more updates

2020-08-25 21:14:33 +05:30 · 2020-08-25 21:14:33 +05:30 · 41240045d6
parent e71f1be03e
commit 41240045d6
7 changed files with 3 additions and 44 deletions
--- a/tokens/amazon-mws-auth-token-value.yaml
+++ b/tokens/amazon-mws-auth-token-value.yaml
@ -10,13 +10,6 @@ requests:
    path:
      - "{{BaseURL}}"

-    matchers-condition: and
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
-
    extractors:
      - type: regex
        part: body
--- a/tokens/aws-access-key-value.yaml
+++ b/tokens/aws-access-key-value.yaml
@ -10,13 +10,6 @@ requests:
    path:
      - "{{BaseURL}}"

-    matchers-condition: and
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
-
    extractors:
      - type: regex
        part: body
--- a/tokens/credentials-disclosure.yaml
+++ b/tokens/credentials-disclosure.yaml
@ -2,6 +2,8 @@ id: credentials-disclosure

 # Extract secrets regex like api keys, password, token, etc ... for different services
 # Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue.
+# Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
+# Regex count:- 687

 info:
  name: Credentials Disclosure Check
--- a/tokens/google-api-key.yaml
+++ b/tokens/google-api-key.yaml
@ -10,13 +10,6 @@ requests:
    path:
      - "{{BaseURL}}"

-    matchers-condition: and
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - "AIza[0-9A-Za-z\\-_]{35}"
-
    extractors:
      - type: regex
        part: body
--- a/tokens/http-username-password.yaml
+++ b/tokens/http-username-password.yaml
@ -13,13 +13,6 @@ requests:
    path:
      - "{{BaseURL}}"

-    matchers-condition: and
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - "(ftp|ftps|http|https)://[0-9A-Za-z\\-_%]+(:|@)"
-
    extractors:
      - type: regex
        part: body
--- a/tokens/mailchimp-api-key.yaml
+++ b/tokens/mailchimp-api-key.yaml
@ -8,14 +8,7 @@ info:
 requests:
  - method: GET
    path:
-      - "{{BaseURL}}/"
-
-    matchers-condition: and
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - "[0-9a-f]{32}-us[0-9]{1,2}"
+      - "{{BaseURL}}"

    extractors:
      - type: regex
--- a/tokens/slack-access-token.yaml
+++ b/tokens/slack-access-token.yaml
@ -13,14 +13,6 @@ requests:
    path:
      - "{{BaseURL}}"

-    matchers-condition: and
-    matchers:
-      - type: regex
-        part: body
-        regex:
-          - "xoxp-[0-9A-Za-z\\-]{72}"  # Person
-          - "xoxb-[0-9A-Za-z\\-]{51}"  # Bot
-
    extractors:
      - type: regex
        part: body