Dustin Decker
c2ae31d060
Make AzureDevopsPersonalAccessToken verification more robust ( #2359 )
...
* Make AzureDevopsPersonalAccessToken verification more robust
* fix snifftest
2024-02-01 08:40:44 -08:00
roxanne-tampus
143e275272
update azure test files to check rawV2 ( #2353 )
2024-01-31 08:36:52 -08:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
7ece4c3e66
Detectors Updates 1 for Tristate Verification ( #2187 )
...
* updating alibaba
* updating agora
* updating aeroworkflow
* updating aha
* updating artifactory
* updating abbysale
* updating abstract
* updating abuseipdb
* updating accuweather
* updating adafruitio
* updating adzuna
* cleanup on abuseipdb
* cleanup on aha
* cleanup on abuseipdb
* cleanup on aeroworkflow
* cleanup on adzuna
* cleanup on accuweather
* cleanup/refactor
* update token pattern to be explicitly 73char (old) or 64char (new)
* comment to clarify 403 on Aha
* mocking out verified case for aha + adding inactive account test
* using contact response instead of gock
* update 403 to be determinate
2024-01-30 12:20:56 -05:00
Richard Gomez
232032410c
feat(detectors): update template ( #2342 )
2024-01-29 21:21:23 -08:00
Dustin Decker
7befefd369
Improve fp ignore logic ( #2351 )
...
* forgot field change
* use aho corasick for filter
* reduce wordlist sensitivity
2024-01-29 11:28:46 -08:00
roxanne-tampus
303e191f38
added azuresearchquerykey detector ( #2349 )
...
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-29 10:19:51 -08:00
roxanne-tampus
06b7ebf824
added azuresearchadminkey detector ( #2348 )
...
* added azuresearchadminkey detector
* additional update
* update import
* fix raw fields for new detectors and entropy check
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-29 09:55:46 -08:00
roxanne-tampus
83dc986b07
added azurefunctionkey detector ( #2337 )
...
* added azurefunctionkey detector
* update raw field to include url
* clean up and added prefix on key pattern
* update bench script
* update imports, snifftest, and gen proto
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-29 09:20:33 -08:00
faktas2
76fcdae3a0
Add the new MaxMind license key format ( #2181 )
...
* Add the new MaxMind license key format
* feedback
* reorg rules
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-26 11:49:47 -08:00
Dustin Decker
3a6cfd9d97
Prevent print or logging in detectors ( #2341 )
...
* Prevent print or logging in detectors
* mount repo
* update job name
2024-01-26 11:39:41 -08:00
ahrav
41cfec4e1c
make sure to close connections after testing ( #2343 )
2024-01-26 09:24:06 -08:00
Dustin Decker
f078df43eb
Fix test ( #2339 )
2024-01-25 23:15:37 -08:00
Zubair Khan
76057618ba
add tri-state verification to yelp ( #1736 )
...
* init yelp tri state
* fix detector and test
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-25 22:28:16 -08:00
Richard Gomez
c6f73a7d10
Update DockerHub detector logic ( #2266 )
...
* feat(dockerhub): update logic
* updates
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-25 22:02:36 -08:00
Richard Gomez
d4a0645c29
Add Google oauth2 token detector ( #2274 )
...
* feat(google): add oauth2 token detector
* update pr
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-25 21:32:03 -08:00
joeleonjr
792266afa9
updating doppler logic ( #2329 )
...
* updating doppler logic
* added json response struct
2024-01-24 12:20:33 -05:00
roxanne-tampus
47c6539a41
added azuredevopspersonalaccesstoken detector ( #2315 )
...
* added azuredevopspersonalaccesstoken detector
* fix comment
* update raw field to include all parts of the credential
---------
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2024-01-23 20:46:51 -08:00
ahrav
e44802a31d
[feat] - Replace regexp pkg w/ go-re2 in detectors ( #2324 )
...
* update detectors to use go-re regex library replacement
* update go mod and sum
* add tests with invalid utf-8
* revert
2024-01-23 13:16:22 -08:00
Cody Rose
e0a1b11a8e
Narrow Postgres detector to only look for URIs ( #2314 )
2024-01-23 14:42:31 -05:00
joeleonjr
443ef98e41
updating detector logic for zenscrape ( #2316 )
...
* updating detector logic for zenscrape
* updating to use status endpoint
2024-01-22 16:57:51 -05:00
ahrav
b0fd951652
[chore] - Add regex and keyword for api_org tokens ( #2240 )
...
* Add regex and keyword for api_org tokens.
* handle org token auth struct
* update keywords
2024-01-16 15:25:26 -08:00
dylanTruffle
3b4518cbab
adding postgres detector ( #2108 )
...
* adding postgres detector
---------
Co-authored-by: Chair <chair@Chairs-MacBook-Pro.local>
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2024-01-10 16:19:45 -05:00
Richard Gomez
04bf244f38
fix(signable): ignore common false positives ( #2230 )
2024-01-09 17:53:25 -08:00
Richard Gomez
38f36475de
fix(parseur): ignore false positives ( #2229 )
2024-01-09 17:50:30 -08:00
Shivasurya
e5289ac8e4
Updated trufflehog sourcegraph secret format ( #2254 )
2024-01-06 08:48:41 -08:00
NIKHIL PANWAR
7365dba9c9
Update stripe detector regex ( #2261 )
2024-01-06 08:43:39 -08:00
Dustin Decker
6b90a96ca0
Add missing import ( #2246 )
2023-12-19 16:40:31 -08:00
Richard Gomez
69d5e0c993
fix(snowflake): avoid extraneous attempts ( #2057 )
...
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-12-19 16:04:08 -08:00
Richard Gomez
97afd570ae
feat(github): update extradata ( #2219 )
2023-12-19 16:01:07 -08:00
Richard Gomez
eeb4dbd304
feat(shortcut): use tri-state verification ( #2211 )
2023-12-17 15:47:14 -08:00
Richard Gomez
ded8e459bd
feat(huggingface): enhance extradata ( #2222 )
2023-12-17 14:29:45 -08:00
Richard Gomez
69a70a3374
fix(myfreshworks): check for valid JSON ( #2212 )
2023-12-17 10:26:38 -08:00
Richard Gomez
06b137fd93
fix(gitlab): check for valid JSON ( #2218 )
2023-12-14 11:22:06 -08:00
Miccah
4db20e29f8
Update metabase verification to check for a valid JSON response ( #2210 )
...
* Update metabase verification to check for a valid JSON response
* added test tokens + cleanup
---------
Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2023-12-13 12:18:56 -08:00
Miccah
84b7461796
[chore] Remove unnecessary string conversion in tefter detector ( #2209 )
2023-12-13 11:39:16 -08:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
6987507534
fix and refactor browserstack detector ( #2208 )
...
* fix and refactor browserstack detector
2023-12-12 16:14:31 -05:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
5e3ea1a8f2
Fix azurestorage detector ( #2207 )
...
* bugfix + cleanup - update azurestorage detector raw string to use key instead of id
2023-12-12 16:07:09 -05:00
Cody Rose
405f356071
Use bad json in slackwebhooks ( #2193 )
...
* add rotation guides to SlackWebhook tests
* begin cleaning up tests
* have slack webhook detector use malformed json
* update test secrets
---------
Co-authored-by: Ahrav Dutta <ahrav.dutta@trufflesec.com>
2023-12-11 15:04:55 -08:00
Richard Gomez
6c5fc2f212
feat(privatekey): run checks concurrently ( #2139 )
2023-12-10 10:11:17 -08:00
ahrav
f772fd8b44
update regex ( #2184 )
2023-12-06 17:04:38 -08:00
Dustin Decker
3167dde8a1
Deprecate some detectors ( #2186 )
2023-12-06 16:57:55 -08:00
ahrav
c6e9b8ff64
use https for verification endpoints ( #2185 )
2023-12-06 16:06:04 -08:00
dylanTruffle
96aa50d119
fixing how to rotate URL ( #2183 )
2023-12-06 11:59:21 -08:00
āh̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d
11394ea318
[thog-1548] add auto redaction for verification errors ( #2106 )
...
* Updating VerificationError to have auto redaction logic
* find/replace error
2023-12-05 08:57:52 -05:00
ahrav
c34efc3cf9
make empty slice delcration consistent ( #2144 )
2023-12-01 11:03:44 -08:00
ahrav
279f915799
[chore] - fix error comparisons ( #2142 )
...
* fix error comparisons
* fix imports
2023-12-01 08:32:41 -08:00
ahrav
52ffab1034
[chore] - fix import name clashes ( #2143 )
...
* fix import name clashes
* fix missing var
2023-12-01 06:53:15 -08:00
Dustin Decker
a367f9ce34
Fix azure panic when invalid URL is constructed ( #2137 )
2023-11-30 11:33:04 -08:00
Zachary Rice
d552222385
add extradata nil check and use make ( #2129 )
...
* add extradata nil check and use make
* remove some lines
2023-11-28 09:45:37 -06:00
Richard Gomez
62c628fb52
feat(telegram): add username to extradata ( #2100 )
2023-11-20 14:00:09 -08:00