Damanpreet Singh
b4753a60be
Detector-Competition-New: add IP2Location api key detector ( #1915 )
2023-10-23 13:51:14 -05:00
Corben Leo
6c75e45958
Detector-Competition-Feat: Add ipinfo.io API key detector ( #1889 )
...
* Detector-Competition-Feat: Add ipinfo.io API key detector
* fix prefix
2023-10-23 09:00:35 -05:00
Corben Leo
4cb67a571d
Detector-Competition-Feat: Add Privacy.com API key detector ( #1888 )
...
* Detector-Competition-Feat: Add Privacy.com API key detector
* Detector-Competition-Feat: Add Privacy.com API key detector
* cleanup: fix prefix
2023-10-20 08:45:16 -05:00
Richard Gomez
b57b1c1aa7
feat(voiceflow): basic detector ( #1900 )
2023-10-18 16:17:11 -05:00
s.shivasurya
040167178c
added cody gateway token detection code ( #1883 )
...
* added cody gateway token detection code
* resolved conflict
2023-10-13 09:09:04 -06:00
Corben Leo
ae3a5d1202
Detector-Competition-Feat: Add Klaviyo API Secret Detector ( #1870 )
...
* Detector-Competition-Feat: Add Klaviyo API Secret Detector
* fix(error): add s1.VerificationError and remove specific code check.
* fix(error): add s1.VerificationError and remove specific code check.
2023-10-11 08:35:04 -06:00
Corben Leo
179a7e4cbc
Detector-Competition-New: add anthropic api key detector ( #1861 )
...
* feat(anthropic): add anthropic api key detector
* Detector-Competition-Fix: fix remove debug println
2023-10-05 11:34:40 -05:00
Corben Leo
bf1cce43e5
Detector-Competition-New: add ramp.com client id & secret detector ( #1862 )
2023-10-05 09:40:30 -05:00
Dylan Ayrey
de535071e1
implemented planet scale creds (passwords and API keys) ( #1841 )
...
* implemented planet scale creds (passwords and API keys)
* Add timeout, fix tests, fix indeterminate
---------
Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-10-02 14:00:36 -07:00
Dylan Ayrey
f13fe36ae2
adding azure storage detector ( #1840 )
...
* adding azure storage detector
* Fix variable name
* Escape regex
* fix test fields and update expected status code
---------
Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-10-02 13:45:45 -07:00
Ankush Goel
faf46175e4
added Web3 Storage detector ( #1789 )
...
* added Web3 Storage detector
* fixed the regex
* removed test and disabled token
2023-09-27 12:09:39 -05:00
Marwan Sulaiman
3aa5369608
Add Tailscale detector ( #1719 )
...
* Add tailscale detector
* PR feedback: match on first element
2023-09-07 19:11:17 -07:00
s.shivasurya
6695cf1dce
added sourcegraph token verification detection ( #1730 )
2023-08-31 08:47:13 -07:00
Zubair Khan
519646342e
add snowflake detector ( #1653 )
...
Detect Snowflake secrets (compound URI of account, username, password) and enrich Secret Result with account and databases that the secret has access to.
2023-08-24 13:29:58 -04:00
Zubair Khan
62d359eba4
add salesforce detector ( #1608 )
...
* setup
* update time out case to return detector result
* fix
* remove unneeded comment
* remove debug print
* cleanup
* more robust error handling
* reflect new detector template changes
* fixes
* mark response body check err as indeterminate
2023-08-16 10:42:04 -04:00
Zubair Khan
ea6e8b6bb5
add huggingface detector ( #1621 )
...
* init huggingface detector
* completed test
2023-08-14 14:22:04 -04:00
Bill Rich
0c7ed19270
Github Oauth2 verification ( #1584 )
...
* Github Oauth2 verification
* Use prefix and include RawV2
* Make gh_oauth2 a new detector
* Remove unused struct
* Remove versioner
* Remove unused code
2023-08-02 11:16:40 -07:00
Brandon Yan
8fad5fff79
add dockerhub scanner ( #1496 )
...
* add dockerhub scanner
* clean
* clean and fix regex logic and tests
* check length of userMatches before access
* Use camelcase.
---------
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-19 09:26:28 -07:00
Zubair Khan
be549a7287
add thog enterprise detector for web keys ( #1448 )
...
* saving progress
* proto changes
* run make protos
* verify response, add test case
* resolve linter warning about unescaped . in regex pattern
* resolve overlapping proto number
2023-07-18 09:53:12 -04:00
Brandon Yan
9af31f00a9
add envoy api key scanner ( #1482 )
...
* add envoy api key scanner
* Use detectors4.
---------
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-16 16:46:28 -07:00
Cody Rose
87058dd7fa
Add new verification error message field ( #1463 )
2023-07-10 11:15:40 -04:00
Zubair Khan
f52946b996
Add Couchbase Detector ( #1385 )
...
* init
* add detector type
* rotate leaked credentials
* tighten up username pattern
* isolated prefixregex as overrriding new line stuff
* passwordPat working now
* add username test
* fix edge case
* cleanup
* make linter happy
* make linter happy rd 2
* skip error logging
* fix test
* add password regex helper func
* make test more robust
* cleanup PR
* remove comments
* clarify prepend rationale
2023-06-26 14:37:10 -04:00
Zubair Khan
dfb1a0cd38
Add DocuSign detector ( #1382 )
...
* init
* look for client id and client secret, encode them for basis auth
* add tests
* test without checking the contents of response
* confirm access_token exists
* cleanup test
* explain in code that an undocumented grant_type is used
* remove use of deprecated ioutil, remove dead code, return errors instead of just logging
* directly pull access token
* update error text, remove redundant body close()
* import new detector into defaults
2023-06-08 13:34:50 -04:00
vickygoel
4c04bbbe85
added pulumi cloud Access token detector ( #1295 )
...
* added pulumi cloud Access token detector
* removed accidentally committed tokens
* added the databricks token detection
* made recommended changes
* added supabase management api token
* nuget api key detector
* added aiven.io token detector
* added prefect.io api key detector
* update protos.
---------
Co-authored-by: Developer <garg47294+1@gmail.com>
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-05-11 09:08:48 -07:00
Jason Solis
c13c56283d
add tineswebhook detector ( #1304 )
2023-05-01 07:48:58 -07:00
Shabbir B
6f801f64c7
Added a new detector for percy.io ( #1284 )
...
* Feature: Added a new detector for percy.io
* Updated variable name
---------
Co-authored-by: ahrav <ahravdutta02@gmail.com>
2023-04-25 13:18:34 -07:00
ahrav
cec1543894
Add utf16 decoder proto. ( #1276 )
2023-04-20 15:25:36 -07:00
garg472
3e4496156c
added new detectors and fixed mesibo detector ( #1166 )
...
* added new detectors and fixed mesibo detector
* added bscscan.com API detector
* added coinmarketcap detector
* update alchemy
* update blocknative
* update bscscan test
* update cmc test
* update tests
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-03-16 18:57:08 -07:00
Miccah
861ad057c7
Implement CustomRegex detector ( #950 )
...
* Remove verifying successRanges because it is unused in webhook
* Move custom_detectors validation code into its own file
* Initial implementation of custom regex detector
Secret verification is done via webhook.
* Add CustomRegex detector type
* Add upper bound to permutation
* Return early if the context is canceled
* Add headers from configuration
* Add detector name as a key in the JSON body
* Implement faster algorithm for productIndices
2022-12-14 10:26:53 -06:00
Jessica
6e25664a52
add rambbitmq detector ( #936 )
...
* add rambbitmq detector
* use fixed length redaction
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-11-21 10:47:41 -08:00
Dustin Decker
ae4b387448
add LDAP detector ( #896 )
2022-11-18 19:45:11 -08:00
kstilwell
ecd25784f5
Adding Shopify detector ( #875 )
...
* Fixes/work based on testing
* Remove some commented code
* Change how verification happens and grab additional information
* Address linter warnings.
* add shopify detector to default detectors.
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2022-11-08 16:21:57 -08:00
Dustin Decker
a7fc12240f
Do local URI verification, while attempting to defuse SSRF ( #879 )
...
* simplify monogo pattern
* do URI verification locally, while attempting to defuse SSRF
* test SSRF defuse
* simplify err check logic per linter recommendation
* split up detectors
* address comments
* remove unused var
2022-11-01 17:27:24 -07:00
Alexandr Marchenko
60464da3ce
proposal: SqlServer connection string detector ( #867 )
...
* sqlserver added to detectors.proto
* make protos
* boilerplate detector generated
* wireup
* initial
2022-10-26 07:46:13 -07:00
ahrav
cea2a23c56
[THOG-768] - Add ignore repo list to Github proto ( #843 )
...
* Add ignore repo list to Github proto.
* Add proto.
* Add missing proto.
2022-10-11 15:41:33 -07:00
Mildred Bernardo
80dcfbe9db
Added DigitalOceanV2 detector ( #828 )
2022-09-27 17:51:10 -07:00
Joseph Lucas
b02cf7e032
Adding detector for Nvidia NGC ( #797 )
...
* template
* minimum viable regex
* valid api 401
* passing tests
* snake to camelcase
2022-09-20 08:20:18 -07:00
ahrav
c4492b1fdc
Add support for MongoDB detector. ( #793 )
...
* Add support for MongoDB detector.
* Remove extra line.
* Remove unused arg.
* Add context around found secret test.
* Remove unused arg.
2022-09-15 05:47:09 -07:00
roxanne-tampus
90da460fa1
added new detector ( #765 )
2022-08-31 17:54:23 -07:00
Mildred Bernardo
4c3c103b62
added new detectors ( #761 )
2022-08-31 11:50:33 -07:00
Marlon
a35786dccd
fix and make_protos ( #757 )
2022-08-30 17:13:04 -07:00
Marlon
79ebd68068
added new detector ( #751 )
...
Co-authored-by: marlon pamisa <marlon.pamisa@banyanhills.com>
2022-08-30 11:28:41 -07:00
roxanne-tampus
fa2d6b90cd
added new detectors ( #743 )
2022-08-29 16:44:11 -07:00
Marlon
098d4a9e7d
added appointed scanner ( #425 )
...
* added appointed scanner
* fix comment
* fix comment
* fix comment
* fix issue
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-08-25 10:40:35 -07:00
Max Thomson
e9f4cf99e5
Add Honeycomb detector ( #687 )
...
* Add Honeycomb detector
* Update pattern
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-08-24 16:50:31 -07:00
ahrav
dfb7e9a405
Add hash v2 to results proto. ( #693 )
2022-08-04 16:37:15 -07:00
roxanne-tampus
e9f503a083
added new detectors ( #639 )
...
* added new detectors
* added gemini
2022-07-08 08:19:03 -07:00
Marlon
48a0c28d33
added new protos ( #495 )
...
* added new protos
* fix comment
2022-05-02 09:23:09 -07:00
Dustin Decker
28d5396e61
Pr/371 ( #490 )
...
* added paydirtyapp scanner
* change paydirtyapp to paydirtapp
Co-authored-by: Marlon Pamisa <marlonpamisa@gmail.com>
2022-04-28 23:39:35 -07:00
Mildred Bernardo
b6b54798a1
added new protos ( #445 ) ( #463 )
2022-04-22 07:21:26 -07:00