Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 07:04:24 +00:00
Code Issues Projects Releases Packages Wiki Activity
2725 commits 139 branches 257 tags 147 MiB
Commit graph

2725 commits

This branch
This branch
All branches
Author SHA1 Message Date
ahrav
9867ce8eb8
Allow for configuring the buffered file writer (#2319) 
* Write large diffs to tmp files

* address comments

* Move bufferedfilewriter to own pkg

* update test

* swallow write err

* use buffer pool

* use size vs len

* use interface

* fix test

* update comments

* fix test

* Allow for configuring the buffered file writer

* remove unused

* add missing method

* remove

* remove unused

* move parser and commit struct closer to where they are used

* linter change

* fix snifftest

* address comments

* add more kvp pairs to error

* fix test

* update

* add back missing metadata fields

* address comments

* remove bufferedfile writer

* fix

* address comments

* use unint8

* update interface

* adjust interface

* fix tests

* make linter happy

* fix finalize

* address comments

* update test

* address comments

* lint

* remove guard

* fix test

* fix

* add TODO

* fix tests
 2024-01-30 12:51:58 -08:00
ahrav
7c59ff95d5
[feat] - tmp file diffs (#2306) 
* Write large diffs to tmp files

* address comments

* Move bufferedfilewriter to own pkg

* update test

* swallow write err

* use buffer pool

* use size vs len

* use interface

* fix test

* update comments

* fix test

* remove unused

* remove

* remove unused

* move parser and commit struct closer to where they are used

* linter change

* add more kvp pairs to error

* fix test

* update

* address comments

* remove bufferedfile writer

* address comments

* adjust interface

* fix finalize

* address comments

* lint

* remove guard

* fix

* add TODO
 2024-01-30 12:30:51 -08:00
Miccah
6824eb41ea
Fix filesystem enumeration ignore paths bug (#2355) 2024-01-30 12:21:37 -08:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
7ece4c3e66
Detectors Updates 1 for Tristate Verification (#2187) 
* updating alibaba

* updating agora

* updating aeroworkflow

* updating aha

* updating artifactory

* updating abbysale

* updating abstract

* updating abuseipdb

* updating accuweather

* updating adafruitio

* updating adzuna

* cleanup on abuseipdb

* cleanup on aha

* cleanup on abuseipdb

* cleanup on aeroworkflow

* cleanup on adzuna

* cleanup on accuweather

* cleanup/refactor

* update token pattern to be explicitly 73char (old) or 64char (new)

* comment to clarify 403 on Aha

* mocking out verified case for aha + adding inactive account test

* using contact response instead of gock

* update 403 to be determinate
 2024-01-30 12:20:56 -05:00
Richard Gomez
232032410c
feat(detectors): update template (#2342) 2024-01-29 21:21:23 -08:00
Dustin Decker
453792de76
Azure function key is throwing FPs (#2352) 
* Merge branch 'main' of github.com:trufflesecurity/trufflehog

* AZF throwing FPs

* update snifftest script
 2024-01-29 15:32:12 -05:00
Dustin Decker
7befefd369
Improve fp ignore logic (#2351) 
* forgot field change

* use aho corasick for filter

* reduce wordlist sensitivity
 2024-01-29 11:28:46 -08:00
roxanne-tampus
303e191f38
added azuresearchquerykey detector (#2349) 
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-29 10:19:51 -08:00
roxanne-tampus
06b7ebf824
added azuresearchadminkey detector (#2348) 
* added azuresearchadminkey detector

* additional update

* update import

* fix raw fields for new detectors and entropy check

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-29 09:55:46 -08:00
roxanne-tampus
83dc986b07
added azurefunctionkey detector (#2337) 
* added azurefunctionkey detector

* update raw field to include url

* clean up and added prefix on key pattern

* update bench script

* update imports, snifftest, and gen proto

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-29 09:20:33 -08:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
fa1c5fa583
updates to plain and json printing to include verification error (#2335) 2024-01-29 11:57:28 -05:00
faktas2
76fcdae3a0
Add the new MaxMind license key format (#2181) 
* Add the new MaxMind license key format

* feedback

* reorg rules

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-26 11:49:47 -08:00
Dustin Decker
3a6cfd9d97
Prevent print or logging in detectors (#2341) 
* Prevent print or logging in detectors

* mount repo

* update job name
 2024-01-26 11:39:41 -08:00
ahrav
41cfec4e1c
make sure to close connections after testing (#2343) 2024-01-26 09:24:06 -08:00
Dustin Decker
f078df43eb
Fix test (#2339) 2024-01-25 23:15:37 -08:00
Zubair Khan
76057618ba
add tri-state verification to yelp (#1736) 
* init yelp tri state

* fix detector and test

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-25 22:28:16 -08:00
Richard Gomez
38eb5d08e7
Improve GitHub scan logging (#2220) 
* feat(github): improve scan logging

* Move metric

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-25 22:11:01 -08:00
Richard Gomez
c6f73a7d10
Update DockerHub detector logic (#2266) 
* feat(dockerhub): update logic

* updates

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-25 22:02:36 -08:00
Richard Gomez
d4a0645c29
Add Google oauth2 token detector (#2274) 
* feat(google): add oauth2 token detector

* update pr

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-25 21:32:03 -08:00
ahrav
f209b04d5d
add priority semaphore (#2336) 2024-01-24 16:43:56 -08:00
joeleonjr
792266afa9
updating doppler logic (#2329) 
* updating doppler logic

* added json response struct
 2024-01-24 12:20:33 -05:00
roxanne-tampus
47c6539a41
added azuredevopspersonalaccesstoken detector (#2315) 
* added azuredevopspersonalaccesstoken detector

* fix comment

* update raw field to include all parts of the credential

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-23 20:46:51 -08:00
Miccah
4c698fc1e8
Walk directories in filesystem source enumeration (#2313) 
* Walk directories in filesystem source enumeration

* Ignore all directories instead of just the root

* Fix bug with multiple directories

* Skip filesystem TestEnumerate

* Update filesystem enumeration test to create files and folders
 2024-01-23 14:57:38 -08:00
ahrav
e44802a31d
[feat] - Replace regexp pkg w/ go-re2 in detectors (#2324) 
* update detectors to use go-re regex library replacement

* update go mod and sum

* add tests with invalid utf-8

* revert
 2024-01-23 13:16:22 -08:00
Cody Rose
80f2696ae0
Update Gitlab repo count in tests #2333 2024-01-23 15:04:11 -05:00
Cody Rose
e0a1b11a8e
Narrow Postgres detector to only look for URIs (#2314) 2024-01-23 14:42:31 -05:00
joeleonjr
05d189c977
fixing incorrect acct num id for some aws keys (#2332) 2024-01-23 13:27:50 -05:00
joeleonjr
443ef98e41
updating detector logic for zenscrape (#2316) 
* updating detector logic for zenscrape

* updating to use status endpoint
 2024-01-22 16:57:51 -05:00
Miccah
2d96b89554
Add prometheus metrics to measure hook execution time (#2312) 
* Add prometheus metrics to measure hook execution time

* Move metrics to separate file and reduce buckets
 2024-01-22 11:47:45 -08:00
ahrav
383f8a1f67
[chore] - reduce test time (#2321) 
* reduce test time

* remove commented out code
 2024-01-22 09:40:32 -08:00
renovate[bot]
e803e689c1
fix(deps): update module github.com/aws/aws-sdk-go to v1.50.0 (#2325) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-01-21 20:30:17 -08:00
renovate[bot]
09feb906f5
fix(deps): update module github.com/envoyproxy/protoc-gen-validate to v1.0.4 (#2322) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-01-21 19:55:32 -08:00
renovate[bot]
4afc224c63
fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.1 (#2320) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-01-21 13:04:07 -08:00
renovate[bot]
1e3f179f73
fix(deps): update golang.org/x/exp digest to 1b97071 (#2318) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-01-20 14:14:18 -08:00
ahrav
d3d551d24e
[chore] - Update Chunk struct comment (#2317) 
* update comment to include information on the importance of struct ordering

* more cute tricks

* remove cute tricks
 2024-01-20 13:31:27 -08:00
renovate[bot]
8e9bf8aa6d
fix(deps): update module github.com/hashicorp/golang-lru to v2 (#2054) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
 2024-01-20 13:31:09 -08:00
ahrav
8380e1713e
save 8 bytes per chunk (#2310) 2024-01-18 13:20:06 -08:00
ahrav
b0fd951652
[chore] - Add regex and keyword for api_org tokens (#2240) 
* Add regex and keyword for api_org tokens.

* handle org token auth struct

* update keywords
 2024-01-16 15:25:26 -08:00
Miccah
c5af979aee
Assume unauthenticated github scans have public visibility (#2308) 2024-01-16 14:57:06 -08:00
ahrav
a1dc660f41
[fixup ] - Allow ssh cloning with AWS Code Commit (#2307) 2024-01-16 11:55:17 -08:00
roxanne-tampus
d6419a8ab2
added azure protos (#2304) 2024-01-15 06:59:47 -08:00
Dustin Decker
2596331bca
Disable recently added postgres detector because it it too sensitive (#2303) 2024-01-13 19:52:57 -08:00
ahrav
d0c0ba43de
[feat] - Provide CLI flag to only use custom verifiers (#2299) 
* Provide CLI flag to only use custom verifiers

* address comments
 2024-01-13 16:52:41 -08:00
Cody Rose
b03cc30263
Individuate archive tests #2293 2024-01-12 09:39:48 -05:00
ahrav
651beff492
[feat] - Allow for the use of include/exclude path files for filesystem scans (#2297) 
* Allow for the use of include/exclude path files for filesystem scans

* remove oopsie
 2024-01-11 15:41:50 -08:00
ahrav
9408425cc6
[chore] - small updates (#2288) 
* small updates

* fix logic

* simplify fxn

* remove errors

* use strings.EqualFold
 2024-01-11 14:27:10 -08:00
renovate[bot]
aa40654aad
fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.9.0 (#2295) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-01-11 13:52:50 -08:00
renovate[bot]
7258439d7a
fix(deps): update module github.com/aws/aws-sdk-go to v1.49.19 (#2294) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-01-11 13:45:18 -08:00
Shubham Hibare
f37f2eff68
feat(installation): Implement checksum signature verification (#2157) 
* feat(installation): Implement checksum signature verification

* Add cosign notes

* Use vars

* use var
 2024-01-11 11:56:21 -08:00
renovate[bot]
d249316e54
fix(deps): update module github.com/aws/aws-sdk-go to v1.49.18 (#2292) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-01-11 11:43:29 -08:00