trufflehog

mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-20 14:42:03 +00:00

Author	SHA1	Message	Date
Cody Rose	e0a1b11a8e	Narrow Postgres detector to only look for URIs (#2314 )	2024-01-23 14:42:31 -05:00
Dustin Decker	2596331bca	Disable recently added postgres detector because it it too sensitive (#2303 )	2024-01-13 19:52:57 -08:00
ahrav	651beff492	[feat] - Allow for the use of include/exclude path files for filesystem scans (#2297 ) * Allow for the use of include/exclude path files for filesystem scans * remove oopsie	2024-01-11 15:41:50 -08:00
dylanTruffle	3b4518cbab	adding postgres detector (#2108 ) * adding postgres detector --------- Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2024-01-10 16:19:45 -05:00
Miccah	5e78ad402e	[chore] Add test to check all versioned detectors are non-zero (#2272 )	2024-01-05 12:06:59 -08:00
ahrav	39f0310f1f	[fixup] - Refactor to Pass Reader for Binary Diffs and Archived Data; Optimize /tmp Directory Cleanup (#2253 )	2023-12-22 07:41:54 -08:00
ahrav	5c6ce693c1	[feat] - Make skipping binaries configurable (#2226 ) * Make skipping binaries configurable * remove ioutil * fix * address comments * address comments * use multi-reader * remove print * use const * fix test * fix my stupidness	2023-12-15 11:46:27 -08:00
Dustin Decker	3167dde8a1	Deprecate some detectors (#2186 )	2023-12-06 16:57:55 -08:00
ahrav	cb81f7d11a	[feat] - Remove go-git dependency (#2174 ) * remove use of go-git for binary files * fix it * use limit reader * fix comment * fix test * address comments * address comments * address comments	2023-12-06 13:38:01 -08:00
ahrav	52ffab1034	[chore] - fix import name clashes (#2143 ) * fix import name clashes * fix missing var	2023-12-01 06:53:15 -08:00
Miccah	7ecd43ab1e	[chore] Minor cleanup of source_manager.go (#2134 )	2023-11-29 11:08:25 -08:00
Dustin Decker	a7d330a2a5	import missing detectors (#2119 )	2023-11-21 10:30:11 -08:00
ahrav	d334b3075e	move all Git setup into Init method (#2105 ) * add proto fields for git * add uri to proto * move all git setup into Init method * fix logic for when to use repoPath	2023-11-16 13:59:53 -08:00
Damanpreet Singh	d066a3fa78	Detector-Competition-Feat: Added Replicate API token detector (#2021 ) * Detector-Competition-Feat: Added Replicate API token detector * fix fullstory --------- Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-07 12:16:39 -06:00
Damanpreet Singh	bcde7856c3	Detector-Competition-Feat: Added Ngrok API token detector (#2024 ) Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-07 09:28:05 -06:00
Ankush Goel	1b93c0545c	Competition-Detector-New:added v2 version for fullstory (#2067 ) * added v2 version for fullstory * added versioner to the v1 fullstory detector	2023-11-07 08:55:06 -06:00
Corben Leo	1094190ff5	Detector-Competition-Feat: Add Overloop detector (#2080 ) * Detector-Competition-Feat: Add Overloop detector * add protos and to defaults.go --------- Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-06 16:43:31 -06:00
Damanpreet Singh	da59b72735	Detector-Competition-Feat: Added Request.Finance API token detector (#2020 ) Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-06 16:13:33 -06:00
Ankush Goel	703e158648	Detector-Competition-New : created grafana service account detector (#1960 ) * created grafana service account detector * add import --------- Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-06 15:41:37 -06:00
Ankush Goel	6259b179b9	Grafana (#2096 ) * Created Grafana Cloud API Key detector * made the regex more bounded * added boundary to regex	2023-11-06 11:13:06 -06:00
Ankush Goel	aabfec4cdf	Competition-Detector-New: added eventbrite detector (#2072 ) * added eventbrite detector * added packagename to defaults.go --------- Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-03 16:42:13 -05:00
Ankush Goel	1371512ff3	logz.io detector (#2076 ) Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-03 16:32:35 -05:00
Ankush Goel	06b5fc25ef	Coda Detector (#2075 ) Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-03 15:50:05 -05:00
dylanTruffle	0b90265802	pulling short lived AWS keys into their own thing, fixes #1224 (#2088 ) * pulling short lived AWS keys into their own thing, fixes #1224 * Update awssessionkey.go * fmt --------- Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local> Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-03 11:58:49 -05:00
Cody Rose	7a156330b5	Support multiple detectors per match (#2065 ) #1711 inadvertently removed the ability to match multiple custom detectors, or multiple detectors of the same type but different version, to a given keyword. (#2060 re-added support for multiple versions of detectors globally, and #2064 re-added support for multiple custom detectors globally, but neither fixed trufflehog's inability to support multiple such detectors for a given keyword match.) This PR re-adds the removed functionality (and narrows the AhoCorasickCore interface in the process.)	2023-11-03 12:26:18 -04:00
Corben Leo	3b9ecaa704	Detector-Competition-Fix: Fix ScraperSite (deprecated) (#2074 ) Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>	2023-11-03 11:15:53 -04:00
Corben Leo	41e9cc59e2	Detector-Competition-Fix: Fix PassBase (acquired, deprecated) (#2079 )	2023-11-03 08:59:32 -05:00
Ankush Goel	b95ed3b41a	Detector-Competition-New - Created Grafana Cloud API Key detector (#1959 ) * Created Grafana Cloud API Key detector * made the regex more bounded * added boundary to regex	2023-11-03 09:25:54 -04:00
Corben Leo	9e52e3e86f	Detector-Competition-Fix: Fix/Deprecate Prospect.io (#2081 ) * Detector-Competition-Feat: Fix/Deprecate Prospect.io * Detector-Competition-Fix: fix defaults.go	2023-11-03 07:04:42 -05:00
Corben Leo	b5cc6c196c	Detector-Competition-Fix: Fix FakeJSON (deprecated) (#2073 )	2023-11-02 15:43:49 -05:00
dylanTruffle	4106ce7bf0	Detector-Competition-Feat: Adding Azure Container Registry Password Detector (#1958 ) * implementing azure container registry password detector * Fixing boundry feedback * whoops * update verification code * fix regex --------- Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local> Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-11-02 11:17:01 -05:00
Corben Leo	07f6c84aa4	Detector-Competition-Fix: Fix SentimentInvestor (deprecated) (#2078 )	2023-11-01 11:54:40 -05:00
dylanTruffle	8bac2b15ba	Detector-Competition-Feat: Adding Azure Batch keys (#1956 ) * adding azure batch * fmt * fix lint --------- Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local> Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>	2023-10-31 10:49:04 -05:00
Cody Rose	e58a2913ea	Support multiple custom detectors (#2064 ) #1711 accidentally removed the ability to support multiple custom detectors. This PR partially adds back this capability: Multiple custom detectors are now supported overall, but only one custom detector can be returned for a given keyword match.	2023-10-30 18:17:17 -04:00
Cody Rose	45059864f8	Re-add detector version (#2060 ) #2010 mistakenly removed detector version tracking from the Aho Corasick wrapper. This PR re-adds it.	2023-10-30 15:34:33 -04:00
Dustin Decker	05fae156e1	Add TravisCI source (#1877 ) * Add TravisCI source * update test to use sourcestest * Remove jobPage loop ListByBuild does not support pagination, so this was infinitely repeating. https://developer.travis-ci.com/resource/jobs#find * Continue chunking on error * review updates * update readme --------- Co-authored-by: Miccah Castorina <m.castorina93@gmail.com>	2023-10-30 07:28:25 -07:00
Cody Rose	876a55821b	Remove verify flag from Aho-Corasick core (#2010 ) The Aho-Corasick wrapper we have tracks information about whether verification should be enabled on an individual detector basis, but that functionality isn't related to the matching functionality of Aho-Corasick, and including it complicates the implementation. This PR removes it to simplify some things. This PR removes some code that supported a potential future implementation of detector-specific verification settings, but that feature has not actually been implemented yet, so there's no loss of functionality. If we want that feature we can add it back on top of this in a more separated way.	2023-10-30 09:52:51 -04:00
Damanpreet Singh	7a9332152a	Detector-Competition-Feat: Added Reply.io API token detector (#2019 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-29 17:57:36 -07:00
Damanpreet Singh	0068ec54f2	Detector-Competition-Feat: Added Stripo API token detector (#2018 ) * Detector-Competition-Feat: Added Stripo API token detector * adjust regex --------- Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-29 17:26:14 -07:00
Richard Gomez	0427985ebe	feat: deno deploy detector (#2040 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-29 16:58:00 -07:00
Damanpreet Singh	3ffc0dfd22	Detector-Competition-Feat: Added Budibase API token detector (#2016 )	2023-10-29 10:12:45 -07:00
Damanpreet Singh	52b3c99868	Detector-Competition-Feat: Added LemonSqueezy API token detector (#2017 ) * Detector-Competition-Feat: Added LemonSqueezy API token detector * fix regex --------- Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-28 15:03:14 -07:00
Richard Gomez	96b25150d0	Add Coinbase Wallet-as-a-Service detector (#1895 ) * feat(coinbase): basic Wallet-as-a-Service detector * update test --------- Co-authored-by: Dustin Decker <dustin@trufflesec.com>	2023-10-27 10:32:36 -07:00
Damanpreet Singh	eb0c0fa99f	Detector-Competition-Feat: Add Metabase Session Secret Detector (#1902 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 20:17:41 -07:00
Damanpreet Singh	bf6ece39ca	Detector-Competition-Feat: Added AppOptics API token detector (#1989 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 20:06:30 -07:00
Damanpreet Singh	4d0a40d2f3	Detector-Competition-Feat: Added ZeroTier API token detector (#1988 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 19:55:58 -07:00
Damanpreet Singh	f1a75395e8	Detector-Competition-Feat: Added BetterStack API token detector (#1987 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 19:46:56 -07:00
Corben Leo	8505d24d7d	Detector-Competition-Fix: Fix/Remove Flowdock detector (#2004 ) * Detector-Competition-Fix: Fix/Remove Flowdock detector --------- Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2023-10-26 09:35:13 -04:00
Corben Leo	b776f9c122	Detector-Competition-Fix: Fix/Remove Happi Detection & Verification (#2003 ) * Detector-Competition-Fix: Fix/Remove Happi Detection & Verification --------- Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2023-10-26 09:20:53 -04:00
Corben Leo	6914dacde3	Detector-Competition-Fix: Fix/Remove DataFire, API retired (#1995 ) * Detector-Competition-Fix: Fix/Remove DataFire, API retired * Detector-Competition-Fix: Depreciate Datafire Proto * make protos for deprecating datafire --------- Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2023-10-25 21:51:54 -04:00

1 2 3 4 5

242 commits