Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 15:14:38 +00:00
Code Issues Projects Releases Packages Wiki Activity
2714 commits 139 branches 257 tags 147 MiB
Commit graph

1635 commits

Author SHA1 Message Date
faktas2
76fcdae3a0
Add the new MaxMind license key format (#2181) 
* Add the new MaxMind license key format

* feedback

* reorg rules

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-26 11:49:47 -08:00
Dustin Decker
3a6cfd9d97
Prevent print or logging in detectors (#2341) 
* Prevent print or logging in detectors

* mount repo

* update job name
 2024-01-26 11:39:41 -08:00
ahrav
41cfec4e1c
make sure to close connections after testing (#2343) 2024-01-26 09:24:06 -08:00
Dustin Decker
f078df43eb
Fix test (#2339) 2024-01-25 23:15:37 -08:00
Zubair Khan
76057618ba
add tri-state verification to yelp (#1736) 
* init yelp tri state

* fix detector and test

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-25 22:28:16 -08:00
Richard Gomez
c6f73a7d10
Update DockerHub detector logic (#2266) 
* feat(dockerhub): update logic

* updates

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-25 22:02:36 -08:00
Richard Gomez
d4a0645c29
Add Google oauth2 token detector (#2274) 
* feat(google): add oauth2 token detector

* update pr

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-25 21:32:03 -08:00
joeleonjr
792266afa9
updating doppler logic (#2329) 
* updating doppler logic

* added json response struct
 2024-01-24 12:20:33 -05:00
roxanne-tampus
47c6539a41
added azuredevopspersonalaccesstoken detector (#2315) 
* added azuredevopspersonalaccesstoken detector

* fix comment

* update raw field to include all parts of the credential

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-23 20:46:51 -08:00
ahrav
e44802a31d
[feat] - Replace regexp pkg w/ go-re2 in detectors (#2324) 
* update detectors to use go-re regex library replacement

* update go mod and sum

* add tests with invalid utf-8

* revert
 2024-01-23 13:16:22 -08:00
Cody Rose
e0a1b11a8e
Narrow Postgres detector to only look for URIs (#2314) 2024-01-23 14:42:31 -05:00
joeleonjr
443ef98e41
updating detector logic for zenscrape (#2316) 
* updating detector logic for zenscrape

* updating to use status endpoint
 2024-01-22 16:57:51 -05:00
ahrav
b0fd951652
[chore] - Add regex and keyword for api_org tokens (#2240) 
* Add regex and keyword for api_org tokens.

* handle org token auth struct

* update keywords
 2024-01-16 15:25:26 -08:00
dylanTruffle
3b4518cbab
adding postgres detector (#2108) 
* adding postgres detector

---------

Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
 2024-01-10 16:19:45 -05:00
Richard Gomez
04bf244f38
fix(signable): ignore common false positives (#2230) 2024-01-09 17:53:25 -08:00
Richard Gomez
38f36475de
fix(parseur): ignore false positives (#2229) 2024-01-09 17:50:30 -08:00
Shivasurya
e5289ac8e4
Updated trufflehog sourcegraph secret format (#2254) 2024-01-06 08:48:41 -08:00
NIKHIL PANWAR
7365dba9c9
Update stripe detector regex (#2261) 2024-01-06 08:43:39 -08:00
Dustin Decker
6b90a96ca0
Add missing import (#2246) 2023-12-19 16:40:31 -08:00
Richard Gomez
69d5e0c993
fix(snowflake): avoid extraneous attempts (#2057) 
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2023-12-19 16:04:08 -08:00
Richard Gomez
97afd570ae
feat(github): update extradata (#2219) 2023-12-19 16:01:07 -08:00
Richard Gomez
eeb4dbd304
feat(shortcut): use tri-state verification (#2211) 2023-12-17 15:47:14 -08:00
Richard Gomez
ded8e459bd
feat(huggingface): enhance extradata (#2222) 2023-12-17 14:29:45 -08:00
Richard Gomez
69a70a3374
fix(myfreshworks): check for valid JSON (#2212) 2023-12-17 10:26:38 -08:00
Richard Gomez
06b137fd93
fix(gitlab): check for valid JSON (#2218) 2023-12-14 11:22:06 -08:00
Miccah
4db20e29f8
Update metabase verification to check for a valid JSON response (#2210) 
* Update metabase verification to check for a valid JSON response

* added test tokens + cleanup

---------

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
 2023-12-13 12:18:56 -08:00
Miccah
84b7461796
[chore] Remove unnecessary string conversion in tefter detector (#2209) 2023-12-13 11:39:16 -08:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
6987507534
fix and refactor browserstack detector (#2208) 
* fix and refactor browserstack detector
 2023-12-12 16:14:31 -05:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
5e3ea1a8f2
Fix azurestorage detector (#2207) 
* bugfix + cleanup - update azurestorage detector raw string to use key instead of id
 2023-12-12 16:07:09 -05:00
Cody Rose
405f356071
Use bad json in slackwebhooks (#2193) 
* add rotation guides to SlackWebhook tests

* begin cleaning up tests

* have slack webhook detector use malformed json

* update test secrets

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
 2023-12-11 15:04:55 -08:00
Richard Gomez
6c5fc2f212
feat(privatekey): run checks concurrently (#2139) 2023-12-10 10:11:17 -08:00
ahrav
f772fd8b44
update regex (#2184) 2023-12-06 17:04:38 -08:00
Dustin Decker
3167dde8a1
Deprecate some detectors (#2186) 2023-12-06 16:57:55 -08:00
ahrav
c6e9b8ff64
use https for verification endpoints (#2185) 2023-12-06 16:06:04 -08:00
dylanTruffle
96aa50d119
fixing how to rotate URL (#2183) 2023-12-06 11:59:21 -08:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
11394ea318
[thog-1548] add auto redaction for verification errors (#2106) 
* Updating VerificationError to have auto redaction logic
* find/replace error
 2023-12-05 08:57:52 -05:00
ahrav
c34efc3cf9
make empty slice delcration consistent (#2144) 2023-12-01 11:03:44 -08:00
ahrav
279f915799
[chore] - fix error comparisons (#2142) 
* fix error comparisons

* fix imports
 2023-12-01 08:32:41 -08:00
ahrav
52ffab1034
[chore] - fix import name clashes (#2143) 
* fix import name clashes

* fix missing var
 2023-12-01 06:53:15 -08:00
Dustin Decker
a367f9ce34
Fix azure panic when invalid URL is constructed (#2137) 2023-11-30 11:33:04 -08:00
Zachary Rice
d552222385
add extradata nil check and use make (#2129) 
* add extradata nil check and use make

* remove some lines
 2023-11-28 09:45:37 -06:00
Richard Gomez
62c628fb52
feat(telegram): add username to extradata (#2100) 2023-11-20 14:00:09 -08:00
Dustin Decker
9e88cdf625
add extra data to github detector (#1909) 
* add extra data to github detector

* Add verification error
 2023-11-20 13:55:16 -08:00
Zachary Rice
d69de658b2
fix nil map assignment (#2117) 2023-11-20 11:13:09 -06:00
joeleonjr
b2042e4e03
extract AWS account number from ID without verification (#2091) 
* added GetAccountNumFromAWSID function

* refacted aws func, moved to common
 2023-11-16 11:45:47 -05:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
737d6b764d
Adding Sumo Logic how to rotate (#2103) 2023-11-09 12:48:08 -05:00
Damanpreet Singh
d066a3fa78
Detector-Competition-Feat: Added Replicate API token detector (#2021) 
* Detector-Competition-Feat: Added Replicate API token detector

* fix fullstory

---------

Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-11-07 12:16:39 -06:00
Damanpreet Singh
bcde7856c3
Detector-Competition-Feat: Added Ngrok API token detector (#2024) 
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-11-07 09:28:05 -06:00
Ankush Goel
1b93c0545c
Competition-Detector-New:added v2 version for fullstory (#2067) 
* added v2 version for fullstory

* added versioner to the v1 fullstory detector
 2023-11-07 08:55:06 -06:00
Miccah
8e3f6e98dc
Add support for user:pass@host to postgres JDBC detector (#2089) 
* Add support for user:pass@host to postgres JDBC detector

* Remove ineffectual assignment
 2023-11-06 17:17:37 -08:00