templateman update

2023-10-14 16:57:55 +05:30 · 2023-10-14 16:57:55 +05:30 · 161b90353a
parent d63d0d6ca9
commit 161b90353a
6920 changed files with 20821 additions and 14572 deletions
--- a/dns/azure-takeover-detection.yaml
+++ b/dns/azure-takeover-detection.yaml
@ -13,9 +13,9 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
    cvss-score: 7.2
    cwe-id: CWE-404
  tags: dns,takeover,azure
  metadata:
    max-request: 1
  tags: dns,takeover,azure
 dns:
  - name: "{{FQDN}}"
--- a/dns/caa-fingerprint.yaml
+++ b/dns/caa-fingerprint.yaml
@ -9,14 +9,13 @@ info:
    - https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record
  classification:
    cwe-id: CWE-200
  tags: dns,caa
  metadata:
    max-request: 1
  tags: dns,caa
 dns:
  - name: "{{FQDN}}"
    type: CAA
    matchers:
      - type: regex
        regex:
@ -28,4 +27,4 @@ dns:
        regex:
          - 'issue "(.*)"'
          - 'issuewild "(.*)"'
-          - 'iodef "(.*)"'
+          - 'iodef "(.*)"'
--- a/dns/detect-dangling-cname.yaml
+++ b/dns/detect-dangling-cname.yaml
@ -12,9 +12,9 @@ info:
    - https://docs.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover
  classification:
    cwe-id: CWE-200
  tags: dns,takeover
  metadata:
    max-request: 1
  tags: dns,takeover
 dns:
  - name: "{{FQDN}}"
@ -33,4 +33,4 @@ dns:
    extractors:
      - type: dsl
        dsl:
-          - cname
+          - cname
--- a/dns/dmarc-detect.yaml
+++ b/dns/dmarc-detect.yaml
@ -11,16 +11,15 @@ info:
    - https://dmarc.org/wiki/FAQ#Why_is_DMARC_important.3F
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: dns,dmarc
  metadata:
    max-request: 1
  tags: dns,dmarc
 dns:
  - name: "_dmarc.{{FQDN}}"
    type: TXT
    matchers:
      - type: regex
        part: answer
@ -31,4 +30,4 @@ dns:
      - type: regex
        group: 1
        regex:
-          - "IN\tTXT\t(.+)"
+          - "IN\tTXT\t(.+)"
--- a/dns/dns-saas-service-detection.yaml
+++ b/dns/dns-saas-service-detection.yaml
@ -254,8 +254,7 @@ dns:
      - type: word
        part: answer
-        name: adobe-marketo
+        name: adobe-marketo - 'mkto-.{5,8}\.com'
          - 'mkto-.{5,8}\.com'
      - type: word
        part: answer
@ -349,7 +348,7 @@ dns:
        words:
          - zdassets.com
          - zdorigin.com
-          - zendesk.com
+          - "zendesk.com"
          - zopim.com
      - type: word
--- a/dns/dns-waf-detect.yaml
+++ b/dns/dns-waf-detect.yaml
@ -7,9 +7,9 @@ info:
  description: A DNS WAF was detected.
  classification:
    cwe-id: CWE-200
  tags: tech,waf,dns
  metadata:
    max-request: 2
  tags: tech,waf,dns
 dns:
  - name: "{{FQDN}}"
@ -17,7 +17,6 @@ dns:
  - name: "{{FQDN}}"
    type: NS
    matchers:
      - type: word
        part: answer
@ -192,4 +191,4 @@ dns:
        part: answer
        name: edns
        words:
-          - ".iidns.com"
+          - ".iidns.com"
--- a/dns/dnssec-detection.yaml
+++ b/dns/dnssec-detection.yaml
@ -10,16 +10,15 @@ info:
    - https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
  classification:
    cwe-id: CWE-200
  tags: dns,dnssec
  metadata:
    max-request: 1
  tags: dns,dnssec
 dns:
  - name: "{{FQDN}}"
    type: DS
    matchers:
      - type: regex
        part: answer
        regex:
-          - "IN\tDS\\t(.+)$"
+          - "IN\tDS\\t(.+)$"
--- a/dns/ec2-detection.yaml
+++ b/dns/ec2-detection.yaml
@ -9,9 +9,9 @@ info:
    - https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
  classification:
    cwe-id: CWE-200
  tags: dns,ec2,aws
  metadata:
    max-request: 1
  tags: dns,ec2,aws
 dns:
  - name: "{{FQDN}}"
@ -21,4 +21,4 @@ dns:
      - type: regex
        regex:
          - "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com"
-          - "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"
+          - "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"
--- a/dns/elasticbeanstalk-takeover.yaml
+++ b/dns/elasticbeanstalk-takeover.yaml
@ -4,8 +4,7 @@ info:
  name: ElasticBeanstalk Subdomain Takeover Detection
  author: philippedelteil,rotemreiss,zy9ard3,joaonevess
  severity: high
-  description: ElasticBeanstalk subdomain takeover detected. A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical
+  description: ElasticBeanstalk subdomain takeover detected. A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical name (CNAME) in the Domain Name System (DNS), but no host is providing content for it.
    name (CNAME) in the Domain Name System (DNS), but no host is providing content for it.
  reference:
    - https://github.com/EdOverflow/can-i-take-over-xyz/issues/147
    - https://twitter.com/payloadartist/status/1362035009863880711
--- a/dns/mx-fingerprint.yaml
+++ b/dns/mx-fingerprint.yaml
@ -10,14 +10,13 @@ info:
    - https://mxtoolbox.com/
  classification:
    cwe-id: CWE-200
  tags: dns,mx
  metadata:
    max-request: 1
  tags: dns,mx
 dns:
  - name: "{{FQDN}}"
    type: MX
    matchers:
      - type: regex
        part: answer
@ -28,4 +27,4 @@ dns:
      - type: regex
        group: 1
        regex:
-          - "IN\tMX\t(.+)"
+          - "IN\tMX\t(.+)"
--- a/dns/mx-service-detector.yaml
+++ b/dns/mx-service-detector.yaml
@ -7,9 +7,9 @@ info:
  description: An email service was detected. Check the email service or spam filter that is used for a domain.
  classification:
    cwe-id: CWE-200
  tags: dns,service
  metadata:
    max-request: 1
  tags: dns,service
 dns:
  - name: "{{FQDN}}"
@ -80,4 +80,4 @@ dns:
        name: "Proofpoint US"
        words:
          - "mx1-us1.ppe-hosted.com"
-          - "mx2-us1.ppe-hosted.com"
+          - "mx2-us1.ppe-hosted.com"
--- a/dns/nameserver-fingerprint.yaml
+++ b/dns/nameserver-fingerprint.yaml
@ -7,14 +7,13 @@ info:
  description: An NS record was detected. An NS record delegates a subdomain to a set of name servers.
  classification:
    cwe-id: CWE-200
  tags: dns,ns
  metadata:
    max-request: 1
  tags: dns,ns
 dns:
  - name: "{{FQDN}}"
    type: NS
    matchers:
      - type: regex
        part: answer
@ -25,4 +24,4 @@ dns:
      - type: regex
        group: 1
        regex:
-          - "IN\tNS\t(.+)"
+          - "IN\tNS\t(.+)"
--- a/dns/ptr-fingerprint.yaml
+++ b/dns/ptr-fingerprint.yaml
@ -7,14 +7,13 @@ info:
  description: A PTR record was detected. A PTR record refers to the domain name.
  classification:
    cwe-id: CWE-200
  tags: dns,ptr
  metadata:
    max-request: 1
  tags: dns,ptr
 dns:
  - name: "{{FQDN}}"
    type: PTR
    matchers:
      - type: regex
        part: answer
@ -25,4 +24,4 @@ dns:
      - type: regex
        group: 1
        regex:
-          - "IN\tPTR\t(.+)"
+          - "IN\tPTR\t(.+)"
--- a/dns/servfail-refused-hosts.yaml
+++ b/dns/servfail-refused-hosts.yaml
@ -4,20 +4,18 @@ info:
  name: DNS Servfail Host Finder
  author: pdteam
  severity: info
-  description: A DNS ServFail error occurred. ServFail errors occur when there is an error communicating with a DNS server. This could have a number of causes, including an error on the DNS server itself, or a temporary
+  description: A DNS ServFail error occurred. ServFail errors occur when there is an error communicating with a DNS server. This could have a number of causes, including an error on the DNS server itself, or a temporary networking issue.
    networking issue.
  classification:
    cwe-id: CWE-200
  tags: dns,takeover
  metadata:
    max-request: 1
  tags: dns,takeover
 dns:
  - name: "{{FQDN}}"
    type: A
    matchers:
      - type: word
        words:
          - "SERVFAIL"
-          - "REFUSED"
+          - "REFUSED"
--- a/dns/spoofable-spf-records-ptr.yaml
+++ b/dns/spoofable-spf-records-ptr.yaml
@ -9,17 +9,16 @@ info:
    - https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability
  classification:
    cwe-id: CWE-200
  tags: dns,spf
  metadata:
    max-request: 1
  tags: dns,spf
 dns:
  - name: "{{FQDN}}"
    type: TXT
    matchers:
      - type: word
        words:
          - "v=spf1"
          - " ptr "
-        condition: and
+        condition: and
--- a/dns/txt-fingerprint.yaml
+++ b/dns/txt-fingerprint.yaml
@ -9,14 +9,13 @@ info:
    - https://www.netspi.com/blog/technical/network-penetration-testing/analyzing-dns-txt-records-to-fingerprint-service-providers/
  classification:
    cwe-id: CWE-200
  tags: dns,txt
  metadata:
    max-request: 1
  tags: dns,txt
 dns:
  - name: "{{FQDN}}"
    type: TXT
    matchers:
      - type: regex
        part: answer
@ -27,4 +26,4 @@ dns:
      - type: regex
        group: 1
        regex:
-          - "IN\tTXT\t(.+)"
+          - "IN\tTXT\t(.+)"
--- a/dns/worksites-detection.yaml
+++ b/dns/worksites-detection.yaml
@ -9,15 +9,14 @@ info:
    - https://blog.melbadry9.xyz/dangling-dns/xyz-services/ddns-worksites
  classification:
    cwe-id: CWE-200
  tags: dns,service
  metadata:
    max-request: 1
  tags: dns,service
 dns:
  - name: "{{FQDN}}"
    type: A
    matchers:
      - type: word
        words:
-          - "69.164.223.206"
+          - "69.164.223.206"
--- a/file/android/adb-backup-enabled.yaml
+++ b/file/android/adb-backup-enabled.yaml
@ -5,17 +5,16 @@ info:
  author: gaurang
  severity: low
  description: ADB Backup is enabled, which allows the backup and restore of an app's private data.
  remediation: Ensure proper access or disable completely.
  reference:
    - https://adb-backup.com/
  classification:
    cwe-id: CWE-200
  remediation: Ensure proper access or disable completely.
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
-          - "android:allowBackup=\"true\""
+          - "android:allowBackup=\"true\""
--- a/file/android/biometric-detect.yaml
+++ b/file/android/biometric-detect.yaml
@ -7,14 +7,12 @@ info:
  description: Android Biometric/Fingerprint permission files were detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
--- a/file/android/certificate-validation.yaml
+++ b/file/android/certificate-validation.yaml
@ -10,11 +10,9 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
--- a/file/android/content-scheme.yaml
+++ b/file/android/content-scheme.yaml
@ -7,14 +7,12 @@ info:
  description: Android content scheme enabling was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - xml
    matchers:
      - type: word
        words:
--- a/file/android/debug-enabled.yaml
+++ b/file/android/debug-enabled.yaml
@ -6,11 +6,9 @@ info:
  severity: low
  description: Android debug enabling was detected.
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: regex
        regex:
--- a/file/android/deep-link-detect.yaml
+++ b/file/android/deep-link-detect.yaml
@ -11,12 +11,11 @@ info:
    - https://medium.com/@muratcanbur/intro-to-deep-linking-on-android-1b9fe9e38abd
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: android,file,deeplink
 file:
  - extensions:
      - xml
--- a/file/android/dynamic-broadcast-receiver.yaml
+++ b/file/android/dynamic-broadcast-receiver.yaml
@ -7,14 +7,12 @@ info:
  description: Android dynamic broadcast receiver register functionality was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
--- a/file/android/file-scheme.yaml
+++ b/file/android/file-scheme.yaml
@ -7,14 +7,12 @@ info:
  description: Android file scheme enabling was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - xml
    matchers:
      - type: word
        words:
--- a/file/android/google-storage-bucket.yaml
+++ b/file/android/google-storage-bucket.yaml
@ -5,10 +5,9 @@ info:
  author: Thabisocn
  severity: info
  metadata:
    github-query: "/[a-z0-9.-]+\\.appspot\\.com/"
    verified: "true"
    github-query: "/[a-z0-9.-]+\\.appspot\\.com/"
  tags: file,android,google
 file:
  - extensions:
      - all
--- a/file/android/provider-path.yaml
+++ b/file/android/provider-path.yaml
@ -10,11 +10,9 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: regex
        regex:
--- a/file/android/webview-addjavascript-interface.yaml
+++ b/file/android/webview-addjavascript-interface.yaml
@ -10,11 +10,9 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
--- a/file/android/webview-javascript.yaml
+++ b/file/android/webview-javascript.yaml
@ -7,14 +7,12 @@ info:
  description: WebView Javascript enabling was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file,javascript
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
--- a/file/android/webview-load-url.yaml
+++ b/file/android/webview-load-url.yaml
@ -7,14 +7,12 @@ info:
  description: WebView loadUrl usage was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
--- a/file/android/webview-universal-access.yaml
+++ b/file/android/webview-universal-access.yaml
@ -10,11 +10,9 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
--- a/file/audit/cisco/configure-aaa-service.yaml
+++ b/file/audit/cisco/configure-aaa-service.yaml
@ -5,15 +5,14 @@ info:
  author: pussycat0x
  severity: info
  description: |
-      Cisco authentication, authorization and accounting service configuration was detected.
+    Cisco authentication, authorization and accounting service configuration was detected.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/configure-service-timestamps-debug.yaml
+++ b/file/audit/cisco/configure-service-timestamps-debug.yaml
@ -5,15 +5,14 @@ info:
  author: pussycat0x
  severity: info
  description: |
-     The configuration for service timestamps on Cisco devices was not implemented for debugging purposes. It's important to note that timestamps can be added to either debugging or logging messages independently.
+    The configuration for service timestamps on Cisco devices was not implemented for debugging purposes. It's important to note that timestamps can be added to either debugging or logging messages independently.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/configure-service-timestamps-logmessages.yaml
+++ b/file/audit/cisco/configure-service-timestamps-logmessages.yaml
@ -5,15 +5,14 @@ info:
  author: pussycat0x
  severity: info
  description: |
-      Cisco service timestamp configuration for log messages was not implemented.
+    Cisco service timestamp configuration for log messages was not implemented.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/disable-ip-source-route.yaml
+++ b/file/audit/cisco/disable-ip-source-route.yaml
@ -5,16 +5,15 @@ info:
  author: pussycat0x
  severity: info
  description: |
-      Cisco IP source-route functionality has been utilized in several attacks. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
+    Cisco IP source-route functionality has been utilized in several attacks. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
  remediation: Disable IP source-route where appropriate.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/disable-pad-service.yaml
+++ b/file/audit/cisco/disable-pad-service.yaml
@ -5,15 +5,14 @@ info:
  author: pussycat0x
  severity: info
  description: |
-      Cisco PAD service has proven vulnerable to attackers. To reduce the risk of unauthorized access, organizations should implement a security policy restricting or disabling unnecessary access.
+    Cisco PAD service has proven vulnerable to attackers. To reduce the risk of unauthorized access, organizations should implement a security policy restricting or disabling unnecessary access.
  reference:
    - http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/enable-secret-for-password-user-and-.yaml
+++ b/file/audit/cisco/enable-secret-for-password-user-and-.yaml
@ -5,11 +5,10 @@ info:
  author: pussycat0x
  severity: info
  description: |
-      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
+    To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/logging-enable.yaml
+++ b/file/audit/cisco/logging-enable.yaml
@ -5,15 +5,14 @@ info:
  author: pussycat0x
  severity: info
  description: |
-      Cisco logging 'logging enable' enable command enforces the monitoring of technology risks for organizations' network devices.
+    Cisco logging 'logging enable' enable command enforces the monitoring of technology risks for organizations' network devices.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/set-and-secure-passwords.yaml
+++ b/file/audit/cisco/set-and-secure-passwords.yaml
@ -5,15 +5,14 @@ info:
  author: pussycat0x
  severity: info
  description: |
-      Cisco set and secure password functionality is recommended to control privilege level access. To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command.
+    Cisco set and secure password functionality is recommended to control privilege level access. To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-cr-book/sec-cr-e1.html#wp3884449514
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/auto-usb-install.yaml
+++ b/file/audit/fortigate/auto-usb-install.yaml
@ -8,10 +8,9 @@ info:
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/heuristic-scan.yaml
+++ b/file/audit/fortigate/heuristic-scan.yaml
@ -9,10 +9,9 @@ info:
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/inactivity-timeout.yaml
+++ b/file/audit/fortigate/inactivity-timeout.yaml
@ -8,10 +8,9 @@ info:
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/maintainer-account.yaml
+++ b/file/audit/fortigate/maintainer-account.yaml
@ -8,10 +8,9 @@ info:
  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/password-policy.yaml
+++ b/file/audit/fortigate/password-policy.yaml
@ -8,10 +8,9 @@ info:
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: fortigate,config,audit,file,firewall
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/remote-auth-timeout.yaml
+++ b/file/audit/fortigate/remote-auth-timeout.yaml
@ -9,10 +9,9 @@ info:
    - https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/scp-admin.yaml
+++ b/file/audit/fortigate/scp-admin.yaml
@ -8,10 +8,9 @@ info:
  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/strong-ciphers.yaml
+++ b/file/audit/fortigate/strong-ciphers.yaml
@ -7,7 +7,6 @@ info:
  description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/pfsense/configure-dns-server.yaml
+++ b/file/audit/pfsense/configure-dns-server.yaml
@ -10,12 +10,11 @@ info:
    https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/configure-session-timeout.yaml
+++ b/file/audit/pfsense/configure-session-timeout.yaml
@ -10,12 +10,11 @@ info:
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/enable-https-protocol.yaml
+++ b/file/audit/pfsense/enable-https-protocol.yaml
@ -10,12 +10,11 @@ info:
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/known-default-account.yaml
+++ b/file/audit/pfsense/known-default-account.yaml
@ -10,10 +10,9 @@ info:
    - https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,pfsense
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/password-protected-consolemenu.yaml
+++ b/file/audit/pfsense/password-protected-consolemenu.yaml
@ -10,12 +10,11 @@ info:
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/set-hostname.yaml
+++ b/file/audit/pfsense/set-hostname.yaml
@ -10,10 +10,9 @@ info:
    https://docs.netgate.com/pfsense/en/latest/config/general.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/bash/bash-scanner.yaml
+++ b/file/bash/bash-scanner.yaml
@ -9,7 +9,6 @@ info:
    - https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
    - https://phoenixnap.com/kb/dangerous-linux-terminal-commands
  tags: bash,file,shell,sh
 file:
  - extensions:
      - sh
--- a/file/electron/electron-version-detect.yaml
+++ b/file/electron/electron-version-detect.yaml
@ -8,10 +8,9 @@ info:
    - https://www.electronjs.org/blog/chromium-rce-vulnerability/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: electron,file
 file:
  - extensions:
      - json
--- a/file/electron/node-integration-enabled.yaml
+++ b/file/electron/node-integration-enabled.yaml
@ -10,13 +10,10 @@ info:
    - https://blog.yeswehack.com/yeswerhackers/exploitation/pentesting-electron-applications/
    - https://book.hacktricks.xyz/pentesting/pentesting-web/xss-to-rce-electron-desktop-apps
  tags: electron,file,nodejs
 file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
-          - "nodeIntegration: true"
+          - "nodeIntegration: true"
--- a/file/js/js-analyse.yaml
+++ b/file/js/js-analyse.yaml
@ -9,7 +9,6 @@ info:
  metadata:
    verified: true
  tags: file,js-analyse,js,javascript
 file:
  - extensions:
      - js
--- a/file/keys/adafruit-key.yaml
+++ b/file/keys/adafruit-key.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: adafruit,file,keys
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/adobe/adobe-client.yaml
+++ b/file/keys/adobe/adobe-client.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: adobe,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/adobe/adobe-secret.yaml
+++ b/file/keys/adobe/adobe-secret.yaml
@ -12,7 +12,6 @@ info:
  metadata:
    verified: true
  tags: adobe,oauth,file,token
 file:
  - extensions:
      - all
@ -21,4 +20,4 @@ file:
      - type: regex
        part: body
        regex:
-          - '(?i)\b(p8e-[a-z0-9-]{32})(?:[^a-z0-9-]|$)'
+          - '(?i)\b(p8e-[a-z0-9-]{32})(?:[^a-z0-9-]|$)'
--- a/file/keys/age/age-identity-secret-key.yaml
+++ b/file/keys/age/age-identity-secret-key.yaml
@ -11,7 +11,6 @@ info:
  metadata:
    verified: true
  tags: age-encryption,file,token
 file:
  - extensions:
      - all
@ -20,4 +19,4 @@ file:
      - type: regex
        part: body
        regex:
-          - '\bAGE-SECRET-KEY-1[0-9A-Z]{58}\b'
+          - '\bAGE-SECRET-KEY-1[0-9A-Z]{58}\b'
--- a/file/keys/age/age-recipient-public-key.yaml
+++ b/file/keys/age/age-recipient-public-key.yaml
@ -11,7 +11,6 @@ info:
  metadata:
    verified: true
  tags: age-encryption,file,token
 file:
  - extensions:
      - all
@ -20,4 +19,4 @@ file:
      - type: regex
        part: body
        regex:
-          - '\bage1[0-9a-z]{58}\b'
+          - '\bage1[0-9a-z]{58}\b'
--- a/file/keys/airtable-key.yaml
+++ b/file/keys/airtable-key.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: airtable,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/algolia-key.yaml
+++ b/file/keys/algolia-key.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: algolia,file,keys
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/alibaba/alibaba-key-id.yaml
+++ b/file/keys/alibaba/alibaba-key-id.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: alibaba,access,file,keys
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/alibaba/alibaba-secret-id.yaml
+++ b/file/keys/alibaba/alibaba-secret-id.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: alibaba,secret,file,keys
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/amazon/amazon-account-id.yaml
+++ b/file/keys/amazon/amazon-account-id.yaml
@ -9,12 +9,11 @@ info:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: aws,amazon,token,file
 file:
  - extensions:
      - all
--- a/file/keys/amazon/amazon-mws-auth-token.yaml
+++ b/file/keys/amazon/amazon-mws-auth-token.yaml
@ -10,7 +10,6 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: token,file,amazon,auth
 file:
  - extensions:
      - all
--- a/file/keys/amazon/amazon-session-token.yaml
+++ b/file/keys/amazon/amazon-session-token.yaml
@ -9,12 +9,11 @@ info:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: aws,amazon,token,file,session
 file:
  - extensions:
      - all
--- a/file/keys/amazon/amazon-sns-token.yaml
+++ b/file/keys/amazon/amazon-sns-token.yaml
@ -7,10 +7,9 @@ info:
  description: Amazon SNS token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: file,token,amazon,aws
 file:
  - extensions:
      - all
--- a/file/keys/amazon/aws-access-id.yaml
+++ b/file/keys/amazon/aws-access-id.yaml
@ -7,10 +7,9 @@ info:
  description: Amazon Web Services Access Key ID token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: token,file
 file:
  - extensions:
      - all
--- a/file/keys/amazon/aws-cognito.yaml
+++ b/file/keys/amazon/aws-cognito.yaml
@ -7,10 +7,9 @@ info:
  description: Amazon Web Services Cognito Pool ID token was detected.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: token,file
 file:
  - extensions:
      - all
--- a/file/keys/asana/asana-clientid.yaml
+++ b/file/keys/asana/asana-clientid.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: asana,client,file,keys
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/asana/asana-clientsecret.yaml
+++ b/file/keys/asana/asana-clientsecret.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: asana,client,file,keys,secret
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/atlassian/atlassian-api-token.yaml
+++ b/file/keys/atlassian/atlassian-api-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: atlassian,file,token,api
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/azure/azure-connection-string.yaml
+++ b/file/keys/azure/azure-connection-string.yaml
@ -11,7 +11,6 @@ info:
  metadata:
    verified: true
  tags: azure,file,token
 file:
  - extensions:
      - all
--- a/file/keys/beamer-api-token.yaml
+++ b/file/keys/beamer-api-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: beamer,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/bitbucket/bitbucket-client-id.yaml
+++ b/file/keys/bitbucket/bitbucket-client-id.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: bitbucket,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/bitbucket/bitbucket-client-secret.yaml
+++ b/file/keys/bitbucket/bitbucket-client-secret.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: bitbucket,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/bittrex/bittrex-access-key.yaml
+++ b/file/keys/bittrex/bittrex-access-key.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: bittrex,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/bittrex/bittrex-secret-key.yaml
+++ b/file/keys/bittrex/bittrex-secret-key.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: bittrex,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/branch-key.yaml
+++ b/file/keys/branch-key.yaml
@ -9,10 +9,9 @@ info:
    - https://github.com/BranchMetrics/android-branch-deep-linking-attribution/issues/74
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  tags: token,file
 file:
  - extensions:
      - all
--- a/file/keys/clojars-api-token.yaml
+++ b/file/keys/clojars-api-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: clojars,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(CLOJARS_)[a-z0-9]{60}
+          - (?i)(CLOJARS_)[a-z0-9]{60}
--- a/file/keys/cloudinary.yaml
+++ b/file/keys/cloudinary.yaml
@ -10,7 +10,6 @@ info:
    cvss-score: 7.5
    cwe-id: CWE-200
  tags: token,file,cloudinary
 file:
  - extensions:
      - all
--- a/file/keys/code-climate-token.yaml
+++ b/file/keys/code-climate-token.yaml
@ -10,12 +10,11 @@ info:
    - https://github.com/codeclimate/ruby-test-reporter/issues/34
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: codeclimate,token,file
 file:
  - extensions:
      - all
--- a/file/keys/codecov-access-token.yaml
+++ b/file/keys/codecov-access-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: codecov,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/coinbase-access-token.yaml
+++ b/file/keys/coinbase-access-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: coinbase,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/confluent/confluent-access-token.yaml
+++ b/file/keys/confluent/confluent-access-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: confluent,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/confluent/confluent-secret-token.yaml
+++ b/file/keys/confluent/confluent-secret-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: confluent,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/contentful-api-token.yaml
+++ b/file/keys/contentful-api-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: contentful,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/cratesio-api-key.yaml
+++ b/file/keys/cratesio-api-key.yaml
@ -11,12 +11,11 @@ info:
    - https://github.com/rust-lang/crates.io/blob/master/src/util/token.rs
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-    cvss-score: 0.0
+    cvss-score: 0
    cwe-id: CWE-200
  metadata:
    verified: true
  tags: crates,token,file
 file:
  - extensions:
      - all
--- a/file/keys/credential-exposure-file.yaml
+++ b/file/keys/credential-exposure-file.yaml
--- a/file/keys/credentials.yaml
+++ b/file/keys/credentials.yaml
@ -10,7 +10,6 @@ info:
    cvss-score: 7.5
    cwe-id: CWE-200
  tags: token,file,auth
 file:
  - extensions:
      - all
--- a/file/keys/databricks-api-token.yaml
+++ b/file/keys/databricks-api-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: databricks,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/datadog-access-token.yaml
+++ b/file/keys/datadog-access-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: datadog,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/digitalocean/digitalocean-access-token.yaml
+++ b/file/keys/digitalocean/digitalocean-access-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: digitalocean,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)\b(doo_v1_[a-f0-9]{64})\b
+          - (?i)\b(doo_v1_[a-f0-9]{64})\b
--- a/file/keys/digitalocean/digitalocean-personal-access.yaml
+++ b/file/keys/digitalocean/digitalocean-personal-access.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: digitalocean,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)\b(dop_v1_[a-f0-9]{64})\b
+          - (?i)\b(dop_v1_[a-f0-9]{64})\b
--- a/file/keys/digitalocean/digitalocean-refresh-token.yaml
+++ b/file/keys/digitalocean/digitalocean-refresh-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: digitalocean,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)\b(dor_v1_[a-f0-9]{64})\b
+          - (?i)\b(dor_v1_[a-f0-9]{64})\b
--- a/file/keys/discord/discord-api-token.yaml
+++ b/file/keys/discord/discord-api-token.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: discord,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/file/keys/discord/discord-cilent-secret.yaml
+++ b/file/keys/discord/discord-cilent-secret.yaml
@ -10,7 +10,6 @@ info:
  metadata:
    verified: true
  tags: discord,file,token
 file:
  - extensions:
      - all
@ -19,4 +18,4 @@ file:
      - type: regex
        part: body
        regex:
-          - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
+          - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
--- a/Show More
+++ b/Show More