trufflehog

mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 07:04:24 +00:00

Author	SHA1	Message	Date
Damanpreet Singh	0068ec54f2	Detector-Competition-Feat: Added Stripo API token detector (#2018 ) * Detector-Competition-Feat: Added Stripo API token detector * adjust regex --------- Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-29 17:26:14 -07:00
Richard Gomez	0427985ebe	feat: deno deploy detector (#2040 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-29 16:58:00 -07:00
Damanpreet Singh	3ffc0dfd22	Detector-Competition-Feat: Added Budibase API token detector (#2016 )	2023-10-29 10:12:45 -07:00
Damanpreet Singh	52b3c99868	Detector-Competition-Feat: Added LemonSqueezy API token detector (#2017 ) * Detector-Competition-Feat: Added LemonSqueezy API token detector * fix regex --------- Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-28 15:03:14 -07:00
Richard Gomez	96b25150d0	Add Coinbase Wallet-as-a-Service detector (#1895 ) * feat(coinbase): basic Wallet-as-a-Service detector * update test --------- Co-authored-by: Dustin Decker <dustin@trufflesec.com>	2023-10-27 10:32:36 -07:00
Damanpreet Singh	eb0c0fa99f	Detector-Competition-Feat: Add Metabase Session Secret Detector (#1902 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 20:17:41 -07:00
Damanpreet Singh	bf6ece39ca	Detector-Competition-Feat: Added AppOptics API token detector (#1989 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 20:06:30 -07:00
Damanpreet Singh	4d0a40d2f3	Detector-Competition-Feat: Added ZeroTier API token detector (#1988 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 19:55:58 -07:00
Damanpreet Singh	f1a75395e8	Detector-Competition-Feat: Added BetterStack API token detector (#1987 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-26 19:46:56 -07:00
Corben Leo	8505d24d7d	Detector-Competition-Fix: Fix/Remove Flowdock detector (#2004 ) * Detector-Competition-Fix: Fix/Remove Flowdock detector --------- Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2023-10-26 09:35:13 -04:00
Corben Leo	b776f9c122	Detector-Competition-Fix: Fix/Remove Happi Detection & Verification (#2003 ) * Detector-Competition-Fix: Fix/Remove Happi Detection & Verification --------- Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2023-10-26 09:20:53 -04:00
Corben Leo	6914dacde3	Detector-Competition-Fix: Fix/Remove DataFire, API retired (#1995 ) * Detector-Competition-Fix: Fix/Remove DataFire, API retired * Detector-Competition-Fix: Depreciate Datafire Proto * make protos for deprecating datafire --------- Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2023-10-25 21:51:54 -04:00
Corben Leo	f7960265ea	Detector-Competition-Fix: Fix/Remove QuickMetrics (shutdown) (#1997 ) * Detector-Competition-Fix: Fix/Remove QuickMetrics (shutdown) * Detector-Competition-Fix: Fix/Remove QuickMetrics protos * make protos for deprecating Blablabus (#2002) * make protos for deprecating quickmetrics --------- Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com> Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>	2023-10-25 20:05:26 -04:00
Corben Leo	51b7fcc5d6	Detector-Competition-Fix: Fix/Remove BlaBlaBus, API retired (#1996 ) * Detector-Competition-Fix: Fix/Remove BlaBlaBus, API retired * Detector-Competition-Fix: Depreciate Blabus proto	2023-10-25 18:45:40 -04:00
Corben Leo	cebd92d79e	Detector-Competition-Fix: Depreciate Glitterly (#2000 )	2023-10-25 18:08:50 -04:00
Damanpreet Singh	b2811bcf78	Detector-Competition-Feat: Added Vagrant Cloud Access Token Detector (#1941 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-25 11:03:45 -05:00
Damanpreet Singh	2189dc9b0f	Detector-Competition-Feat: Added Portainer Detector (#1936 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-25 06:32:57 -07:00
Damanpreet Singh	b2702b7839	Detector-Competition-Feat: Added OpenVPN API Detector (#1940 )	2023-10-25 04:57:07 -07:00
Ankush Goel	84cb33ce3d	loggly detector (#1782 ) * loggly detector * fixed the loggly_test.go * fixed the test file to pass the test --------- Co-authored-by: dsingdev-rocketx <bughunter00@protonmail.com>	2023-10-24 20:06:47 -07:00
Damanpreet Singh	f467cf923c	Detector-Competition-Feat: Added PortainerToken Detector (#1938 ) Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>	2023-10-24 13:48:40 -07:00
Damanpreet Singh	855aba2407	Detector-Competition-Feat: Add InstaMojo Payment Detector (#1905 )	2023-10-23 16:58:25 -05:00
Damanpreet Singh	b4753a60be	Detector-Competition-New: add IP2Location api key detector (#1915 )	2023-10-23 13:51:14 -05:00
Corben Leo	6c75e45958	Detector-Competition-Feat: Add ipinfo.io API key detector (#1889 ) * Detector-Competition-Feat: Add ipinfo.io API key detector * fix prefix	2023-10-23 09:00:35 -05:00
Corben Leo	4cb67a571d	Detector-Competition-Feat: Add Privacy.com API key detector (#1888 ) * Detector-Competition-Feat: Add Privacy.com API key detector * Detector-Competition-Feat: Add Privacy.com API key detector * cleanup: fix prefix	2023-10-20 08:45:16 -05:00
Richard Gomez	b57b1c1aa7	feat(voiceflow): basic detector (#1900 )	2023-10-18 16:17:11 -05:00
s.shivasurya	040167178c	added cody gateway token detection code (#1883 ) * added cody gateway token detection code * resolved conflict	2023-10-13 09:09:04 -06:00
Corben Leo	ae3a5d1202	Detector-Competition-Feat: Add Klaviyo API Secret Detector (#1870 ) * Detector-Competition-Feat: Add Klaviyo API Secret Detector * fix(error): add s1.VerificationError and remove specific code check. * fix(error): add s1.VerificationError and remove specific code check.	2023-10-11 08:35:04 -06:00
Corben Leo	179a7e4cbc	Detector-Competition-New: add anthropic api key detector (#1861 ) * feat(anthropic): add anthropic api key detector * Detector-Competition-Fix: fix remove debug println	2023-10-05 11:34:40 -05:00
Corben Leo	bf1cce43e5	Detector-Competition-New: add ramp.com client id & secret detector (#1862 )	2023-10-05 09:40:30 -05:00
Dylan Ayrey	de535071e1	implemented planet scale creds (passwords and API keys) (#1841 ) * implemented planet scale creds (passwords and API keys) * Add timeout, fix tests, fix indeterminate --------- Co-authored-by: counter <counter@counters-MacBook-Air.local> Co-authored-by: Dustin Decker <dustin@trufflesec.com>	2023-10-02 14:00:36 -07:00
Dylan Ayrey	f13fe36ae2	adding azure storage detector (#1840 ) * adding azure storage detector * Fix variable name * Escape regex * fix test fields and update expected status code --------- Co-authored-by: counter <counter@counters-MacBook-Air.local> Co-authored-by: Dustin Decker <dustin@trufflesec.com>	2023-10-02 13:45:45 -07:00
Ankush Goel	faf46175e4	added Web3 Storage detector (#1789 ) * added Web3 Storage detector * fixed the regex * removed test and disabled token	2023-09-27 12:09:39 -05:00
Marwan Sulaiman	3aa5369608	Add Tailscale detector (#1719 ) * Add tailscale detector * PR feedback: match on first element	2023-09-07 19:11:17 -07:00
s.shivasurya	6695cf1dce	added sourcegraph token verification detection (#1730 )	2023-08-31 08:47:13 -07:00
Zubair Khan	519646342e	add snowflake detector (#1653 ) Detect Snowflake secrets (compound URI of account, username, password) and enrich Secret Result with account and databases that the secret has access to.	2023-08-24 13:29:58 -04:00
Zubair Khan	62d359eba4	add salesforce detector (#1608 ) * setup * update time out case to return detector result * fix * remove unneeded comment * remove debug print * cleanup * more robust error handling * reflect new detector template changes * fixes * mark response body check err as indeterminate	2023-08-16 10:42:04 -04:00
Zubair Khan	ea6e8b6bb5	add huggingface detector (#1621 ) * init huggingface detector * completed test	2023-08-14 14:22:04 -04:00
Bill Rich	0c7ed19270	Github Oauth2 verification (#1584 ) * Github Oauth2 verification * Use prefix and include RawV2 * Make gh_oauth2 a new detector * Remove unused struct * Remove versioner * Remove unused code	2023-08-02 11:16:40 -07:00
Brandon Yan	8fad5fff79	add dockerhub scanner (#1496 ) * add dockerhub scanner * clean * clean and fix regex logic and tests * check length of userMatches before access * Use camelcase. --------- Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>	2023-07-19 09:26:28 -07:00
Zubair Khan	be549a7287	add thog enterprise detector for web keys (#1448 ) * saving progress * proto changes * run make protos * verify response, add test case * resolve linter warning about unescaped . in regex pattern * resolve overlapping proto number	2023-07-18 09:53:12 -04:00
Brandon Yan	9af31f00a9	add envoy api key scanner (#1482 ) * add envoy api key scanner * Use detectors4. --------- Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>	2023-07-16 16:46:28 -07:00
Cody Rose	87058dd7fa	Add new verification error message field (#1463 )	2023-07-10 11:15:40 -04:00
Zubair Khan	f52946b996	Add Couchbase Detector (#1385 ) * init * add detector type * rotate leaked credentials * tighten up username pattern * isolated prefixregex as overrriding new line stuff * passwordPat working now * add username test * fix edge case * cleanup * make linter happy * make linter happy rd 2 * skip error logging * fix test * add password regex helper func * make test more robust * cleanup PR * remove comments * clarify prepend rationale	2023-06-26 14:37:10 -04:00
Zubair Khan	dfb1a0cd38	Add DocuSign detector (#1382 ) * init * look for client id and client secret, encode them for basis auth * add tests * test without checking the contents of response * confirm access_token exists * cleanup test * explain in code that an undocumented grant_type is used * remove use of deprecated ioutil, remove dead code, return errors instead of just logging * directly pull access token * update error text, remove redundant body close() * import new detector into defaults	2023-06-08 13:34:50 -04:00
vickygoel	4c04bbbe85	added pulumi cloud Access token detector (#1295 ) * added pulumi cloud Access token detector * removed accidentally committed tokens * added the databricks token detection * made recommended changes * added supabase management api token * nuget api key detector * added aiven.io token detector * added prefect.io api key detector * update protos. --------- Co-authored-by: Developer <garg47294+1@gmail.com> Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>	2023-05-11 09:08:48 -07:00
Jason Solis	c13c56283d	add tineswebhook detector (#1304 )	2023-05-01 07:48:58 -07:00
Shabbir B	6f801f64c7	Added a new detector for percy.io (#1284 ) * Feature: Added a new detector for percy.io * Updated variable name --------- Co-authored-by: ahrav <ahravdutta02@gmail.com>	2023-04-25 13:18:34 -07:00
ahrav	cec1543894	Add utf16 decoder proto. (#1276 )	2023-04-20 15:25:36 -07:00
garg472	3e4496156c	added new detectors and fixed mesibo detector (#1166 ) * added new detectors and fixed mesibo detector * added bscscan.com API detector * added coinmarketcap detector * update alchemy * update blocknative * update bscscan test * update cmc test * update tests --------- Co-authored-by: Dustin Decker <dustin@trufflesec.com>	2023-03-16 18:57:08 -07:00
Miccah	861ad057c7	Implement CustomRegex detector (#950 ) * Remove verifying successRanges because it is unused in webhook * Move custom_detectors validation code into its own file * Initial implementation of custom regex detector Secret verification is done via webhook. * Add CustomRegex detector type * Add upper bound to permutation * Return early if the context is canceled * Add headers from configuration * Add detector name as a key in the JSON body * Implement faster algorithm for productIndices	2022-12-14 10:26:53 -06:00

1 2

88 commits