Abdul Basit
aa17b8eba4
[detector] Implemented Box Detector ( #3242 )
...
* Implemented a box detector with test cases.
* corrected comments
* remove generic keyword for box detector
remove PII details of user.
* Added Box Oauth detector
Implemented description for Box detectors.
Separated out test for Box detectors.
* removed user information from ExtraData.
---------
Co-authored-by: 0x1 <13666360+0x1@users.noreply.github.com>
2024-10-15 08:42:37 -05:00
Kyle Dodson
58485f3395
Add detector for SaladCloud API Keys ( #3273 )
2024-10-10 21:23:25 -07:00
Kashif Khan
ce5da505a7
Added Cisco Meraki API Key detector ( #3367 )
...
* Added cisco meraki apikey detector
* addressed the comments
* handled api response and saving orgs data in extra data
* fixed linter
---------
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2024-10-07 12:00:45 -05:00
Kashif Khan
eb40243984
RailwayApp Detector ( #3331 )
...
* Added RailwayApp detector
* Updated Keywords
2024-09-25 10:17:08 -05:00
dylanTruffle
d201e54305
adding pypi detector ( #3287 )
...
* adding pypi detector
* update test and use helper
---------
Co-authored-by: Dylan Ayrey <dxa4481@rit.edu>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-09-11 19:17:17 -07:00
Daniel Teixeira
f24f62832b
Add detector for Nvidia NGC Personal Keys ( #3280 )
...
* Add detector for Nvidia NGC Personal Keys
* Update nvapi.go to use `nvapi-` as the keyword
2024-09-10 08:36:33 -07:00
Shreyas Sriram
15faaba61c
Add Robinhood Crypto detector ( #3254 )
...
* Add Robinhood Crypto detector
* Address comment - use single keyword
2024-08-29 14:05:52 -07:00
0x1
b4b4ebaa03
nitro detector was removed and needed to be deprecated ( #3102 )
2024-07-31 07:07:35 -07:00
trufflesteeeve
c01428d107
Remove onwater detector ( #3088 )
2024-07-22 17:00:32 -04:00
Abdul Basit
5b64e1e5a1
implemented a netsuite detector ( #3068 )
...
* implemented a netsuite detector
* implemented the netsuite detector with modified test.
* clean up go.sum by running `go mod tidy`
* implemented a netsuite detector
* implemented the netsuite detector with modified test.
* clean up go.sum by running `go mod tidy`
* Incorporated suggestion by Ahrav
- optimized nonce generation logic.
- use string builder as compare to concatenation.
* fix go.sum
* fix import
* fix
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-07-22 12:37:18 -07:00
dylanTruffle
47535830c4
Elevenlabs detector ( #3023 )
...
* adding v1 eleven labs
* updating elevenlabs to support old and new version
* fixing status codes
* lint fixes
* adding test for v2
* adding test for v1
* return err
---------
Co-authored-by: Dylan Ayrey <dylan@Dylans-MacBook-Pro.local>
Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
2024-07-03 10:53:20 -04:00
Shreyas Sriram
e9206c66bb
Add endorlabs detector ( #3015 )
...
* Add endorlabs detector
* Remove unrelated changes
* Addrss comments
* remove prefix regex
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-06-26 21:28:19 -07:00
Abdul Basit
dddeca5224
Adding Larksuite Detectors + Tests ( #3008 )
...
* implemented larksuite detectores for tokens and api keys.
test implemented for larksuite token based detectors.
* implemented test for larksuiteapikey detector
* load credentials from GCP secret manager for larksuite api keys
2024-06-24 11:05:56 -05:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
7bf3a9b5e2
adding eraser ai detector ( #2961 )
...
* adding eraser ai detector
* add eraser to defaults
2024-06-14 10:10:37 -04:00
Abdul Basit
cb4d332cbf
adding twitter + Consumer key detector ( #2963 )
...
* updated the twitter regex.
* updated regex for bearer token.
* clean up the code for existing twitter detector
added and Implemented new detector for twitter consumer key & secrets with test.
proto generated.
* string updated.
* written test for twitter consumer key detector
* reverted the file to avoid conflicts
* corrected the regex library in twitter detector
2024-06-13 09:32:24 -04:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
b9ea2f5d4e
adding Groq detector ( #2873 )
...
* adding Groq detector
* using prefix as keyword
2024-05-22 15:46:14 -04:00
Abdul Basit
15c6333987
deprecated Integromat detector becuase they are gone. ( #2856 )
...
remove the package as well.
2024-05-16 08:29:36 -07:00
Alexandre GUIOT--VALENTIN
0d8c3335ed
Add "Intra42" detector ( #2835 )
...
* Add basic intra42 detector (lacks verification)
* Improve keywords/prefixes for intra42 detector
* Un-lint pkg/pb/detectorspb/detectors.pb.go to avoid bloating PR
* Add client_id match and secret verification
* Improve PrefixRegex
* Add missing entry in DetectorType_name in detectors.pb.go
* Add Intra42 to proto/detectors.proto
* Remove PrefixRegex
* Keep only identifiers as keywords
* Factorize regex (a-f0-9)
2024-05-14 11:33:54 -07:00
Cody Rose
af095c294c
Add false positive info to proto ( #2729 )
...
This PR adds false positive information to the Result protobuf message in anticipation of us tracking it as first-class secret metadata. We're not doing that yet (it's blocked behind #2643 ) but setting up the messages now means we'll be able to do it later with less of a code delta.
2024-04-23 16:18:45 -04:00
Ankush Goel
3fa86a1008
added onfleet api key detector ( #2375 )
...
* added onfleet detector
* use organization get endpoint
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-04-21 10:06:51 -07:00
Luska
e5575cd6f2
Adding Pagarme API key detection ( #2665 )
...
* Adding support to Pagarme API key detection
* adding scanner
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-04-10 17:57:25 -07:00
Shreyas Sriram
08b6f90c81
Add Wiz detector ( #2691 )
...
* Implement wiz detector
* Fix tests
* Update false positive logic
2024-04-10 08:19:36 -07:00
kenzht
0d3023fe74
add GCP application default credentials detector ( #2530 )
...
* add GCP application default credentials detector
* add a comment
* update Keywords to better match the key
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-04-01 11:27:40 -07:00
Shreyas Sriram
31ad1eed30
Add JupiterOne detector ( #2446 )
...
* Add JupiterOne bootstrap
* Implement verification logic
* Cleanup
* Fix verificationError
* Undo unnecessary changes
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2024-03-29 19:14:04 -07:00
Richard Gomez
cbc0f0f48e
Create basic escaped unicode decoder ( #2456 )
...
* feat(decoders): basic escaped unicode
* wip: handle unicode notation
Experimenting with this.. might remove
2024-03-02 11:27:44 -08:00
Dustin Decker
8a825fde52
Clean up some detectors ( #2501 )
2024-02-23 15:04:02 -08:00
Dustin Decker
a9817a3292
Remove some noisy / less useful detectors ( #2467 )
2024-02-14 15:27:03 -08:00
Marlon
91d6496a76
added flyio protos ( #2357 )
...
* added flyio protos
* added builtwith proto
---------
Co-authored-by: root <root@ubuntutruffle.myguest.virtualbox.org>
2024-01-31 07:02:06 -08:00
roxanne-tampus
d6419a8ab2
added azure protos ( #2304 )
2024-01-15 06:59:47 -08:00
dylanTruffle
3b4518cbab
adding postgres detector ( #2108 )
...
* adding postgres detector
---------
Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2024-01-10 16:19:45 -05:00
Dustin Decker
3167dde8a1
Deprecate some detectors ( #2186 )
2023-12-06 16:57:55 -08:00
Damanpreet Singh
d066a3fa78
Detector-Competition-Feat: Added Replicate API token detector ( #2021 )
...
* Detector-Competition-Feat: Added Replicate API token detector
* fix fullstory
---------
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-07 12:16:39 -06:00
Damanpreet Singh
bcde7856c3
Detector-Competition-Feat: Added Ngrok API token detector ( #2024 )
...
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-07 09:28:05 -06:00
Corben Leo
1094190ff5
Detector-Competition-Feat: Add Overloop detector ( #2080 )
...
* Detector-Competition-Feat: Add Overloop detector
* add protos and to defaults.go
---------
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-06 16:43:31 -06:00
Damanpreet Singh
da59b72735
Detector-Competition-Feat: Added Request.Finance API token detector ( #2020 )
...
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-06 16:13:33 -06:00
Ankush Goel
703e158648
Detector-Competition-New : created grafana service account detector ( #1960 )
...
* created grafana service account detector
* add import
---------
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-06 15:41:37 -06:00
Ankush Goel
aabfec4cdf
Competition-Detector-New: added eventbrite detector ( #2072 )
...
* added eventbrite detector
* added packagename to defaults.go
---------
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-03 16:42:13 -05:00
Ankush Goel
1371512ff3
logz.io detector ( #2076 )
...
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-03 16:32:35 -05:00
Ankush Goel
06b5fc25ef
Coda Detector ( #2075 )
...
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-03 15:50:05 -05:00
dylanTruffle
0b90265802
pulling short lived AWS keys into their own thing, fixes #1224 ( #2088 )
...
* pulling short lived AWS keys into their own thing, fixes #1224
* Update awssessionkey.go
* fmt
---------
Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-03 11:58:49 -05:00
Corben Leo
3b9ecaa704
Detector-Competition-Fix: Fix ScraperSite (deprecated) ( #2074 )
...
Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
2023-11-03 11:15:53 -04:00
Corben Leo
41e9cc59e2
Detector-Competition-Fix: Fix PassBase (acquired, deprecated) ( #2079 )
2023-11-03 08:59:32 -05:00
Corben Leo
9e52e3e86f
Detector-Competition-Fix: Fix/Deprecate Prospect.io ( #2081 )
...
* Detector-Competition-Feat: Fix/Deprecate Prospect.io
* Detector-Competition-Fix: fix defaults.go
2023-11-03 07:04:42 -05:00
Corben Leo
b5cc6c196c
Detector-Competition-Fix: Fix FakeJSON (deprecated) ( #2073 )
2023-11-02 15:43:49 -05:00
dylanTruffle
4106ce7bf0
Detector-Competition-Feat: Adding Azure Container Registry Password Detector ( #1958 )
...
* implementing azure container registry password detector
* Fixing boundry feedback
* whoops
* update verification code
* fix regex
---------
Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-02 11:17:01 -05:00
Corben Leo
07f6c84aa4
Detector-Competition-Fix: Fix SentimentInvestor (deprecated) ( #2078 )
2023-11-01 11:54:40 -05:00
dylanTruffle
8bac2b15ba
Detector-Competition-Feat: Adding Azure Batch keys ( #1956 )
...
* adding azure batch
* fmt
* fix lint
---------
Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-10-31 10:49:04 -05:00
Damanpreet Singh
7a9332152a
Detector-Competition-Feat: Added Reply.io API token detector ( #2019 )
...
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-29 17:57:36 -07:00
Damanpreet Singh
0068ec54f2
Detector-Competition-Feat: Added Stripo API token detector ( #2018 )
...
* Detector-Competition-Feat: Added Stripo API token detector
* adjust regex
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-29 17:26:14 -07:00
Richard Gomez
0427985ebe
feat: deno deploy detector ( #2040 )
...
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-29 16:58:00 -07:00