Commit graph

96 commits

Author SHA1 Message Date
dylanTruffle
4106ce7bf0
Detector-Competition-Feat: Adding Azure Container Registry Password Detector (#1958)
* implementing azure container registry password detector

* Fixing boundry feedback

* whoops

* update verification code

* fix regex

---------

Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-11-02 11:17:01 -05:00
Corben Leo
07f6c84aa4
Detector-Competition-Fix: Fix SentimentInvestor (deprecated) (#2078) 2023-11-01 11:54:40 -05:00
dylanTruffle
8bac2b15ba
Detector-Competition-Feat: Adding Azure Batch keys (#1956)
* adding azure batch

* fmt

* fix lint

---------

Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
2023-10-31 10:49:04 -05:00
Damanpreet Singh
7a9332152a
Detector-Competition-Feat: Added Reply.io API token detector (#2019)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-29 17:57:36 -07:00
Damanpreet Singh
0068ec54f2
Detector-Competition-Feat: Added Stripo API token detector (#2018)
* Detector-Competition-Feat: Added Stripo API token detector

* adjust regex

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-29 17:26:14 -07:00
Richard Gomez
0427985ebe
feat: deno deploy detector (#2040)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-29 16:58:00 -07:00
Damanpreet Singh
3ffc0dfd22
Detector-Competition-Feat: Added Budibase API token detector (#2016) 2023-10-29 10:12:45 -07:00
Damanpreet Singh
52b3c99868
Detector-Competition-Feat: Added LemonSqueezy API token detector (#2017)
* Detector-Competition-Feat: Added LemonSqueezy API token detector

* fix regex

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-28 15:03:14 -07:00
Richard Gomez
96b25150d0
Add Coinbase Wallet-as-a-Service detector (#1895)
* feat(coinbase): basic Wallet-as-a-Service detector

* update test

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-10-27 10:32:36 -07:00
Damanpreet Singh
eb0c0fa99f
Detector-Competition-Feat: Add Metabase Session Secret Detector (#1902)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-26 20:17:41 -07:00
Damanpreet Singh
bf6ece39ca
Detector-Competition-Feat: Added AppOptics API token detector (#1989)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-26 20:06:30 -07:00
Damanpreet Singh
4d0a40d2f3
Detector-Competition-Feat: Added ZeroTier API token detector (#1988)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-26 19:55:58 -07:00
Damanpreet Singh
f1a75395e8
Detector-Competition-Feat: Added BetterStack API token detector (#1987)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-26 19:46:56 -07:00
Corben Leo
8505d24d7d
Detector-Competition-Fix: Fix/Remove Flowdock detector (#2004)
* Detector-Competition-Fix: Fix/Remove Flowdock detector

---------

Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2023-10-26 09:35:13 -04:00
Corben Leo
b776f9c122
Detector-Competition-Fix: Fix/Remove Happi Detection & Verification (#2003)
* Detector-Competition-Fix: Fix/Remove Happi Detection & Verification

---------

Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2023-10-26 09:20:53 -04:00
Corben Leo
6914dacde3
Detector-Competition-Fix: Fix/Remove DataFire, API retired (#1995)
* Detector-Competition-Fix: Fix/Remove DataFire, API retired

* Detector-Competition-Fix: Depreciate Datafire Proto

* make protos for deprecating datafire

---------

Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2023-10-25 21:51:54 -04:00
Corben Leo
f7960265ea
Detector-Competition-Fix: Fix/Remove QuickMetrics (shutdown) (#1997)
* Detector-Competition-Fix: Fix/Remove QuickMetrics (shutdown)

* Detector-Competition-Fix: Fix/Remove QuickMetrics protos

* make protos for deprecating Blablabus (#2002)

* make protos for deprecating quickmetrics

---------

Co-authored-by: āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2023-10-25 20:05:26 -04:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
7af4591356
make protos for deprecating Blablabus (#2002) 2023-10-25 19:25:00 -04:00
Corben Leo
cebd92d79e
Detector-Competition-Fix: Depreciate Glitterly (#2000) 2023-10-25 18:08:50 -04:00
Damanpreet Singh
b2811bcf78
Detector-Competition-Feat: Added Vagrant Cloud Access Token Detector (#1941)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-25 11:03:45 -05:00
Damanpreet Singh
2189dc9b0f
Detector-Competition-Feat: Added Portainer Detector (#1936)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-25 06:32:57 -07:00
Damanpreet Singh
b2702b7839
Detector-Competition-Feat: Added OpenVPN API Detector (#1940) 2023-10-25 04:57:07 -07:00
Ankush Goel
84cb33ce3d
loggly detector (#1782)
* loggly detector

* fixed the loggly_test.go

* fixed the test file to pass the test

---------

Co-authored-by: dsingdev-rocketx <bughunter00@protonmail.com>
2023-10-24 20:06:47 -07:00
Damanpreet Singh
f467cf923c
Detector-Competition-Feat: Added PortainerToken Detector (#1938)
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-10-24 13:48:40 -07:00
Damanpreet Singh
855aba2407
Detector-Competition-Feat: Add InstaMojo Payment Detector (#1905) 2023-10-23 16:58:25 -05:00
Damanpreet Singh
b4753a60be
Detector-Competition-New: add IP2Location api key detector (#1915) 2023-10-23 13:51:14 -05:00
Corben Leo
6c75e45958
Detector-Competition-Feat: Add ipinfo.io API key detector (#1889)
* Detector-Competition-Feat: Add ipinfo.io API key detector

* fix prefix
2023-10-23 09:00:35 -05:00
Corben Leo
4cb67a571d
Detector-Competition-Feat: Add Privacy.com API key detector (#1888)
* Detector-Competition-Feat: Add Privacy.com API key detector

* Detector-Competition-Feat: Add Privacy.com API key detector

* cleanup: fix prefix
2023-10-20 08:45:16 -05:00
Richard Gomez
b57b1c1aa7
feat(voiceflow): basic detector (#1900) 2023-10-18 16:17:11 -05:00
s.shivasurya
040167178c
added cody gateway token detection code (#1883)
* added cody gateway token detection code

* resolved conflict
2023-10-13 09:09:04 -06:00
Corben Leo
ae3a5d1202
Detector-Competition-Feat: Add Klaviyo API Secret Detector (#1870)
* Detector-Competition-Feat: Add Klaviyo API Secret Detector

* fix(error): add s1.VerificationError and remove specific code check.

* fix(error): add s1.VerificationError and remove specific code check.
2023-10-11 08:35:04 -06:00
Corben Leo
179a7e4cbc
Detector-Competition-New: add anthropic api key detector (#1861)
* feat(anthropic): add anthropic api key detector

* Detector-Competition-Fix: fix remove debug println
2023-10-05 11:34:40 -05:00
Corben Leo
bf1cce43e5
Detector-Competition-New: add ramp.com client id & secret detector (#1862) 2023-10-05 09:40:30 -05:00
Dylan Ayrey
de535071e1
implemented planet scale creds (passwords and API keys) (#1841)
* implemented planet scale creds (passwords and API keys)

* Add timeout, fix tests, fix indeterminate

---------

Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-10-02 14:00:36 -07:00
Dylan Ayrey
f13fe36ae2
adding azure storage detector (#1840)
* adding azure storage detector

* Fix variable name

* Escape regex

* fix test fields and update expected status code

---------

Co-authored-by: counter <counter@counters-MacBook-Air.local>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-10-02 13:45:45 -07:00
Ankush Goel
faf46175e4
added Web3 Storage detector (#1789)
* added Web3 Storage detector

* fixed the regex

* removed test and disabled token
2023-09-27 12:09:39 -05:00
Marwan Sulaiman
3aa5369608
Add Tailscale detector (#1719)
* Add tailscale detector

* PR feedback: match on first element
2023-09-07 19:11:17 -07:00
s.shivasurya
6695cf1dce
added sourcegraph token verification detection (#1730) 2023-08-31 08:47:13 -07:00
Zubair Khan
519646342e
add snowflake detector (#1653)
Detect Snowflake secrets (compound URI of account, username, password) and enrich Secret Result with account and databases that the secret has access to.
2023-08-24 13:29:58 -04:00
Zubair Khan
62d359eba4
add salesforce detector (#1608)
* setup

* update time out case to return detector result

* fix

* remove unneeded comment

* remove debug print

* cleanup

* more robust error handling

* reflect new detector template changes

* fixes

* mark response body check err as indeterminate
2023-08-16 10:42:04 -04:00
Zubair Khan
ea6e8b6bb5
add huggingface detector (#1621)
* init huggingface detector

* completed test
2023-08-14 14:22:04 -04:00
Bill Rich
0c7ed19270
Github Oauth2 verification (#1584)
* Github Oauth2 verification

* Use prefix and include RawV2

* Make gh_oauth2 a new detector

* Remove unused struct

* Remove versioner

* Remove unused code
2023-08-02 11:16:40 -07:00
Brandon Yan
8fad5fff79
add dockerhub scanner (#1496)
* add dockerhub scanner

* clean

* clean and fix regex logic and tests

* check length of userMatches before access

* Use camelcase.

---------

Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-19 09:26:28 -07:00
Zubair Khan
be549a7287
add thog enterprise detector for web keys (#1448)
* saving progress

* proto changes

* run make protos

* verify response, add test case

* resolve linter warning about unescaped . in regex pattern

* resolve overlapping proto number
2023-07-18 09:53:12 -04:00
Brandon Yan
9af31f00a9
add envoy api key scanner (#1482)
* add envoy api key scanner

* Use detectors4.

---------

Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-16 16:46:28 -07:00
Cody Rose
b803a0f701
Report indeterminacy in AWS verifier (#1480) 2023-07-11 15:50:31 -04:00
Cody Rose
87058dd7fa
Add new verification error message field (#1463) 2023-07-10 11:15:40 -04:00
Zubair Khan
f52946b996
Add Couchbase Detector (#1385)
* init

* add detector type

* rotate leaked credentials

* tighten up username pattern

* isolated prefixregex as overrriding new line stuff

* passwordPat working now

* add username test

* fix edge case

* cleanup

* make linter happy

* make linter happy rd 2

* skip error logging

* fix test

* add password regex helper func

* make test more robust

* cleanup PR

* remove comments

* clarify prepend rationale
2023-06-26 14:37:10 -04:00
Zubair Khan
dfb1a0cd38
Add DocuSign detector (#1382)
* init

* look for client id and client secret, encode them for basis auth

* add tests

* test without checking the contents of response

* confirm access_token exists

* cleanup test

* explain in code that an undocumented grant_type is used

* remove use of deprecated ioutil, remove dead code, return errors instead of just logging

* directly pull access token

* update error text, remove redundant body close()

* import new detector into defaults
2023-06-08 13:34:50 -04:00
vickygoel
4c04bbbe85
added pulumi cloud Access token detector (#1295)
* added pulumi cloud Access token detector

* removed accidentally committed tokens

* added the databricks token detection

* made recommended changes

* added supabase management api token

* nuget api key detector

* added aiven.io token detector

* added prefect.io api key detector

* update protos.

---------

Co-authored-by: Developer <garg47294+1@gmail.com>
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-05-11 09:08:48 -07:00