07-22 17:00:32 -04:00
Abdul Basit
5b64e1e5a1
implemented a netsuite detector (#3068)
* implemented a netsuite detector

* implemented the netsuite detector with modified test.

* clean up go.sum by running `go mod tidy`

* implemented a netsuite detector

* implemented the netsuite detector with modified test.

* clean up go.sum by running `go mod tidy`

* Incorporated suggestion by Ahrav
	- optimized nonce generation logic.
	- use string builder as compare to concatenation.

* fix go.sum

* fix import

* fix

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-07-22 12:37:18 -07:00
dylanTruffle
47535830c4
Elevenlabs detector (#3023)
* adding v1 eleven labs

* updating elevenlabs to support old and new version

* fixing status codes

* lint fixes

* adding test for v2

* adding test for v1

* return err

---------

Co-authored-by: Dylan Ayrey <dylan@Dylans-MacBook-Pro.local>
Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
2024-07-03 10:53:20 -04:00
joeleonjr
01a1499600
New Source: HuggingFace (#3000)
* initial spike on hf

* added in user and org enum

* adding huggingface source

* updated with lint suggestions

* updated readme

* addressing resources that require org approval to access

* removing unneeded code

* updating with new error msg for 403

* deleted unused code + added resource check in main
2024-06-27 13:22:06 -04:00
Shreyas Sriram
e9206c66bb
Add endorlabs detector (#3015)
* Add endorlabs detector

* Remove unrelated changes

* Addrss comments

* remove prefix regex

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-06-26 21:28:19 -07:00
Abdul Basit
dddeca5224
Adding Larksuite Detectors + Tests (#3008)
* implemented larksuite detectores for tokens and api keys.
test implemented for larksuite token based detectors.

* implemented test for larksuiteapikey detector

* load credentials from GCP secret manager for larksuite api keys
2024-06-24 11:05:56 -05:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
7bf3a9b5e2
adding eraser ai detector (#2961)
* adding eraser ai detector

* add eraser to defaults
2024-06-14 10:10:37 -04:00
Abdul Basit
cb4d332cbf
adding twitter + Consumer key detector (#2963)
* updated the twitter regex.

* updated regex for bearer token.

* clean up the code for existing twitter detector
added and Implemented new detector for twitter consumer key & secrets with test.
proto generated.

* string updated.

* written test for twitter consumer key detector

* reverted the file to avoid conflicts

* corrected the regex library in twitter detector
2024-06-13 09:32:24 -04:00
Dustin Decker
ef410873f2
Add Jenkins scanning (#2892)
* add jenkins

* whoops

* adding unauthenticated jenkins scanning

* update docs

---------

Co-authored-by: Joe Leon <joe.leon@trufflesec.com>
2024-06-04 07:13:14 -04:00
Charlie Gunyon
311494e86e
Elastic adapter (#2727)
* Add stub source and elastic API funcs

* Spawn workers and ship chunks

* Now successfully detects a credential

- Added tests
- Added some documentation comments
- Threaded the passed context through to all the API requests

* Linting fixes

* Add integration tests and resolve some bugs they uncovered

* Logstash -> Elasticsearch

* Add support for --index-pattern

* Add support for --query-json

* Use structs instead of string building to construct a search body

* Support --since-timestamp

* Implement additional authentication methods

* Fix some small bugs

* Refactoring to support --best-effort-scan

* Finish implementation of --best-effort-scan

* Implement scan catch-up

* Finish connecting support for nodes CLI arg

* Add some integration tests around the catchup mechanism

* go mod tidy

* Fix some linting issues

* Remove some debugging Prints

* Move off of _doc

* Remove informational Printf and add informational logging

* Remove debugging logging

* Copy the index from the outer loop as well

* Don't burn up the ES API with rapid requests if there's no work to do in subsequent scans

* No need to export UnitOfWork.AddSearch

* Use a better name for the range query variable when building the timestamp range clause in searches

* Replace some unlocking defers with explicit unlocks to make the synchronized part of the code clearer

* found -> ok

* Remove superfluous buildElasticClient method

---------

Co-authored-by: Charlie Gunyon <charlie@spectral.energy>
2024-05-24 09:38:20 -05:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
b9ea2f5d4e
adding Groq detector (#2873)
* adding Groq detector

* using prefix as keyword
2024-05-22 15:46:14 -04:00
Abdul Basit
15c6333987
deprecated Integromat detector becuase they are gone. (#2856)
remove the package as well.
2024-05-16 08:29:36 -07:00
Alexandre GUIOT--VALENTIN
0d8c3335ed
Add "Intra42" detector (#2835)
* Add basic intra42 detector (lacks verification)

* Improve keywords/prefixes for intra42 detector

* Un-lint pkg/pb/detectorspb/detectors.pb.go to avoid bloating PR

* Add client_id match and secret verification

* Improve PrefixRegex

* Add missing entry in DetectorType_name in detectors.pb.go

* Add Intra42 to proto/detectors.proto

* Remove PrefixRegex

* Keep only identifiers as keywords

* Factorize regex (a-f0-9)
2024-05-14 11:33:54 -07:00
Dustin Decker
288003519a
Add webhook source protos (#2789)
* add webhook source protos

* update protos

* update proto

* update protos
2024-05-06 19:43:10 -04:00
Cody Rose
af095c294c
Add false positive info to proto (#2729)
This PR adds false positive information to the Result protobuf message in anticipation of us tracking it as first-class secret metadata. We're not doing that yet (it's blocked behind #2643) but setting up the messages now means we'll be able to do it later with less of a code delta.
2024-04-23 16:18:45 -04:00
Ankush Goel
3fa86a1008
added onfleet api key detector (#2375)
* added onfleet detector

* use organization get endpoint

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-04-21 10:06:51 -07:00
Luska
e5575cd6f2
Adding Pagarme API key detection (#2665)
* Adding support to Pagarme API key detection

* adding scanner

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-04-10 17:57:25 -07:00
Shreyas Sriram
08b6f90c81
Add Wiz detector (#2691)
* Implement wiz detector

* Fix tests

* Update false positive logic
2024-04-10 08:19:36 -07:00
kenzht
0d3023fe74
add GCP application default credentials detector (#2530)
* add GCP application default credentials detector

* add a comment

* update Keywords to better match the key

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-04-01 11:27:40 -07:00
Shreyas Sriram
31ad1eed30
Add JupiterOne detector (#2446)
* Add JupiterOne bootstrap

* Implement verification logic

* Cleanup

* Fix verificationError

* Undo unnecessary changes

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-03-29 19:14:04 -07:00
Zachary Rice
b11ce72338
Postman Source (#2579)
postman source

Co-authored-by: Miccah <m.castorina93@gmail.com>

---------

Co-authored-by: Joe Leon <joe.leon@trufflesec.com>
Co-authored-by: Miccah Castorina <m.castorina93@gmail.com>
2024-03-20 11:36:20 -05:00
Cody Rose
28ed81f0a2
Add naive S3 ignorelist (#2536)
This PR adds the ability to exclude buckets from S3 scans. The capability is pretty rudimentary right now, and does not support globbing. If both lists are specified the source to fail to initialize.
2024-03-05 08:01:20 -05:00
Richard Gomez
cbc0f0f48e
Create basic escaped unicode decoder (#2456)
* feat(decoders): basic escaped unicode

* wip: handle unicode notation
Experimenting with this.. might remove
2024-03-02 11:27:44 -08:00
Dustin Decker
8a825fde52
Clean up some detectors (#2501) 2024-02-23 15:04:02 -08:00
ahrav
5568b2e0a6
update gitlab proto (#2469)
* update gitlab proto

* update protos
2024-02-15 10:23:41 -08:00
Dustin Decker
a9817a3292
Remove some noisy / less useful detectors (#2467) 2024-02-14 15:27:03 -08:00
Dustin Decker
a00ffe9522
Allow multiple domains for Forager (#2400) 2024-02-08 07:08:30 -08:00
Mike Vanbuskirk
f6546ffaf5
Add s3 credential validation (#2362)
* add string non-empty validation to AWS creds

* clean up import spacing

* syntax fixup

* change to non-empty validation only

* convert to lower snake_case

- https://protobuf.dev/programming-guides/style/#message-field-names
2024-02-02 12:49:46 -05:00
Richard Gomez
8e90c4e669
Scan GitHub wikis #2233 2024-01-31 10:52:24 -05:00
Marlon
91d6496a76
added flyio protos (#2357)
* added flyio protos

* added builtwith proto

---------

Co-authored-by: root <root@ubuntutruffle.myguest.virtualbox.org>
2024-01-31 07:02:06 -08:00
roxanne-tampus
d6419a8ab2
added azure protos (#2304) 2024-01-15 06:59:47 -08:00
ahrav
651beff492
[feat] - Allow for the use of include/exclude path files for filesystem scans (#2297)
* Allow for the use of include/exclude path files for filesystem scans

* remove oopsie
2024-01-11 15:41:50 -08:00
dylanTruffle
3b4518cbab
adding postgres detector (#2108)
* adding postgres detector

---------

Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2024-01-10 16:19:45 -05:00
Dustin Decker
7d93adc1d0
Add skip archive support (#2257) 2023-12-22 11:55:23 -08:00
ahrav
f5d0f3f366
use snake_case for naming (#2238) 2023-12-20 06:57:00 -08:00
Miccah
88281bc354
[chore] Add skip_binaries field to AzureRepos proto message (#2232)
* [chore] Add skip_binaries field to AzureRepos proto message

* Make protos
2023-12-15 12:23:46 -08:00
ahrav
5c6ce693c1
[feat] - Make skipping binaries configurable (#2226)
* Make skipping binaries configurable

* remove ioutil

* fix

* address comments

* address comments

* use multi-reader

* remove print

* use const

* fix test

* fix my stupidness
2023-12-15 11:46:27 -08:00
Dustin Decker
3167dde8a1
Deprecate some detectors (#2186) 2023-12-06 16:57:55 -08:00
Dustin Decker
07dc123840
update forager types (#2159) 2023-12-03 13:16:16 -08:00
Dustin Decker
ede0c39589
Add new auth method to source (#2132) 2023-11-28 10:58:11 -08:00
ahrav
fd33198ad8
add proto fields for Git (#2104)
* add proto fields for git

* add uri to proto

* add comment
2023-11-16 13:52:38 -08:00
ahrav
76a0468580
update protos so we can use the git source for CI (#2102) 2023-11-08 09:07:29 -08:00
Damanpreet Singh
d066a3fa78
Detector-Competition-Feat: Added Replicate API token detector (#2021)
* Detector-Competition-Feat: Added Replicate API token detector

* fix fullstory

---------

Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-07 12:16:39 -06:00
Damanpreet Singh
bcde7856c3
Detector-Competition-Feat: Added Ngrok API token detector (#2024)
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-07 09:28:05 -06:00
Corben Leo
1094190ff5
Detector-Competition-Feat: Add Overloop detector (#2080)
* Detector-Competition-Feat: Add Overloop detector

* add protos and to defaults.go

---------

Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-06 16:43:31 -06:00