Commit graph

1643 commits

Author SHA1 Message Date
Bill Rich
cda88ebdf0
Adjust regex and add tests (#1602) 2023-08-03 15:11:45 -07:00
Cody Rose
d763097fdf
implement indeterminate LDAP verification (#1574)
This PR implements tri-state verification for the LDAP detector. This implementation looks for network errors to explicitly flag as indeterminate, rather than authentication errors to explicitly flag as determinate; this is because the error that occurs from authentication failures doesn't appear to have its own type and I didn't want to have to match on the error message text.
2023-08-03 14:02:31 -04:00
Bill Rich
0c7ed19270
Github Oauth2 verification (#1584)
* Github Oauth2 verification

* Use prefix and include RawV2

* Make gh_oauth2 a new detector

* Remove unused struct

* Remove versioner

* Remove unused code
2023-08-02 11:16:40 -07:00
Bill Rich
1cf419e478
Expand paypal regex (#1599) 2023-08-02 10:58:32 -07:00
Zubair Khan
0ad46381d9
tighten up regex pattern for timezoneapi (#1591)
* tighten up regex pattern

* add response body check
2023-08-01 17:30:29 -04:00
ahrav
b8c43ea58f
Fix VirusTotal deetector (#1585) 2023-08-01 05:41:18 -07:00
Cody Rose
7d2f126411
add tri-state verification to mongodb detector (#1575) 2023-07-31 18:23:35 -04:00
ahrav
661c6b47b7
[bug] - fix shodan detector (#1579)
* fix shodan detector.

* fix import order.
2023-07-31 11:12:52 -07:00
Miccah
32e3f1f015
Fix pubnub regular expression (#1565)
One of the sub-groups of the UUIDv4 was missing the characters 0-9.
2023-07-31 11:37:25 -05:00
Cody Rose
61bee6c8b1
Identify transient AWS verification failures (#1563)
It turns out that GetCallerIdentity returns a surprising quantity of transient, false-negative 403 responses that carry the SignatureDoesNotMatch error reason. I don't know why this is happening, but their transient nature makes them indeterminate verification failures and they should be flagged as such. The AWS detector has therefore been modified to specifically look for the InvalidClientTokenId error reason in 403 responses and mark all other responses as indeterminate.

In addition to the functional changes this PR contains some updates to the test code that allow us to test them.
2023-07-31 12:06:11 -04:00
Cody Rose
431d26f5fa
move false positive check in alchemy detector (#1532)
This PR makes the Alchemy detector run its known false positive check even if verification is disabled. This isn't the most important detector but it's the template for new ones so getting a good pattern nailed down is important.

Moving the check allowed me to rewrite the determinacy logic to hopefully be more clear.
2023-07-28 11:36:02 -04:00
Richard Gomez
f925da7cea
fix(mongodb): detect CosmoDB access keys (#1511)
https://learn.microsoft.com/en-us/microsoft-365/compliance/sit-defn-azure-cosmos-db-account-access-key?view=o365-worldwide
2023-07-26 16:50:12 -05:00
Zachary Rice
85f363f093
init (#1538) 2023-07-24 19:09:57 -05:00
Miccah
93c561f324
Add match boundary to okta regular expressions (#1531) 2023-07-24 10:52:50 -05:00
Cody Rose
ebf1038392
Support indeterminacy in alchemy and update detector docs (#1510) 2023-07-21 14:50:14 -04:00
Cody Rose
06a562688d
capture json error (#1509) 2023-07-21 10:44:47 -05:00
Cody Rose
20b7793828
JDBC indeterminacy (#1507)
This PR adds an indeterminacy check to the JDBC verifiers.
2023-07-19 16:57:57 -04:00
Brandon Yan
8fad5fff79
add dockerhub scanner (#1496)
* add dockerhub scanner

* clean

* clean and fix regex logic and tests

* check length of userMatches before access

* Use camelcase.

---------

Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-19 09:26:28 -07:00
Cody Rose
cb1a63a4e2
unify JDBC detector ping logic (#1506)
Previously, the various JDBC detectors would independently try to verify credentials by a process of trying various permutations of candidates one-by-one. The upcoming tri-state verification work will need to add sophistication to this process in the same way for each one, so this PR first combines all of the logic so it can be upgraded in a single spot.
2023-07-19 11:45:56 -04:00
Zubair Khan
be549a7287
add thog enterprise detector for web keys (#1448)
* saving progress

* proto changes

* run make protos

* verify response, add test case

* resolve linter warning about unescaped . in regex pattern

* resolve overlapping proto number
2023-07-18 09:53:12 -04:00
Brandon Yan
cab416b533
add launch_darkly keyword to launchdarkly scanner (#1495) 2023-07-17 14:05:58 -05:00
Cody Rose
ee814a67bd
tweak jdbc redaction (#1490)
JDBC redaction could fail in some irritating edge cases involving passwords that contain the @ character. The logic has been tweaked to eliminate these cases and some tests have been added.
2023-07-17 11:04:12 -04:00
Brandon Yan
9af31f00a9
add envoy api key scanner (#1482)
* add envoy api key scanner

* Use detectors4.

---------

Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-07-16 16:46:28 -07:00
trufflesteeeve
d03a74776e
Fix URI detector false results when the redacted password has been URL encoded (#1489) 2023-07-14 13:35:50 -04:00
Brandon Yan
aab8fddc67
fix twilio verification side effect (#1494)
change POST request to GET request
2023-07-13 17:48:51 -07:00
Cody Rose
a123d5c5e1
do not report 403s as indeterminate in AWS detector (#1481) 2023-07-11 16:35:23 -04:00
Cody Rose
b803a0f701
Report indeterminacy in AWS verifier (#1480) 2023-07-11 15:50:31 -04:00
Zachary Rice
d4972313ff
remove old detector (#1474) 2023-07-10 13:02:19 -05:00
Cody Rose
87058dd7fa
Add new verification error message field (#1463) 2023-07-10 11:15:40 -04:00
Zubair Khan
b38857edb4
fix missing api key, tighten up regex pattern, use response body check (#1438) 2023-07-06 16:35:52 -04:00
Richard Gomez
23757dbe0a
remove image4 detector (#1461) 2023-07-06 12:56:09 -07:00
Zachary Rice
a99d89d711
fix typo (#1452) 2023-07-05 14:14:18 -05:00
Zachary Rice
8a508e6bcd
Add missing keywords for sqlserver (#1449) 2023-07-05 11:12:19 -05:00
roxanne-tampus
00920984e3
added opsgenie detector (#650)
* added opsgenie detector

* update interface and import

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-06-27 16:43:25 -07:00
Zubair Khan
d6375ba921
verify response body with expected keywords (#1419)
* verify response body with expected keywords

* remove debug log

* add extra test case

* migrate from ioutil to io

* close body and only check for one keyword

* cleanup
2023-06-27 11:46:15 -04:00
Miccah
8ea49de490
Don't return on okta credential failed verification (#1432) 2023-06-27 09:21:39 -05:00
Zubair Khan
f52946b996
Add Couchbase Detector (#1385)
* init

* add detector type

* rotate leaked credentials

* tighten up username pattern

* isolated prefixregex as overrriding new line stuff

* passwordPat working now

* add username test

* fix edge case

* cleanup

* make linter happy

* make linter happy rd 2

* skip error logging

* fix test

* add password regex helper func

* make test more robust

* cleanup PR

* remove comments

* clarify prepend rationale
2023-06-26 14:37:10 -04:00
Chris Atkin
6e6895b48e
Update Slack webhook error text for verification (#1427)
This updates the matched error text to determine the verified status of a Slack webhook, as this has been updated on Slack's API.
2023-06-26 08:44:17 -07:00
Zubair Khan
cd67f6bf16
prevent www from being a key to prevent fp (#1418) 2023-06-25 11:55:11 -04:00
Dustin Decker
eeefde1ec9
Ensure results are collected correctly when verification is off, and dedupe twilio (#1420) 2023-06-23 14:14:08 -07:00
dillonstreator
648ef3b52c
fix spelling errors (#1413) 2023-06-21 07:15:28 -07:00
Zubair Khan
0c3410c5cd
add new key pat for mailgun detector (#1375)
* add new detector key pat for mailgun

* resolve mailgun issue

* remove unused tokenPat and commented strings import

* fix closing bracket issue
2023-06-20 19:14:56 -04:00
Dustin Decker
ca1947291b
Update sqlserver redaction, deduplication, and URI redaction (#1369)
* Update sqlserver redaction, deduplication, and URI redaction

* don't use pointer
2023-06-09 11:06:54 -07:00
Zubair Khan
dfb1a0cd38
Add DocuSign detector (#1382)
* init

* look for client id and client secret, encode them for basis auth

* add tests

* test without checking the contents of response

* confirm access_token exists

* cleanup test

* explain in code that an undocumented grant_type is used

* remove use of deprecated ioutil, remove dead code, return errors instead of just logging

* directly pull access token

* update error text, remove redundant body close()

* import new detector into defaults
2023-06-08 13:34:50 -04:00
ahrav
ce4a1fd7e6
[chore] - fix test (#1383)
* fix test.

* fix import order.

* fix twilio test.
2023-06-06 18:58:00 -07:00
ahrav
8b7c50825e
update detector regex. (#1368) 2023-06-01 08:16:18 -07:00
Dustin Decker
5358ed776b
fix mockaroo fps (#1370)
* fix mockaroo fps

* fix test
2023-05-30 20:58:41 -07:00
Tim Strazzere
cbfbf5335e
Add Data member to ResultsMetadata struct. (#1358)
When a Result is emitted, it should include
the `chunk.Data []byte` so that we can utilize
the blob of data which caused the result.

This makes it so something catching the results
does not have to maintain a collection of chunks
to correlate the two together.
2023-05-24 09:21:41 -07:00
Brendan Shaklovitz
3ab864aca9
Make OpenAI regex more specific (#1345) 2023-05-22 07:39:18 -07:00
ahrav
0c386220dd
[chore] - Use correct detector proto (#1347)
* Use correct detector proto.

* sort imports.
2023-05-18 15:12:38 -07:00
RuchitaKshirsagarTR
f831b62a3f
Update generic.go (#1343)
Generic API keys like shown in the example below is getting excluded:
api_key=9e107d9d372bb6826bd81d3542a419d6 because of following regex patterns:

\b[A-Fa-f0-9]{32}\b
\b[A-Fa-f0-9x]{6,99}\b

The base64 decoding logic is getting hit and NOT returning an error, and thus it continues thinking it is base64 decoded.
2023-05-17 13:30:40 -07:00
ahrav
e81b908e07
Add buildkitev2 detector for newer tokens. (#1341) 2023-05-15 12:58:36 -07:00
vickygoel
4c04bbbe85
added pulumi cloud Access token detector (#1295)
* added pulumi cloud Access token detector

* removed accidentally committed tokens

* added the databricks token detection

* made recommended changes

* added supabase management api token

* nuget api key detector

* added aiven.io token detector

* added prefect.io api key detector

* update protos.

---------

Co-authored-by: Developer <garg47294+1@gmail.com>
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2023-05-11 09:08:48 -07:00
Brendan Shaklovitz
87f3f27dab
Fix SquareApp detector type return value (#1322)
* Change SquareApp detector type to report as SquareApp instead of
  Square.
2023-05-04 10:25:20 -07:00
ahrav
deb0f63d25
Update regex. (#1328) 2023-05-04 10:23:13 -07:00
Jason Solis
c13c56283d
add tineswebhook detector (#1304) 2023-05-01 07:48:58 -07:00
Miccah
b1675194ca
Implement EndpointCustomizer (#1291)
* Implement EndpointCustomizer

Add the EndpointCustomizer interface and EndpointSetter convenience struct,
implement EndpointCustomizer for github and gitlab detectors, and add
parsing, verification, and applying user-supplied configuration.

* Check error from SetEndpoints

* Rename variable for clarity
2023-04-27 12:23:50 -05:00
Aman Sakhuja
2a3f8942ee
Fixed contentfulpersonalaccesstoken regex (#1199) 2023-04-26 14:32:36 -07:00
Shabbir B
d1cbc54fc6
Updated BrowserStack detector endpoint (#1290)
Updated endpoint
2023-04-26 08:59:24 -07:00
ahrav
15ed428e28
update jira detector. (#1288) 2023-04-25 17:26:51 -07:00
Shabbir B
6f801f64c7
Added a new detector for percy.io (#1284)
* Feature: Added a new detector for percy.io

* Updated variable name

---------

Co-authored-by: ahrav <ahravdutta02@gmail.com>
2023-04-25 13:18:34 -07:00
Dustin Decker
3485a6dab1
improve sqlserver detection and testing (#1285)
* improve sqlserver detection and testing

* add data source keyword
2023-04-25 11:00:37 -07:00
Yassine Ilmi
a002ba9a75
Add RawV2 Results to the JSON Output (#1273)
* Add RawV2 to JSON Output

* Adding RawV2 results to Azure, Datadog and GCP Detectors
2023-04-20 16:31:53 -07:00
Dustin Decker
e217e2fbfd
Ensure multipart credentials are deduplicated correctly (#1271)
* Ensure multipart credentials are deduplicated correctly

* update tests
2023-04-20 15:07:59 -07:00
Bill Rich
a6902ae9cb
Add configurable detectors (#1139)
* JDBC detector ignore patterns

* Remove newline

---------

Co-authored-by: Bill Rich <bill.rich@trufflesec.com>
2023-04-20 11:44:28 -07:00
ahrav
f107e1b497
Use defautl endpoints when no custom verifier provided. (#1242) 2023-04-06 08:35:01 -07:00
Dustin Decker
20d5683199
fix linting step (#1235) 2023-04-03 13:21:58 -07:00
Batuhan Ceylan
9b941efa1a
Bump go from 1.18 to 1.20 (#1230)
* Bump `go` from `1.18` to `1.20`

* satisfy linter

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-03-31 14:37:03 -07:00
Bill Rich
762641d970
Add DetectorName to Result (#1223)
* Add DetectorName to Result

* Use GetName method instead of Name
2023-03-30 09:40:05 -07:00
ahrav
0052f60090
Allow for custom verifier (#1070)
* allow for custom verifier.

* Update engine.

* use custom detectors.

* set cap.

* Update verifiers.

* Remove nil check.

* resolved nit

* handle uppercase values

* updating missing url logs

* adding more descriptive variable names

* updating logs to use correct variables

* Removing toLower for urls

* if else nits

* Adding versioning for github and gitlab

---------

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
Co-authored-by: ah̳̕mͭͭͨͩ̐e̘ͬ́͋ͬ̊̓͂d <13666360+0x1@users.noreply.github.com>
2023-03-29 12:26:39 -07:00
Gobind Singh
66eb87f414
Update verification endpoint (#1179) 2023-03-29 06:41:27 -07:00
Zachary Rice
c4f08e3f17
Run golang lint on entire repo instead of patches (#1214)
* lint on all branches to catch warnings earlier

* lint entire source on PRs

* fix lint
2023-03-28 15:01:44 -05:00
Dustin Decker
31d5655308
Fix OpenAI test (#1186)
* Add OpenAI Detector

* Add OpenAI Detector tests

* Add OpenAI Detector to defaults.go

* Removing references to github detector in tests

* update test

---------

Co-authored-by: Yassine Ilmi <Yassine.Ilmi@thomsonreuters.com>
2023-03-27 10:07:57 -07:00
garg472
3e4496156c
added new detectors and fixed mesibo detector (#1166)
* added new detectors and fixed mesibo detector

* added bscscan.com API detector

* added coinmarketcap detector

* update alchemy

* update blocknative

* update bscscan test

* update cmc test

* update tests

---------

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-03-16 18:57:08 -07:00
Yassine Ilmi
d382d5cb1c
Add OpenAI API Tokens detector (#1142)
* Add OpenAI Detector

* Add OpenAI Detector tests

* Add OpenAI Detector to defaults.go

* Removing references to github detector in tests
2023-03-16 17:58:22 -07:00
raju-kamble
3c1bb45bfb
updating browserstack detector user and key PrefixRegex strings (#1176)
Co-authored-by: raju-bs <raju@browserstack.com>
2023-03-16 08:41:29 -07:00
trufflesteeeve
2b1c42ceb1
Make slack webhook detector regex more specific (#1168)
* Make slack webhook detector regex more specific

* fixup - add better body contains check
2023-03-10 14:01:10 -08:00
Miccah
e6846ede54
Support filtering detectors by version (#1150)
* Adjust types to use DetectorID struct

* Parse versions with detector include and exclude input

* Update detectors filter to use version

Co-authored-by: steeeve <steve@trufflesec.com>

* Implement Versioner for github, gitlab, and npm detectors

Co-authored-by: steeeve <steve@trufflesec.com>

---------

Co-authored-by: steeeve <steve@trufflesec.com>
2023-03-02 16:33:56 -06:00
Miccah
3870be256c
Close response bodies (#1137) 2023-02-28 10:43:00 -06:00
Miccah
6209a80ce1
[chore] Address more linter errors (#1134)
* Address lint errors in detectors

* Update deprecated ioutil call
2023-02-28 10:00:41 -06:00
Miccah
4efe5313f4
[chore] Address lint errors (#1133)
* Update strings.Title to cases.Title

* Migrate go-genproto to google-cloud-go

See: https://github.com/googleapis/google-cloud-go/blob/main/migration.md

* Check error in test

* Check error from sem.Acquire

* Remove unused code
2023-02-27 21:03:47 -06:00
raju-kamble
d151c1363e
fixing browserstack regex username detection (#1123) 2023-02-22 08:17:48 -08:00
raju-kamble
d20f43b5c6
fix browserstack detector (#1120)
* fixing browserstack regex username detection

* fixing browserstack regex username detection

* fixing browserstack regex username detection

* fix patterns

* fix patterns

---------

Co-authored-by: raju-bs <raju@browserstack.com>
Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2023-02-21 15:33:16 -08:00
Miccah
161e499142
[chore] Remove logrus from trufflehog (#1095)
* [chore] Remove logrus from trufflehog

* Minor fixes

* Fix logFatal call

* Fix logrus call
2023-02-14 17:00:07 -06:00
trufflesteeeve
4f13090c01
Remove duplicated detectors (#1092)
In this case just Heroku and LinearAPI. But this includes the Moonclerck
detector, which appears to be a typo that got turned into a separate
detector type.

Co-authored-by: zubairk14 <zubair.khan@trufflesec.com>
2023-02-13 11:44:19 -05:00
trufflesteeeve
114f4b6989
Add Type() to detector interface (#1088)
* Add Type() to detector interface

The goal here is to allow the detector type information to be used
without the need for reflection. This could possibly allow us to more
easily inject information into detectors or filter them out if
necessary.

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>

* remove test detector

---------

Co-authored-by: ahmed <ahmed.zahran@trufflesec.com>
2023-02-09 14:46:03 -08:00
ahrav
80a68b84c2
update webex detector regex (#1062)
* update webex detector regex.

* fix regex.
2023-02-01 18:37:51 -08:00
ahrav
58b78b6a5a
Update float detector with correct User-Agent and regex (#1061)
* Update float detector with correct User-Agent and regex.

* update import order.

* update emial.

* Delete http.go

* add http back.
2023-02-01 09:48:13 -08:00
swdbo
a53758c4c4
braintree detector: use production API URL instead of the test sandbox version (#1054) 2023-02-01 08:41:52 -08:00
Cameron Lonsdale
0aa8e1cd98
Use access-token endpoint for validity check (#991) 2023-01-11 19:19:51 -08:00
Gonçalo Silva
e091fab94f
Use Todoist's REST API v2 (#978)
v1 was deprecated on December 5, 2022.
2022-12-14 16:52:19 -08:00
ahrav
054e98d108
Update slack webhook detector string check (#932)
* Update slack webhook detector check to text.

* remove redunant slashes.
2022-11-21 10:50:23 -08:00
Jessica
6e25664a52
add rambbitmq detector (#936)
* add rambbitmq detector

* use fixed length redaction

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-11-21 10:47:41 -08:00
Dustin Decker
b45369cdbb
Skip some FTP FPs (#929) 2022-11-21 06:52:21 -08:00
Dustin Decker
ae4b387448
add LDAP detector (#896) 2022-11-18 19:45:11 -08:00
Dustin Decker
b18edef01a
Enable skipping of particular key IDs (#930)
* Enable skipping of particular key IDs

* update test
2022-11-18 09:09:40 -08:00
ahrav
b8be0a64a8
Use pointer to type. (#926) 2022-11-16 10:35:48 -08:00
Ankush Goel
64cfe4d85e
Update github_old.go (#916) 2022-11-15 10:40:55 -08:00
Johann Saunier
42a82fc7e1
Update Scrapfly API Key Format (#910) 2022-11-11 15:24:17 -05:00
Ankush Goel
bb0fa055dc
fixed mailchimp detector (#909)
* fixed mailchimp detector

* Use sane http client

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-11-10 09:47:25 -05:00
kstilwell
ecd25784f5
Adding Shopify detector (#875)
* Fixes/work based on testing

* Remove some commented code

* Change how verification happens and grab additional information

* Address linter warnings.

* add shopify detector to default detectors.

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
Co-authored-by: Ahrav Dutta <ahravdutta02@gmail.com>
2022-11-08 16:21:57 -08:00
Dustin Decker
5f0964add8 remove path for deduping URI 2022-11-06 08:12:46 -08:00
Miccah
85f5f3ea7b
Add sqlserver integration test and some default params (#891)
* Improve anonymous redaction

* Add sqlserver integration test and some default params
2022-11-02 11:04:49 -05:00
Dustin Decker
a7fc12240f
Do local URI verification, while attempting to defuse SSRF (#879)
* simplify monogo pattern

* do URI verification locally, while attempting to defuse SSRF

* test SSRF defuse

* simplify err check logic per linter recommendation

* split up detectors

* address comments

* remove unused var
2022-11-01 17:27:24 -07:00
ahrav
fe029b1098
[THOG-793] - Return all unverified results (#856)
* Remove the check to filter and return only a single unverified result.

* Revert "Remove the check to filter and return only a single unverified result."

This reverts commit 494e432803.

* Add new CLI flag to filter unverified results.
2022-10-31 09:36:10 -07:00
Dustin Decker
0c81cba918 remove noisy logging in sqlserver detector 2022-10-26 18:12:26 -07:00
Dustin Decker
ca8a5ef741
increase digitalocean token sensitivity (#872) 2022-10-26 08:22:21 -07:00
Dustin Decker
4f83dd816d
increase datadog token sensitivity (#871) 2022-10-26 08:22:10 -07:00
Dustin Decker
33c6c193e3
improve fastly validation endpoint and add extra data (#870) 2022-10-26 08:22:03 -07:00
Dustin Decker
466b9e2d6b
only detect live env razor pay and use std lib (#869)
* only detect live env razor pay and use std lib

* fix shadowed var
2022-10-26 08:13:13 -07:00
Dustin Decker
dac40519e4
support github fine grained tokens and add extra data (#868)
* support github fine grained tokens and add extra data

* fix shadowed var
2022-10-26 08:13:02 -07:00
Alexandr Marchenko
60464da3ce
proposal: SqlServer connection string detector (#867)
* sqlserver added to detectors.proto

* make protos

* boilerplate detector generated

* wireup

* initial
2022-10-26 07:46:13 -07:00
Ankush Goel
d29357c9d4
added npm detector (#841) 2022-10-13 06:04:02 -07:00
Dustin Decker
785cead43e
Ignore URIs where the password is redacted (#842)
Only `*`s in the password is a redacted basic auth URI.
2022-10-11 14:18:52 -07:00
ahrav
128002885a
Add decoder type to results. (#835) 2022-10-06 11:55:07 -07:00
Mildred Bernardo
3f6e5b44c9
Digitaloceanv2 detector (#832) 2022-10-03 18:01:01 -07:00
Mildred Bernardo
ad4b9406a7
Added digitaloceanv2 detector (#829)
* Added digitaloceanv2 detector

* import detector

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-09-28 09:56:35 -07:00
ahrav
db42bcf2a2
[OC-103] - Add Gemini detector (#800)
* Add Gemini detector.

* Add regex and test code for Gemini detector.

* Remove else.

* Add commentary.

* Address comments.

* Use regular else.

* Make nice and complicated.

* use regular detection pattern.

* Add detector to default detectors.
2022-09-26 11:48:48 -07:00
rahuljaisinghani
3645a6e7b9
Browserstack regex (#808)
* Update browserstack.go

* Update browserstack.go
2022-09-25 13:32:45 -07:00
Miccah
ddc81bd7c1
[THOG-162] Implement JDBC verification for select drivers (#792)
* [THOG-162] Implement JDBC verification for select drivers

Also includes integration tests for postgres and mysql via docker. To
run, execute the following (untested what will happen if the docker
images aren't installed):

go test -tags=detectors,integration ./pkg/detectors/jdbc

* Make jdbc regex a bit more strict

* Surface the context to allow the caller to set a timeout
2022-09-21 17:50:48 +02:00
Joseph Lucas
b02cf7e032
Adding detector for Nvidia NGC (#797)
* template

* minimum viable regex

* valid api 401

* passing tests

* snake to camelcase
2022-09-20 08:20:18 -07:00
Ankush Goel
44bc023da6
Update readme.go (#795)
* Update readme.go

Readme has change the way they issue their keys

now its like rdme_{70} ascii chars

* Update readme.go

* Update readme.go

* Update readme.go

The tester seems to be working fine with the new defaultclient code
2022-09-18 12:19:35 -07:00
ahrav
c4492b1fdc
Add support for MongoDB detector. (#793)
* Add support for MongoDB detector.

* Remove extra line.

* Remove unused arg.

* Add context around found secret test.

* Remove unused arg.
2022-09-15 05:47:09 -07:00
ahrav
33ab1cfeb2
[OC-101] - Prevent Gitlab detector panic (#799) 2022-09-15 05:00:15 -07:00
Dustin Decker
67e8df96a4
Add AWS account information (#782)
* Add AWS account information

* nit
2022-09-06 17:55:03 -07:00
Apoorv Munshi
33ff9178e4
fix regex pattern for confluent detector (#778)
* fix regex pattern for confluent detector

* remove RawV2 filed from detectors.Result

* add RawV2 field back
2022-09-06 10:42:36 -07:00
Dustin Decker
b9d6f11609
clean up detectors (#776) 2022-09-02 12:00:02 -07:00
Max Thomson
d7123c6965
Fix Honeycomb detector with both key formats (#777) 2022-09-02 11:44:16 -07:00
Dustin Decker
aba56523b6
Fix okta detector (#771) 2022-09-01 20:05:06 -07:00
roxanne-tampus
cc2df10e49
fix issue in codacy (#758)
* updated endpoint

* add tags
2022-08-31 17:32:22 -07:00
roxanne-tampus
18bca4b442
Enhancement in Gitlab detector (#588)
* enhancement on regex

* accepts both old and new token

* added gitlabv2 test file
2022-08-30 11:58:32 -07:00
ahrav
37c4eea66a
[chore] - ioutil.ReadFile is deprecated (#753)
* Use os.ReadFile.

* Update imports.

* remove unused import.
2022-08-30 09:41:12 -07:00
Dustin Decker
2452e93a80
Import 27 new detectors (#737) 2022-08-26 12:35:06 -07:00
Marlon
098d4a9e7d
added appointed scanner (#425)
* added appointed scanner

* fix comment

* fix comment

* fix comment

* fix issue

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-08-25 10:40:35 -07:00
Marlon
8709b4fdc6
added apilayer scanner (#368)
* added apilayer scanner

* fix comment

* fix comment
2022-08-25 10:36:41 -07:00
roxanne-tampus
024c847f83
Added braintreepayments detector (#541)
* added braintreepayments detector

* updated condition based on suggestion

* enhancements

* enhancement

* enhancement for valid response
2022-08-25 10:34:53 -07:00
roxanne-tampus
8a9229cf73
Added duply detector (#552)
* Added duply detector

* enhancement
2022-08-25 10:33:34 -07:00
roxanne-tampus
77fabe6191
Added gtmetrix detector (#554) 2022-08-25 10:33:02 -07:00
roxanne-tampus
6f07c59354
Added monkeylearn detector (#553) 2022-08-25 10:32:32 -07:00
roxanne-tampus
e192aee66a
Added twist detector (#549)
* Added twist detector

* enhancement

* auth enhancement

* enhancements

* enhancement
2022-08-25 10:31:43 -07:00
roxanne-tampus
64f15a7bfe
Added holistic detector (#556)
* Added holistic detector

* enhancement
2022-08-25 10:30:43 -07:00
roxanne-tampus
ebd6b5565b
Added transferwise detector (#558)
* Added transferwise detector

* update version

* updated regex
2022-08-25 10:29:29 -07:00
roxanne-tampus
4982755db2
Added ecostruxureit detector (#555)
* Added ecostruxureit detector

* updated regex
2022-08-25 10:27:43 -07:00
Marlon
7ccf69d419
added parseur detector (#454)
* added parseur detector

* fix comment

* fix comment
2022-08-25 10:26:23 -07:00
Marlon
45aaa25fe8
added docparser detector (#458)
* added docparser detector

* fix comment

* remove A on regex
2022-08-25 10:25:25 -07:00
Marlon
0063d50652
added formsite detector (#467)
* added formsite detector

* fix comment

* fix comment
2022-08-25 10:24:23 -07:00
Marlon
956a58fd95
added lemlist detector (#469)
* added lemlist detector

* fix comment
2022-08-25 10:23:09 -07:00
Marlon
38f6cc07ea
added prodpad detector (#470)
* added prodpad detector

* fix comment
2022-08-25 10:22:32 -07:00
Mildred Bernardo
bfa5e642a3
added flightlabs detector (#475)
* added flightlabs detector

* Modified the regex based on comment

* code enhancement

* Changed the valid response filter
2022-08-25 10:22:02 -07:00
Marlon
c2d42878c8
added codeclimate detector (#484)
* added codeclimate detector

* fix comment

* fix comment

* fix comment
2022-08-25 10:20:49 -07:00
Marlon
3d04abced8
added getresponse detector (#506)
* added getresponse detector

* fix comment
2022-08-25 10:20:00 -07:00
Marlon
b79b8e4ec7
added heatmapapi detector (#509)
* added heatmapapi detector

* fix comment
2022-08-25 10:18:16 -07:00
Marlon
be4fedbcb4
added demio detector (#512)
* added demio detector

* fix comment and change regex
2022-08-25 10:16:53 -07:00
Marlon
608eb45797
added kanbantool detector (#513)
* added kanbantool detector

* fix comment

* fix comment
2022-08-25 10:15:19 -07:00
Marlon
da1d3b3a01
Feature/salesmate detector (#514)
* added salesmate detector

* push change

* fix change
2022-08-25 10:13:25 -07:00
Marlon
0ff5cdd623
added tokeet detector (#515)
* added tokeet detector

* fix comment

* fix comment

* fix comment
2022-08-25 10:12:17 -07:00
Marlon
cded7a5489
added websitepulse detector (#516)
* added websitepulse detector

* fix comment
2022-08-25 10:11:10 -07:00
Marlon
ea3aba852d
Feature/scalr detector (#519)
* added scalr detetor

* added scalr detector

* fix comment

* fix comment

* fix comment

* fix comment
2022-08-25 10:03:59 -07:00
Max Thomson
e9f4cf99e5
Add Honeycomb detector (#687)
* Add Honeycomb detector

* Update pattern

Co-authored-by: Dustin Decker <dustin@trufflesec.com>
2022-08-24 16:50:31 -07:00
ahrav
2cab951ee5
[Thog-628] update detector results hash v2 (#710)
* Start updating detectors that have two part creds to record the raw result as ID + secret.

* Add more detectors.

* More detectors.

* More detectors.

* remove comment out imports.
2022-08-12 14:53:37 -07:00
ahrav
30ebe84e3e
[THOG-608] - Fix linter errors. (#701)
* Fix linter errors.

* Fix gist adding test.

* Update test string for mock JSON reply.

* Remove if.
2022-08-09 19:20:02 -07:00
Dustin Decker
8826e369cf
AWS detector should detect with leading '+' (#698) 2022-08-08 09:30:08 -07:00
Dustin Decker
2d3ddad076
Pr/589 (#654)
* added common regex patterns for detectors

* For HexPattern

* enhancements

* used parseInt

* enhancement

* enhanced regex for email and subdomain

* enhancement for email pattern

* update pattern and detector

Co-authored-by: Roxanne Tampus <roxannetampus02@gmail.com>
2022-07-12 08:34:02 -07:00
Dustin Decker
c2426df4d6
Disable sentiment verifier and update teams webhook to avoid being stateful (#646) 2022-07-07 16:55:45 -07:00
Miccah
c4ca7d7c8b
Mark detector tests with a build flag (#613) 2022-07-07 10:27:21 -07:00
Miccah
8e6289e70c
Test numeric password redaction (#644) 2022-07-07 10:13:50 -07:00
ahrav
5ac54ac107
[THOG-531] - remove ending word boundary AWS detector (#637)
* Remove the ending word boundary for the AWS dectector. This will prevent missing secrets that end with / due to it not being ASCII.

* Update regex to be more strict.
2022-07-07 10:10:33 -07:00
trufflesteeeve
d1a81afbb5
Only include one result per AWS Key ID, preferably verified (#619)
Also ignore unverified results that match hashes, because they are
probably just hashes.
2022-06-17 16:22:36 -04:00
trufflesteeeve
26bf1664eb
Move aws detector back to ID checking against secrets, make ID the redacted secret (#617) 2022-06-09 15:06:08 -07:00
ahrav
143fa333f3
[THOG-403] Fix var naming. (#586)
* remove profililing.

* rename uri to URI.

* change var declaration.
2022-05-25 15:23:20 -07:00
Dustin Decker
43955b9a38
Use GetCallerIdentity for AWS verification (#585) 2022-05-25 14:45:28 -07:00
roxanne-tampus
80c6579226
Updated aws detector (#579) 2022-05-24 05:07:54 -07:00
Marlon
cd8fdec3aa
added codemagic detector (#480) 2022-05-23 20:20:33 -07:00
roxanne-tampus
da872f5c27
modified Alibaba detector to use standard library (#568)
* added alibaba detector

* enhancement

* enhancement and ran mod tidy

* fixed
2022-05-23 18:37:01 -07:00
roxanne-tampus
66dc7efac0
Added postbacks detector (#551)
* Added postbacks detector

* enhancement
2022-05-23 18:17:52 -07:00
roxanne-tampus
83dfed9257
Added zipcodebase detector (#550)
* Added zipcodebase detector

* regex enhancement
2022-05-23 18:15:49 -07:00
roxanne-tampus
75972a6f81
Added zenrows detector (#548) 2022-05-23 18:14:52 -07:00
roxanne-tampus
d5e034fddd
Added tefter detector (#547)
* Added tefter detector

* enhancement
2022-05-23 18:14:01 -07:00
roxanne-tampus
3bbc9ef394
Added diggernaut detector (#546) 2022-05-23 18:13:12 -07:00
roxanne-tampus
f509261727
added convertapi detector (#545) 2022-05-23 18:12:22 -07:00
roxanne-tampus
d5f8ddd804
Added collect2 detector (#544)
* added collect2 detector

* enhancement as suggested
2022-05-23 18:11:32 -07:00
roxanne-tampus
c9f1f61c49
Added cloudconvert detector (#543)
* added cloudconvert detector

* updated regex
2022-05-23 18:10:02 -07:00
Dustin Decker
509ae79143 add missing import 2022-05-23 15:48:50 -07:00
valerie gale
9d1c1e958a
enhancements in amplitude detector (#575)
* enhancements in amplitude detector

* enhancements in amplitude detector
2022-05-23 09:20:35 -07:00
Dustin Decker
4d3c2d70e5
use go 1.18 (#566)
* use go 1.18 in CI

* require go 1.18

* use latest linter

* rename ci check

* improve regex issues identified by codeql
2022-05-19 09:01:50 -07:00
Marlon
8c38708d1c
added instabot detector (#511)
* added instabot detector

* fix comment
2022-05-18 22:38:25 -07:00
Marlon
5ae2bfc81d
added uclassify detector (#510) 2022-05-18 22:33:40 -07:00
Mildred Bernardo
bec77af76d
added speechtextai detector (#488)
* added speechtextai detector

* Modified based on comment

* Changed the keyword to speechtext

* Changed speechtextai to speechtext
2022-05-18 22:33:05 -07:00
Marlon
f6a0f65f25
added vbout detector (#481)
* added vbout detector

* fix comment
2022-05-18 22:32:29 -07:00
Mildred Bernardo
13f5748db1
added pollsapi detector (#477) 2022-05-18 22:31:11 -07:00
Marlon
93922fe14f
added databox detector (#447) 2022-05-18 22:30:18 -07:00
Mildred Bernardo
3e3cb2784e
added simfin detector (#476)
* added simfin detector

* Modified based on comment

* code enhancement
2022-05-18 22:16:14 -07:00
Marlon
2cdb3c6bbc
added besnappy detector (#508)
* added besnappy detector

* fix comment
2022-05-18 22:14:57 -07:00
roxanne-tampus
5219c8aaff
Added twitch detector (#542)
* added braintreepayments detector

* added twitch detector

* revert commit

* enhancement
2022-05-17 18:52:37 -07:00
Marlon
2549f2efa3
added interseller detector (#504)
* added interseller detector

* fix comment
2022-05-16 20:39:02 -07:00
Marlon
5f9c9f4506
added tickettailor detector (#468)
* added tickettailor detector

* fix comment
2022-05-16 20:36:08 -07:00
Marlon
43bfdcfdf0
added rentman detector (#449)
* added rentman detector

* fix comment
2022-05-16 20:09:57 -07:00
Marlon
f8950741fa
added onesignal detector (#448)
* added onesignal detector

* fix comment
2022-05-16 20:08:49 -07:00
Marlon
0d18a7750b
added bulksms detector (#446)
* added bulksms detector

* fix comment

* fix comment
2022-05-16 20:07:59 -07:00
Marlon
4e13695dce
added stormboard scanner (#367)
* added stormboard scanner

* remove unused imports

* fix comment
2022-05-16 20:01:20 -07:00
ahrav
198cb1a786
Clean up comments. (#562) 2022-05-16 09:03:10 -07:00
Dustin Decker
d217a517c0
Cleanup packages and include more detectors (#521)
* clean up duplicate packages

* include more detectors
2022-05-04 09:27:42 -07:00
dcRUSTy
a74bea0e8e
fix: regex for hostnames (#494)
* fix: regex for ends with github.com

* fix: regex for hooks.zapier.com

* fix: regex for hooks.slack.com

* fix: regex for signalwire.com

* fix: regex for kanbantool.com

* fix: regex for invoiceoceam.com

* fix: regex for invoiceocean.com

* fix: regex for freshdesk.com

* fix: regex for discord.com

* fix: regex for deputy.com
2022-05-02 09:44:37 -07:00
roxanne-tampus
b8b9acf8bb
Added zulipchat scanner (#411)
* added new protos

* added new detectors

* added zulipchat scanner

* modified regex
2022-04-29 09:54:06 -07:00
Dustin Decker
28d5396e61
Pr/371 (#490)
* added paydirtyapp scanner

* change paydirtyapp to paydirtapp

Co-authored-by: Marlon Pamisa <marlonpamisa@gmail.com>
2022-04-28 23:39:35 -07:00
valerie gale
cb8fa4eb03
added mux scanner (#388) 2022-04-28 23:18:37 -07:00
Dustin Decker
40a2d8c9f4
Pr/478 (#489)
* added nightfall detector

* fix protos and improve pattern

Co-authored-by: Mildred Tosoc <mildredtosoc@gmail.com>
2022-04-28 23:11:48 -07:00
Dustin Decker
335a5212a6
invert logic for sonarcloud (#487) 2022-04-28 13:33:51 -07:00
Mildred Bernardo
6b25502509
added sportradar scanner (#379) 2022-04-23 19:19:00 -07:00
Mildred Bernardo
f4ef49b448
added uptimerobot scanner (#384) 2022-04-23 19:11:30 -07:00
Marlon
b37a4ecdb6
added wit scanner (#422) 2022-04-23 19:01:46 -07:00
Marlon
753815fa92
added formcraft scanner (#433) 2022-04-23 18:57:54 -07:00
Marlon
2240851037
added reachmail scanner (#421) 2022-04-23 18:53:47 -07:00
Marlon
9fe5f010aa
added iexapis scanner (#418) 2022-04-23 18:52:53 -07:00
Marlon
271ad9e8b0
added chartmogul scanner (#426) 2022-04-23 18:49:37 -07:00
Marlon
b4a1468cea
added paperform scanner (#374) 2022-04-23 18:41:50 -07:00
Marlon
fb0b11f698
added statuscake scanner (#373) 2022-04-23 18:31:18 -07:00
Marlon
06fb4cdf5d
added detectify scanner (#372) 2022-04-23 18:26:43 -07:00
Marlon
0d7be1fdab
added gumroad scanner (#370) 2022-04-23 18:15:54 -07:00
Marlon
0b1e673151
added disqus scanner (#369) 2022-04-23 18:09:21 -07:00
Dustin Decker
1735892c49
fix github detector (#472) 2022-04-22 08:51:38 -07:00
roxanne-tampus
7cfb6dddee
Added fibery scanner (#409)
* added new protos

* added new detectors

* added fibery scanner

* modified method and header

* enhancement for regex and endpoint
2022-04-21 18:00:09 -07:00
roxanne-tampus
02fb786a03
Added typetalk scanner (#410)
* added new protos

* added new detectors

* added typetalk scanner

* enhanced endpoint
2022-04-21 17:57:51 -07:00
trufflesteeeve
b5743277a3
Detectors that fail verification should still report the unverified secret (#440)
* Detectors that fail verification should still report the unverified secret

* fixup - change microsoft webhook keywords, filter false positives for old github detector

* fixup - fix typo
2022-04-21 15:32:26 -07:00
roxanne-tampus
6d82056a9b
Added voodoosms scanner (#408)
* added new protos

* added new detectors

* added voodoosms scanner
2022-04-21 15:28:27 -07:00
roxanne-tampus
853e434518
Added flowdock scanner (#407)
* added new protos

* added new detectors

* added flowdock scanner

* added params
2022-04-21 15:28:17 -07:00
roxanne-tampus
9b0c3f2901
Added flowdash scanner (#406)
* added new protos

* added new detectors

* added flowdash scanner

* updated the endpoint
2022-04-21 15:27:58 -07:00
roxanne-tampus
c49744c278
Added cloudsmith scanner (#405)
* added new protos

* added new detectors

* added cloudsmith scanner

* enhanced regex and added version to endpoint
2022-04-21 15:27:40 -07:00
roxanne-tampus
bbff98487d
Added packagecloud scanner (#404)
* added new protos

* added new detectors

* added packagecloud scanner

* updated regex
2022-04-21 15:27:14 -07:00
roxanne-tampus
6c1b3c65f8
Added parsehub scanner (#403)
* added new protos

* added new detectors

* added parsehub scanner

* enhanced enpoint
2022-04-21 15:26:32 -07:00
roxanne-tampus
af1b976471
Added aha scanner (#402)
* added new protos

* added new detectors

* added aha scanner

* enhanced regex
2022-04-21 15:25:51 -07:00
Mildred Bernardo
f751df1be2
added podio scanner (#399) 2022-04-21 15:23:45 -07:00
Mildred Bernardo
80391bbd2f
added atera scanner (#398)
* added atera branch

* modified based on comments
2022-04-21 15:23:38 -07:00
Mildred Bernardo
4b1af216e4
added yelp scanner (#396)
* added yelp scanner

* changed the regex
2022-04-21 15:23:21 -07:00
Mildred Bernardo
0b122b89ac
added lunchmoney scanner (#395)
* added lunchmoney scanner

* changed the regex
2022-04-21 15:22:09 -07:00
Mildred Bernardo
2464ace98b
added rocketset scanner (#383) 2022-04-19 17:08:48 -07:00
Dustin Decker
272dacaed3
Recharge payments detector Pr/381 (#430)
* Add RechargePayments to detectors

* First pass at code and tests for RechargePayments detector

* Running make protos

* Fixes based on running tests

Co-authored-by: Kevin Stilwell <kevin.stilwell@gmail.com>
2022-04-18 21:51:27 -07:00
roxanne-tampus
85cd3f3082
Added pinata scanner (#361)
* added new protos

* added pinata scanner
2022-04-18 21:45:37 -07:00
roxanne-tampus
594ff9e5e9
Added testingbot scanner (#359)
* added new protos

* added testingbot scanner
2022-04-18 21:43:09 -07:00
roxanne-tampus
cf4910bbc6
Added parsers scanner (#358)
* added new protos

* added parsers scanner
2022-04-18 21:41:58 -07:00
roxanne-tampus
5ec01c4e55
Added exportsdk scanner (#356)
* added new protos

* added exportsdk scanner
2022-04-18 21:39:24 -07:00
roxanne-tampus
c497a858eb
Added dareboost scanner (#355)
* added new protos

* added dareboost scanner
2022-04-18 21:38:26 -07:00
roxanne-tampus
920036e6d1
Added crossbrowsertesting scanner (#354)
* added new protos

* added crossbrowsertesting scanner
2022-04-18 21:37:23 -07:00
roxanne-tampus
c7aae46180
Added browserstack scanner (#353)
* added new protos

* added browserstack scanner
2022-04-18 21:34:58 -07:00
roxanne-tampus
89f152f4ce
Added conversiontools scanner (#351)
* added new protos

* added conversiontools scanner
2022-04-18 21:33:37 -07:00
roxanne-tampus
92c34ee015
Added image4 scanner (#345)
* added new protos

* added image4 scanner

* Updated the regex
2022-04-18 21:30:24 -07:00
roxanne-tampus
e5842806de
Added sonarcloud scanner (#344)
* added new protos

* added sonarcloud scanner

* Updated sonarcloud scanner

* updated sonarcloud endpoint
2022-04-18 21:29:21 -07:00
roxanne-tampus
2f7da0c732
Added scrutinizerci scanner (#343)
* added new protos

* added scrutinizerci scanner

* updated scrutinizer

* updated scrutinizer keyword
2022-04-18 21:21:47 -07:00
ahrav
96c9c5bf7c
[THOG-234] Update security trails detector's regex and keywords. (#429)
* Update detectors PrefixRegex to allow for new line and carriage returns.
Add additional keyword for security trails.
Add additional unit tests for security trails and PrefixRegex

* Update catpure group.
2022-04-18 15:09:50 -07:00
JJ Asghar
4954086ec9
Updated to new endpoint for IBM Cloud (#397)
* Updated to new endpoint for IBM Cloud

Taken from https://cloud.ibm.com/apidocs/codeengine#get-kubeconfig
The IAM is now pointing to long term one, and also updated the
additional information in the POST

* Update ibmclouduserkey.go

Rollback to the original options.
2022-04-15 13:25:45 -07:00