Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-09-20 22:51:55 +00:00
Code Issues Projects Releases Packages Wiki Activity
2708 commits 123 branches 240 tags 83 MiB
Commit graph

2708 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ankush Goel
ab896890b4
fixed helpscout detector regex and verifier (#2056) 2023-11-02 14:20:26 -05:00
Ankush Goel
965a274de9
Detector-Competition-Fix: fixed regex for databricks domain and fixed tests (#1965) 
* fixed regex for domain and fixed tests

* fixed regex

* fixed an issue with regex subgrouping

* made recommended changes

* made recommended changed

* fixed RawV2
 2023-11-02 11:26:31 -05:00
Ankush Goel
b6469f23ac
modified regex (#2033) 2023-11-02 11:24:37 -05:00
dylanTruffle
4106ce7bf0
Detector-Competition-Feat: Adding Azure Container Registry Password Detector (#1958) 
* implementing azure container registry password detector

* Fixing boundry feedback

* whoops

* update verification code

* fix regex

---------

Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-11-02 11:17:01 -05:00
Corben Leo
07f6c84aa4
Detector-Competition-Fix: Fix SentimentInvestor (deprecated) (#2078) 2023-11-01 11:54:40 -05:00
Miccah
9d6bc8c504
Refactor git source to support scanning units (#2083) 2023-11-01 09:52:58 -07:00
Miccah
52600a897a
[chore] Replace chunks channel with ChunkReporter in git based sources (#2082) 
ChunkReporter is more flexible and will allow code reuse for unit
chunking. ChanReporter was added as a way to maintain the original
channel functionality, so this PR should not alter existing behavior.
 2023-11-01 09:22:44 -07:00
ahrav
d55cb56db4
update comment (#2084) 
update Cache.Contents() comment
 2023-11-01 07:36:22 -07:00
Cody Rose
7197e4b3f1
use rawv2 for pubnubpublish (#2062) 
We're seeing secrets of this type flap between verified and unverified, which is expected behavior for multipart secrets without RawV2 defined. This PR adds RawV2 for secrets of this type.
 2023-11-01 10:14:28 -04:00
ahrav
95e0090bc2
[chore] - correctly handle input shorter than 512 bytes (#2077) 
* correctly handle input shorter than 512 bytes

* add tests

* reorder tests

* add another test case

* update test

* address comment
 2023-10-31 16:42:42 -07:00
ahrav
89b6315e19
[chore] - add binutils dep to dockerfile (#2061) 
* add binutils dep to dockerfile

* add cpio

* add dep
 2023-10-31 16:40:19 -07:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
74a56de831
update braintreepayments detector to tri-state verification (#1834) 
* update braintreepayments detector to tri-state verification

* Update pkg/detectors/braintreepayments/braintreepayments.go

Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>

* small nits

* small nits

---------

Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-10-31 16:13:48 -04:00
dylanTruffle
8bac2b15ba
Detector-Competition-Feat: Adding Azure Batch keys (#1956) 
* adding azure batch

* fmt

* fix lint

---------

Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-10-31 10:49:04 -05:00
dylanTruffle
499cb64546
Detector-Competition-Fix: Fix redis to now support SSL, and look for azure redis connection strings (#1957) 
* adding azure redis, and fixing the old detector to support ssl too

* fix?

* other way

---------

Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: Zachary Rice <zachary.rice@trufflesec.com>
 2023-10-31 10:17:55 -05:00
Corben Leo
a4fd17c9d1
Detector-Competition-Fix: Fix AppFollow Detection & Verification (#1933) 
* Detector-Competition-Fix: Fix AppFollow Detection & Verification

* fix(regex): update jwt regex for appfollow
 2023-10-31 09:43:20 -05:00
ahrav
a9b056de0a
Centralize logic for checking archive extraction tools (#2063) 
* Centralize logic for checking archive extraction tools

* simplify
 2023-10-30 20:14:51 -07:00
Miccah
57203a56cd
[chore] Fix SourceManager flaky test (#2059) 
* [chore] Fix SourceManager flaky test

Sorting by EndTime is not deterministic, however sorting by StartTime
should be. StartTime is set in a goroutine that's limited by
WithConcurrentUnits, so it should happen in order that the units are
received.

* Sort by unit ID
 2023-10-30 19:16:55 -07:00
Cody Rose
e58a2913ea
Support multiple custom detectors (#2064) 
#1711 accidentally removed the ability to support multiple custom detectors. This PR partially adds back this capability: Multiple custom detectors are now supported overall, but only one custom detector can be returned for a given keyword match.
 2023-10-30 18:17:17 -04:00
Corben Leo
de4a14b3f9
Detector-Competition-Fix: Fix SalesBlink Detection & Verification (#1950) 2023-10-30 16:10:24 -05:00
Damanpreet Singh
244ba3a214
Detector-Competition-Fix: Update formio regex to match Jwt token (#1935) 2023-10-30 16:08:19 -05:00
Corben Leo
6a15cd8f30
Detector-Competition-Fix: Fix Bitcoin Average detector (#1929) 2023-10-30 16:02:30 -05:00
Corben Leo
509fc6c0eb
Detector-Competition-Fix: Fix currencycloud.com API key (#1917) 
* Detector-Competition-Fix: Fix currencycloud.com API environment

* Detector-Competition-Fix: Fix currencycloud.com API environment

* fix(env): update environment
 2023-10-30 15:56:30 -05:00
Cody Rose
45059864f8
Re-add detector version (#2060) 
#2010 mistakenly removed detector version tracking from the Aho Corasick wrapper. This PR re-adds it.
 2023-10-30 15:34:33 -04:00
Dustin Decker
3c2270ae65
update kingpin import (#2053) 2023-10-30 10:58:38 -07:00
Dustin Decker
05fae156e1
Add TravisCI source (#1877) 
* Add TravisCI source

* update test to use sourcestest

* Remove jobPage loop

ListByBuild does not support pagination, so this was infinitely
repeating. https://developer.travis-ci.com/resource/jobs#find

* Continue chunking on error

* review updates

* update readme

---------

Co-authored-by: Miccah Castorina <m.castorina93@gmail.com>
 2023-10-30 07:28:25 -07:00
Cody Rose
876a55821b
Remove verify flag from Aho-Corasick core (#2010) 
The Aho-Corasick wrapper we have tracks information about whether verification should be enabled on an individual detector basis, but that functionality isn't related to the matching functionality of Aho-Corasick, and including it complicates the implementation. This PR removes it to simplify some things.

This PR removes some code that supported a potential future implementation of detector-specific verification settings, but that feature has not actually been implemented yet, so there's no loss of functionality. If we want that feature we can add it back on top of this in a more separated way.
 2023-10-30 09:52:51 -04:00
Ankush Goel
2a66d4117a
adding 'token' keyword to regex for github_old (#2037) 2023-10-29 20:45:35 -07:00
renovate[bot]
efe772331c
Update module github.com/go-git/go-git/v5 to v5.10.0 (#2023) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 18:01:01 -07:00
Damanpreet Singh
7a9332152a
Detector-Competition-Feat: Added Reply.io API token detector (#2019) 
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
 2023-10-29 17:57:36 -07:00
renovate[bot]
9a04208555
fix(deps): update module sigs.k8s.io/yaml to v1.4.0 (#2047) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 17:42:18 -07:00
Damanpreet Singh
0068ec54f2
Detector-Competition-Feat: Added Stripo API token detector (#2018) 
* Detector-Competition-Feat: Added Stripo API token detector

* adjust regex

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
 2023-10-29 17:26:14 -07:00
Richard Gomez
0427985ebe
feat: deno deploy detector (#2040) 
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
 2023-10-29 16:58:00 -07:00
renovate[bot]
a9cc772061
Update module google.golang.org/api to v0.148.0 (#2045) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 16:56:53 -07:00
renovate[bot]
e0e5e185c2
Update module go.uber.org/zap to v1.26.0 (#2044) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 16:43:18 -07:00
renovate[bot]
895cb7a86c
Update module github.com/launchdarkly/go-server-sdk/v6 to v6.1.1 (#2043) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 16:42:59 -07:00
renovate[bot]
89a258cb02
Update module github.com/snowflakedb/gosnowflake to v1.6.25 (#2042) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 16:28:36 -07:00
renovate[bot]
d12050c061
Update module github.com/xanzy/go-gitlab to v0.93.2 (#2031) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 15:43:34 -07:00
renovate[bot]
eff52138de
Update module go.uber.org/mock to v0.3.0 (#2038) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 15:43:07 -07:00
Richard Gomez
aee28ca92f
Update github.com/bodgit/sevenzip to v1.4.3 (#2039) 2023-10-29 15:42:17 -07:00
Damanpreet Singh
3ffc0dfd22
Detector-Competition-Feat: Added Budibase API token detector (#2016) 2023-10-29 10:12:45 -07:00
renovate[bot]
5058cadc44
Update module github.com/prometheus/client_golang to v1.17.0 (#2029) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-29 08:53:41 -07:00
Damanpreet Singh
52b3c99868
Detector-Competition-Feat: Added LemonSqueezy API token detector (#2017) 
* Detector-Competition-Feat: Added LemonSqueezy API token detector

* fix regex

---------

Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
 2023-10-28 15:03:14 -07:00
renovate[bot]
eb6855b9e4
Update module github.com/rabbitmq/amqp091-go to v1.9.0 (#2030) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 13:11:35 -07:00
renovate[bot]
4acbf6d917
Update module github.com/hashicorp/golang-lru to v0.6.0 (#2028) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 12:25:15 -07:00
renovate[bot]
bee593c93d
Update module github.com/google/uuid to v1.4.0 (#2027) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 12:24:44 -07:00
renovate[bot]
52e2673aed
Update module github.com/google/go-containerregistry to v0.16.1 (#2026) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 10:50:05 -07:00
renovate[bot]
791297ff18
Update module github.com/getsentry/sentry-go to v0.25.0 (#2022) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 09:25:42 -07:00
renovate[bot]
fb5f711bbf
Update module github.com/go-logr/logr to v1.3.0 (#2025) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 09:25:27 -07:00
renovate[bot]
3674364700
Update module github.com/charmbracelet/lipgloss to v0.9.1 (#2015) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 09:06:50 -07:00
renovate[bot]
93b134f4fb
Update module github.com/bradleyfalzon/ghinstallation/v2 to v2.8.0 (#2014) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-28 08:50:51 -07:00