Commit graph

20 commits

Author SHA1 Message Date
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
11394ea318
[thog-1548] add auto redaction for verification errors (#2106)
* Updating VerificationError to have auto redaction logic
* find/replace error
2023-12-05 08:57:52 -05:00
Dustin Decker
9e88cdf625
add extra data to github detector (#1909)
* add extra data to github detector

* Add verification error
2023-11-20 13:55:16 -08:00
Dylan Ayrey
b3555f5419
Adding Howtorotate Guides to TruffleHog (#1839)
* adding how to rotate guides

* Adding project ID to metadata

* update key name, remove comments, and ensure always present

---------

Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-10-02 13:45:17 -07:00
ahrav
a5fbc54312
[chore] - update benchmarks. (#1641)
* update benchmarks.

* remove dupe timer reset.
2023-08-23 14:34:10 -07:00
Miccah
b1675194ca
Implement EndpointCustomizer (#1291)
* Implement EndpointCustomizer

Add the EndpointCustomizer interface and EndpointSetter convenience struct,
implement EndpointCustomizer for github and gitlab detectors, and add
parsing, verification, and applying user-supplied configuration.

* Check error from SetEndpoints

* Rename variable for clarity
2023-04-27 12:23:50 -05:00
ahrav
f107e1b497
Use defautl endpoints when no custom verifier provided. (#1242) 2023-04-06 08:35:01 -07:00
ahrav
0052f60090
Allow for custom verifier (#1070)
* allow for custom verifier.

* Update engine.

* use custom detectors.

* set cap.

* Update verifiers.

* Remove nil check.

* resolved nit

* handle uppercase values

* updating missing url logs

* adding more descriptive variable names

* updating logs to use correct variables

* Removing toLower for urls

* if else nits

* Adding versioning for github and gitlab

---------

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
Co-authored-by: ah̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
2023-03-29 12:26:39 -07:00
Miccah
e6846ede54
Support filtering detectors by version (#1150)
* Adjust types to use DetectorID struct

* Parse versions with detector include and exclude input

* Update detectors filter to use version

Co-authored-by: steeeve <steve@trufflesec.com>

* Implement Versioner for github, gitlab, and npm detectors

Co-authored-by: steeeve <steve@trufflesec.com>

---------

Co-authored-by: steeeve <steve@trufflesec.com>
2023-03-02 16:33:56 -06:00
trufflesteeeve
114f4b6989
Add Type() to detector interface (#1088)
* Add Type() to detector interface

The goal here is to allow the detector type information to be used
without the need for reflection. This could possibly allow us to more
easily inject information into detectors or filter them out if
necessary.

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>

* remove test detector

---------

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2023-02-09 14:46:03 -08:00
Dustin Decker
dac40519e4
support github fine grained tokens and add extra data (#868)
* support github fine grained tokens and add extra data

* fix shadowed var
2022-10-26 08:13:02 -07:00
Miccah
c4ca7d7c8b
Mark detector tests with a build flag (#613) 2022-07-07 10:27:21 -07:00
ahrav
198cb1a786
Clean up comments. (#562) 2022-05-16 09:03:10 -07:00
Dustin Decker
1735892c49
fix github detector (#472) 2022-04-22 08:51:38 -07:00
trufflesteeeve
b5743277a3
Detectors that fail verification should still report the unverified secret (#440)
* Detectors that fail verification should still report the unverified secret

* fixup - change microsoft webhook keywords, filter false positives for old github detector

* fixup - fix typo
2022-04-21 15:32:26 -07:00
Dustin Decker
99372694ca check request errors 2022-03-23 16:42:34 -07:00
Dustin Decker
c80bd5e905 Fix linting and dogfood in CI 2022-03-04 08:39:23 -08:00
Dustin Decker
86c2eb507b Adding detectors (#46)
* rename secret

* Add supporting docs and tooling for adding new detectors
2022-03-04 08:39:22 -08:00
Dustin Decker
77418fb3f8 module v3 2022-02-15 18:54:47 -08:00
Dustin Decker
ee90ab344f Use sane http client instead of retryable 2022-02-15 18:54:47 -08:00
Dustin Decker
5596025b0b more detectors 2022-02-15 18:46:28 -08:00