From 7749c999e0e9844cbe4fc39df7187ffeba918a40 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 14 Jul 2023 17:12:53 +0530 Subject: [PATCH] 87 New Templates --- file/keys/beamer-api-token.yaml | 22 +++++++++++++++++ file/keys/bitbucket/bitbucket-client-id.yaml | 22 +++++++++++++++++ .../bitbucket/bitbucket-client-secret.yaml | 22 +++++++++++++++++ file/keys/bittrex/bittrex-access-key.yaml | 22 +++++++++++++++++ file/keys/bittrex/bittrex-secret-key.yaml | 22 +++++++++++++++++ file/keys/clojars-api-token.yaml | 22 +++++++++++++++++ file/keys/codecov-access-token.yaml | 22 +++++++++++++++++ file/keys/coinbase-access-token.yaml | 22 +++++++++++++++++ .../confluent/confluent-access-token.yaml | 22 +++++++++++++++++ .../confluent/confluent-secret-token.yaml | 22 +++++++++++++++++ file/keys/contentful-api-token.yaml | 22 +++++++++++++++++ file/keys/databricks-api-token.yaml | 22 +++++++++++++++++ file/keys/datadog-access-token.yaml | 22 +++++++++++++++++ file/keys/discord/discord-api-token.yaml | 22 +++++++++++++++++ file/keys/discord/discord-cilent-secret.yaml | 22 +++++++++++++++++ file/keys/discord/discord-client-id.yaml | 22 +++++++++++++++++ file/keys/doppler-api-token.yaml | 22 +++++++++++++++++ file/keys/droneci-access-token.yaml | 22 +++++++++++++++++ file/keys/dropbox/dropbox-api-token.yaml | 22 +++++++++++++++++ .../keys/dropbox/dropbox-longlived-token.yaml | 22 +++++++++++++++++ .../dropbox/dropbox-shortlived-token.yaml | 22 +++++++++++++++++ file/keys/duffel-api-token.yaml | 22 +++++++++++++++++ file/keys/easypost/easypost-api-token.yaml | 22 +++++++++++++++++ file/keys/easypost/easypost-test-token.yaml | 22 +++++++++++++++++ file/keys/etsy-access-token.yaml | 22 +++++++++++++++++ file/keys/facebook/facebook-api-token.yaml | 22 +++++++++++++++++ file/keys/fastly-api-token.yaml | 22 +++++++++++++++++ file/keys/finicity/finicity-api-token.yaml | 22 +++++++++++++++++ .../keys/finicity/finicity-client-secret.yaml | 22 +++++++++++++++++ file/keys/finnhub-access-token.yaml | 22 +++++++++++++++++ file/keys/flickr-access-token.yaml | 22 +++++++++++++++++ .../flutter/flutterwave-encryption-key.yaml | 22 +++++++++++++++++ file/keys/flutter/flutterwave-public-key.yaml | 22 +++++++++++++++++ file/keys/flutter/flutterwave-secret-key.yaml | 22 +++++++++++++++++ file/keys/frameio-api-token.yaml | 22 +++++++++++++++++ file/keys/freshbooks-access-token.yaml | 22 +++++++++++++++++ file/keys/gitter-access-token.yaml | 22 +++++++++++++++++ file/keys/gocardless-api-token.yaml | 22 +++++++++++++++++ file/keys/grafana/grafana-api-key.yaml | 22 +++++++++++++++++ .../keys/grafana/grafana-cloud-api-token.yaml | 22 +++++++++++++++++ .../grafana-service-account-token.yaml | 22 +++++++++++++++++ file/keys/hashicorp-api-token.yaml | 22 +++++++++++++++++ file/keys/zendesk-secret-key.yaml | 22 +++++++++++++++++ .../{ => atlassian}/atlassian-token.yaml | 0 .../exposures/tokens/beamer/beamer-token.yaml | 24 +++++++++++++++++++ .../tokens/bitbucket/bitbucket-clientid.yaml | 24 +++++++++++++++++++ .../bitbucket/bitbucket-clientsecret.yaml | 24 +++++++++++++++++++ .../tokens/bittrex/bittrex-accesskey.yaml | 24 +++++++++++++++++++ .../tokens/bittrex/bittrex-secretkey.yaml | 24 +++++++++++++++++++ .../tokens/clojars/clojars-token.yaml | 24 +++++++++++++++++++ .../tokens/codecov/codecov-accesstoken.yaml | 24 +++++++++++++++++++ .../tokens/coinbase/coinbase-accesstoken.yaml | 24 +++++++++++++++++++ .../confluent/confluent-accesstoken.yaml | 24 +++++++++++++++++++ .../tokens/confluent/confluent-secretkey.yaml | 24 +++++++++++++++++++ .../tokens/contentful/contentful-token.yaml | 24 +++++++++++++++++++ .../tokens/databricks/databricks-token.yaml | 24 +++++++++++++++++++ .../tokens/datadog/datadog-accesstoken.yaml | 24 +++++++++++++++++++ .../tokens/discord/discord-clientid.yaml | 24 +++++++++++++++++++ .../tokens/discord/discord-clientsecret.yaml | 24 +++++++++++++++++++ .../tokens/discord/discord-token.yaml | 24 +++++++++++++++++++ .../tokens/doppler/doppler-token.yaml | 24 +++++++++++++++++++ .../tokens/droneci/droneci-accesstoken.yaml | 24 +++++++++++++++++++ .../tokens/dropbox/dropbox-long-token.yaml | 24 +++++++++++++++++++ .../tokens/dropbox/dropbox-short-token.yaml | 24 +++++++++++++++++++ .../tokens/dropbox/dropbox-token.yaml | 24 +++++++++++++++++++ .../exposures/tokens/duffel/duffel-token.yaml | 24 +++++++++++++++++++ .../tokens/easypost/easypost-testtoken.yaml | 24 +++++++++++++++++++ .../tokens/easypost/easypost-token.yaml | 24 +++++++++++++++++++ .../tokens/etsy/etsy-accesstoken.yaml | 24 +++++++++++++++++++ .../tokens/facebook/facebook-token.yaml | 24 +++++++++++++++++++ .../exposures/tokens/fastly/fastly-token.yaml | 24 +++++++++++++++++++ .../finicity/finicity-clientsecret.yaml | 24 +++++++++++++++++++ .../tokens/finicity/finicity-token.yaml | 24 +++++++++++++++++++ .../tokens/finnhub/finnhub-accesstoken.yaml | 24 +++++++++++++++++++ .../tokens/flickr/flickr-accesstoken.yaml | 24 +++++++++++++++++++ .../flutter/flutterwave-encryptionkey.yaml | 24 +++++++++++++++++++ .../tokens/flutter/flutterwave-publickey.yaml | 24 +++++++++++++++++++ .../tokens/flutter/flutterwave-secretkey.yaml | 24 +++++++++++++++++++ .../tokens/frameio/frameio-token.yaml | 24 +++++++++++++++++++ .../freshbooks/freshbooks-accesstoken.yaml | 24 +++++++++++++++++++ .../exposures/tokens/gitter/gitter-token.yaml | 24 +++++++++++++++++++ .../tokens/gocardless/gocardless-token.yaml | 24 +++++++++++++++++++ .../tokens/grafana/grafana-cloud-token.yaml | 24 +++++++++++++++++++ .../exposures/tokens/grafana/grafana-key.yaml | 24 +++++++++++++++++++ .../grafana/grafana-serviceaccount-token.yaml | 24 +++++++++++++++++++ .../tokens/hashicorp/hashicorp-token.yaml | 24 +++++++++++++++++++ .../exposures/tokens/zendesk/zendesk-key.yaml | 24 +++++++++++++++++++ 87 files changed, 1978 insertions(+) create mode 100644 file/keys/beamer-api-token.yaml create mode 100644 file/keys/bitbucket/bitbucket-client-id.yaml create mode 100644 file/keys/bitbucket/bitbucket-client-secret.yaml create mode 100644 file/keys/bittrex/bittrex-access-key.yaml create mode 100644 file/keys/bittrex/bittrex-secret-key.yaml create mode 100644 file/keys/clojars-api-token.yaml create mode 100644 file/keys/codecov-access-token.yaml create mode 100644 file/keys/coinbase-access-token.yaml create mode 100644 file/keys/confluent/confluent-access-token.yaml create mode 100644 file/keys/confluent/confluent-secret-token.yaml create mode 100644 file/keys/contentful-api-token.yaml create mode 100644 file/keys/databricks-api-token.yaml create mode 100644 file/keys/datadog-access-token.yaml create mode 100644 file/keys/discord/discord-api-token.yaml create mode 100644 file/keys/discord/discord-cilent-secret.yaml create mode 100644 file/keys/discord/discord-client-id.yaml create mode 100644 file/keys/doppler-api-token.yaml create mode 100644 file/keys/droneci-access-token.yaml create mode 100644 file/keys/dropbox/dropbox-api-token.yaml create mode 100644 file/keys/dropbox/dropbox-longlived-token.yaml create mode 100644 file/keys/dropbox/dropbox-shortlived-token.yaml create mode 100644 file/keys/duffel-api-token.yaml create mode 100644 file/keys/easypost/easypost-api-token.yaml create mode 100644 file/keys/easypost/easypost-test-token.yaml create mode 100644 file/keys/etsy-access-token.yaml create mode 100644 file/keys/facebook/facebook-api-token.yaml create mode 100644 file/keys/fastly-api-token.yaml create mode 100644 file/keys/finicity/finicity-api-token.yaml create mode 100644 file/keys/finicity/finicity-client-secret.yaml create mode 100644 file/keys/finnhub-access-token.yaml create mode 100644 file/keys/flickr-access-token.yaml create mode 100644 file/keys/flutter/flutterwave-encryption-key.yaml create mode 100644 file/keys/flutter/flutterwave-public-key.yaml create mode 100644 file/keys/flutter/flutterwave-secret-key.yaml create mode 100644 file/keys/frameio-api-token.yaml create mode 100644 file/keys/freshbooks-access-token.yaml create mode 100644 file/keys/gitter-access-token.yaml create mode 100644 file/keys/gocardless-api-token.yaml create mode 100644 file/keys/grafana/grafana-api-key.yaml create mode 100644 file/keys/grafana/grafana-cloud-api-token.yaml create mode 100644 file/keys/grafana/grafana-service-account-token.yaml create mode 100644 file/keys/hashicorp-api-token.yaml create mode 100644 file/keys/zendesk-secret-key.yaml rename http/exposures/tokens/{ => atlassian}/atlassian-token.yaml (100%) create mode 100644 http/exposures/tokens/beamer/beamer-token.yaml create mode 100644 http/exposures/tokens/bitbucket/bitbucket-clientid.yaml create mode 100644 http/exposures/tokens/bitbucket/bitbucket-clientsecret.yaml create mode 100644 http/exposures/tokens/bittrex/bittrex-accesskey.yaml create mode 100644 http/exposures/tokens/bittrex/bittrex-secretkey.yaml create mode 100644 http/exposures/tokens/clojars/clojars-token.yaml create mode 100644 http/exposures/tokens/codecov/codecov-accesstoken.yaml create mode 100644 http/exposures/tokens/coinbase/coinbase-accesstoken.yaml create mode 100644 http/exposures/tokens/confluent/confluent-accesstoken.yaml create mode 100644 http/exposures/tokens/confluent/confluent-secretkey.yaml create mode 100644 http/exposures/tokens/contentful/contentful-token.yaml create mode 100644 http/exposures/tokens/databricks/databricks-token.yaml create mode 100644 http/exposures/tokens/datadog/datadog-accesstoken.yaml create mode 100644 http/exposures/tokens/discord/discord-clientid.yaml create mode 100644 http/exposures/tokens/discord/discord-clientsecret.yaml create mode 100644 http/exposures/tokens/discord/discord-token.yaml create mode 100644 http/exposures/tokens/doppler/doppler-token.yaml create mode 100644 http/exposures/tokens/droneci/droneci-accesstoken.yaml create mode 100644 http/exposures/tokens/dropbox/dropbox-long-token.yaml create mode 100644 http/exposures/tokens/dropbox/dropbox-short-token.yaml create mode 100644 http/exposures/tokens/dropbox/dropbox-token.yaml create mode 100644 http/exposures/tokens/duffel/duffel-token.yaml create mode 100644 http/exposures/tokens/easypost/easypost-testtoken.yaml create mode 100644 http/exposures/tokens/easypost/easypost-token.yaml create mode 100644 http/exposures/tokens/etsy/etsy-accesstoken.yaml create mode 100644 http/exposures/tokens/facebook/facebook-token.yaml create mode 100644 http/exposures/tokens/fastly/fastly-token.yaml create mode 100644 http/exposures/tokens/finicity/finicity-clientsecret.yaml create mode 100644 http/exposures/tokens/finicity/finicity-token.yaml create mode 100644 http/exposures/tokens/finnhub/finnhub-accesstoken.yaml create mode 100644 http/exposures/tokens/flickr/flickr-accesstoken.yaml create mode 100644 http/exposures/tokens/flutter/flutterwave-encryptionkey.yaml create mode 100644 http/exposures/tokens/flutter/flutterwave-publickey.yaml create mode 100644 http/exposures/tokens/flutter/flutterwave-secretkey.yaml create mode 100644 http/exposures/tokens/frameio/frameio-token.yaml create mode 100644 http/exposures/tokens/freshbooks/freshbooks-accesstoken.yaml create mode 100644 http/exposures/tokens/gitter/gitter-token.yaml create mode 100644 http/exposures/tokens/gocardless/gocardless-token.yaml create mode 100644 http/exposures/tokens/grafana/grafana-cloud-token.yaml create mode 100644 http/exposures/tokens/grafana/grafana-key.yaml create mode 100644 http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml create mode 100644 http/exposures/tokens/hashicorp/hashicorp-token.yaml create mode 100644 http/exposures/tokens/zendesk/zendesk-key.yaml diff --git a/file/keys/beamer-api-token.yaml b/file/keys/beamer-api-token.yaml new file mode 100644 index 0000000000..e000a0b4a5 --- /dev/null +++ b/file/keys/beamer-api-token.yaml @@ -0,0 +1,22 @@ +id: beamer-api-token + +info: + name: Beamer API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.go + metadata: + verified: true + tags: beamer,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/bitbucket/bitbucket-client-id.yaml b/file/keys/bitbucket/bitbucket-client-id.yaml new file mode 100644 index 0000000000..fb1a6b2891 --- /dev/null +++ b/file/keys/bitbucket/bitbucket-client-id.yaml @@ -0,0 +1,22 @@ +id: bitbucket-client-id + +info: + name: BitBucket Client ID + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.go + metadata: + verified: true + tags: bitbucket,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/bitbucket/bitbucket-client-secret.yaml b/file/keys/bitbucket/bitbucket-client-secret.yaml new file mode 100644 index 0000000000..5320710594 --- /dev/null +++ b/file/keys/bitbucket/bitbucket-client-secret.yaml @@ -0,0 +1,22 @@ +id: bitbucket-client-secret + +info: + name: BitBucket Client Secret + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.go + metadata: + verified: true + tags: bitbucket,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/bittrex/bittrex-access-key.yaml b/file/keys/bittrex/bittrex-access-key.yaml new file mode 100644 index 0000000000..5d759a86c5 --- /dev/null +++ b/file/keys/bittrex/bittrex-access-key.yaml @@ -0,0 +1,22 @@ +id: bittrex-access-key + +info: + name: Bittrex Access Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.go + metadata: + verified: true + tags: bittrex,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/bittrex/bittrex-secret-key.yaml b/file/keys/bittrex/bittrex-secret-key.yaml new file mode 100644 index 0000000000..22927db671 --- /dev/null +++ b/file/keys/bittrex/bittrex-secret-key.yaml @@ -0,0 +1,22 @@ +id: bittrex-secret-key + +info: + name: Bittrex Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.go + metadata: + verified: true + tags: bittrex,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/clojars-api-token.yaml b/file/keys/clojars-api-token.yaml new file mode 100644 index 0000000000..84986e8cbc --- /dev/null +++ b/file/keys/clojars-api-token.yaml @@ -0,0 +1,22 @@ +id: clojars-api-token + +info: + name: Clojars API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.go + metadata: + verified: true + tags: clojars,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(CLOJARS_)[a-z0-9]{60} \ No newline at end of file diff --git a/file/keys/codecov-access-token.yaml b/file/keys/codecov-access-token.yaml new file mode 100644 index 0000000000..e6df4554b7 --- /dev/null +++ b/file/keys/codecov-access-token.yaml @@ -0,0 +1,22 @@ +id: codecov-access-token + +info: + name: Codecov Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.go + metadata: + verified: true + tags: codecov,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/coinbase-access-token.yaml b/file/keys/coinbase-access-token.yaml new file mode 100644 index 0000000000..8892a9a732 --- /dev/null +++ b/file/keys/coinbase-access-token.yaml @@ -0,0 +1,22 @@ +id: coinbase-access-token + +info: + name: Coinbase Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.go + metadata: + verified: true + tags: coinbase,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/confluent/confluent-access-token.yaml b/file/keys/confluent/confluent-access-token.yaml new file mode 100644 index 0000000000..caf2b34f3f --- /dev/null +++ b/file/keys/confluent/confluent-access-token.yaml @@ -0,0 +1,22 @@ +id: confluent-access-token + +info: + name: Confluent Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.go + metadata: + verified: true + tags: confluent,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/confluent/confluent-secret-token.yaml b/file/keys/confluent/confluent-secret-token.yaml new file mode 100644 index 0000000000..dfce7ab9ff --- /dev/null +++ b/file/keys/confluent/confluent-secret-token.yaml @@ -0,0 +1,22 @@ +id: confluent-secret-token + +info: + name: Confluent Secret Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.go + metadata: + verified: true + tags: confluent,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/contentful-api-token.yaml b/file/keys/contentful-api-token.yaml new file mode 100644 index 0000000000..cca691374d --- /dev/null +++ b/file/keys/contentful-api-token.yaml @@ -0,0 +1,22 @@ +id: contentful-api-token + +info: + name: Contentful Delivery API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.go + metadata: + verified: true + tags: contentful,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/databricks-api-token.yaml b/file/keys/databricks-api-token.yaml new file mode 100644 index 0000000000..aadaf4675a --- /dev/null +++ b/file/keys/databricks-api-token.yaml @@ -0,0 +1,22 @@ +id: databricks-api-token + +info: + name: Databricks API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.go + metadata: + verified: true + tags: databricks,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/datadog-access-token.yaml b/file/keys/datadog-access-token.yaml new file mode 100644 index 0000000000..92ffcfdd69 --- /dev/null +++ b/file/keys/datadog-access-token.yaml @@ -0,0 +1,22 @@ +id: datadog-access-token + +info: + name: Datadog Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.go + metadata: + verified: true + tags: datadog,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/discord/discord-api-token.yaml b/file/keys/discord/discord-api-token.yaml new file mode 100644 index 0000000000..28568c6541 --- /dev/null +++ b/file/keys/discord/discord-api-token.yaml @@ -0,0 +1,22 @@ +id: discord-api-token + +info: + name: Discord API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.go + metadata: + verified: true + tags: discord,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/discord/discord-cilent-secret.yaml b/file/keys/discord/discord-cilent-secret.yaml new file mode 100644 index 0000000000..02c90879de --- /dev/null +++ b/file/keys/discord/discord-cilent-secret.yaml @@ -0,0 +1,22 @@ +id: discord-client-secret + +info: + name: Discord Client Secret + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.go + metadata: + verified: true + tags: discord,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/discord/discord-client-id.yaml b/file/keys/discord/discord-client-id.yaml new file mode 100644 index 0000000000..725f8e0f48 --- /dev/null +++ b/file/keys/discord/discord-client-id.yaml @@ -0,0 +1,22 @@ +id: discord-client-id + +info: + name: Discord Client ID + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.go + metadata: + verified: true + tags: discord,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/doppler-api-token.yaml b/file/keys/doppler-api-token.yaml new file mode 100644 index 0000000000..925537324a --- /dev/null +++ b/file/keys/doppler-api-token.yaml @@ -0,0 +1,22 @@ +id: doppler-api-token + +info: + name: Doppler API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.go + metadata: + verified: true + tags: doppler,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (dp\.pt\.)(?i)[a-z0-9]{43} \ No newline at end of file diff --git a/file/keys/droneci-access-token.yaml b/file/keys/droneci-access-token.yaml new file mode 100644 index 0000000000..fb9ede3c62 --- /dev/null +++ b/file/keys/droneci-access-token.yaml @@ -0,0 +1,22 @@ +id: droneci-access-token + +info: + name: Droneci Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.go + metadata: + verified: true + tags: droneci,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/dropbox/dropbox-api-token.yaml b/file/keys/dropbox/dropbox-api-token.yaml new file mode 100644 index 0000000000..8393139877 --- /dev/null +++ b/file/keys/dropbox/dropbox-api-token.yaml @@ -0,0 +1,22 @@ +id: dropbox-api-token + +info: + name: Dropbox API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.go + metadata: + verified: true + tags: dropbox,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/dropbox/dropbox-longlived-token.yaml b/file/keys/dropbox/dropbox-longlived-token.yaml new file mode 100644 index 0000000000..7ba943f750 --- /dev/null +++ b/file/keys/dropbox/dropbox-longlived-token.yaml @@ -0,0 +1,22 @@ +id: dropbox-longlived-token + +info: + name: Dropbox Long Lived API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.go + metadata: + verified: true + tags: dropbox,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/dropbox/dropbox-shortlived-token.yaml b/file/keys/dropbox/dropbox-shortlived-token.yaml new file mode 100644 index 0000000000..d164b0b3d5 --- /dev/null +++ b/file/keys/dropbox/dropbox-shortlived-token.yaml @@ -0,0 +1,22 @@ +id: dropbox-shortlived-token + +info: + name: Dropbox Short Lived API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.go + metadata: + verified: true + tags: dropbox,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/duffel-api-token.yaml b/file/keys/duffel-api-token.yaml new file mode 100644 index 0000000000..c306cef35a --- /dev/null +++ b/file/keys/duffel-api-token.yaml @@ -0,0 +1,22 @@ +id: duffel-api-token + +info: + name: Duffel API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.go + metadata: + verified: true + tags: duffel,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - duffel_(test|live)_(?i)[a-z0-9_\-=]{43} \ No newline at end of file diff --git a/file/keys/easypost/easypost-api-token.yaml b/file/keys/easypost/easypost-api-token.yaml new file mode 100644 index 0000000000..61013edd56 --- /dev/null +++ b/file/keys/easypost/easypost-api-token.yaml @@ -0,0 +1,22 @@ +id: easypost-api-token + +info: + name: Easypost Test API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.go + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.yaml + metadata: + verified: true + tags: easypost,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - EZAK(?i)[a-z0-9]{54} \ No newline at end of file diff --git a/file/keys/easypost/easypost-test-token.yaml b/file/keys/easypost/easypost-test-token.yaml new file mode 100644 index 0000000000..13f04d92f6 --- /dev/null +++ b/file/keys/easypost/easypost-test-token.yaml @@ -0,0 +1,22 @@ +id: easypost-test-token + +info: + name: Easypost Test API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.go + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.yaml + metadata: + verified: true + tags: easypost,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - EZTK(?i)[a-z0-9]{54} \ No newline at end of file diff --git a/file/keys/etsy-access-token.yaml b/file/keys/etsy-access-token.yaml new file mode 100644 index 0000000000..a3ee2d3c1c --- /dev/null +++ b/file/keys/etsy-access-token.yaml @@ -0,0 +1,22 @@ +id: etsy-access-token + +info: + name: Etsy Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.go + metadata: + verified: true + tags: etsy,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/facebook/facebook-api-token.yaml b/file/keys/facebook/facebook-api-token.yaml new file mode 100644 index 0000000000..a0a5aa0f54 --- /dev/null +++ b/file/keys/facebook/facebook-api-token.yaml @@ -0,0 +1,22 @@ +id: facebook-api-token + +info: + name: Facebook API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.go + metadata: + verified: true + tags: facebook,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/fastly-api-token.yaml b/file/keys/fastly-api-token.yaml new file mode 100644 index 0000000000..d3376d968c --- /dev/null +++ b/file/keys/fastly-api-token.yaml @@ -0,0 +1,22 @@ +id: fastly-api-token + +info: + name: Fastly API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.go + metadata: + verified: true + tags: fastly,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/finicity/finicity-api-token.yaml b/file/keys/finicity/finicity-api-token.yaml new file mode 100644 index 0000000000..4a18214f75 --- /dev/null +++ b/file/keys/finicity/finicity-api-token.yaml @@ -0,0 +1,22 @@ +id: finicity-api-token + +info: + name: Finicity API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.go + metadata: + verified: true + tags: finicity,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/finicity/finicity-client-secret.yaml b/file/keys/finicity/finicity-client-secret.yaml new file mode 100644 index 0000000000..8a88cebb18 --- /dev/null +++ b/file/keys/finicity/finicity-client-secret.yaml @@ -0,0 +1,22 @@ +id: finicity-client-secret + +info: + name: Finicity Client Secret + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.go + metadata: + verified: true + tags: finicity,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/finnhub-access-token.yaml b/file/keys/finnhub-access-token.yaml new file mode 100644 index 0000000000..2b830ded34 --- /dev/null +++ b/file/keys/finnhub-access-token.yaml @@ -0,0 +1,22 @@ +id: finnhub-access-token + +info: + name: Finnhub Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.go + metadata: + verified: true + tags: finnhub,file,token + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/flickr-access-token.yaml b/file/keys/flickr-access-token.yaml new file mode 100644 index 0000000000..65c5988c6b --- /dev/null +++ b/file/keys/flickr-access-token.yaml @@ -0,0 +1,22 @@ +id: flickr-access-token + +info: + name: Flickr Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.go + metadata: + verified: true + tags: flickr,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/flutter/flutterwave-encryption-key.yaml b/file/keys/flutter/flutterwave-encryption-key.yaml new file mode 100644 index 0000000000..10d2054403 --- /dev/null +++ b/file/keys/flutter/flutterwave-encryption-key.yaml @@ -0,0 +1,22 @@ +id: flutterwave-encryption-key + +info: + name: Flutterwave Encryption Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.go + metadata: + verified: true + tags: flutter,file,keys,flutterwave + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - FLWSECK_TEST-(?i)[a-h0-9]{12} \ No newline at end of file diff --git a/file/keys/flutter/flutterwave-public-key.yaml b/file/keys/flutter/flutterwave-public-key.yaml new file mode 100644 index 0000000000..32c4fcea3f --- /dev/null +++ b/file/keys/flutter/flutterwave-public-key.yaml @@ -0,0 +1,22 @@ +id: flutterwave-public-key + +info: + name: Flutterwave Public Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.go + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.yaml + metadata: + verified: true + tags: flutter,file,keys,flutterwave + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - FLWPUBK_TEST-(?i)[a-h0-9]{32}-X \ No newline at end of file diff --git a/file/keys/flutter/flutterwave-secret-key.yaml b/file/keys/flutter/flutterwave-secret-key.yaml new file mode 100644 index 0000000000..cb8f91ca1a --- /dev/null +++ b/file/keys/flutter/flutterwave-secret-key.yaml @@ -0,0 +1,22 @@ +id: flutterwave-secret-key + +info: + name: Flutterwave Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.go + metadata: + verified: true + tags: flutter,file,keys,flutterwave + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - FLWSECK_TEST-(?i)[a-h0-9]{32}-X \ No newline at end of file diff --git a/file/keys/frameio-api-token.yaml b/file/keys/frameio-api-token.yaml new file mode 100644 index 0000000000..352f232f82 --- /dev/null +++ b/file/keys/frameio-api-token.yaml @@ -0,0 +1,22 @@ +id: frameio-api-token + +info: + name: Frameio API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.go + metadata: + verified: true + tags: frameio,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - fio-u-(?i)[a-z0-9\-_=]{64} \ No newline at end of file diff --git a/file/keys/freshbooks-access-token.yaml b/file/keys/freshbooks-access-token.yaml new file mode 100644 index 0000000000..14653518fe --- /dev/null +++ b/file/keys/freshbooks-access-token.yaml @@ -0,0 +1,22 @@ +id: freshbooks-access-token + +info: + name: Freshbooks Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.go + metadata: + verified: true + tags: freshbooks,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - fio-u-(?i)[a-z0-9\-_=]{64} \ No newline at end of file diff --git a/file/keys/gitter-access-token.yaml b/file/keys/gitter-access-token.yaml new file mode 100644 index 0000000000..dd4c03ce53 --- /dev/null +++ b/file/keys/gitter-access-token.yaml @@ -0,0 +1,22 @@ +id: gitter-access-token + +info: + name: Gitter Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.go + metadata: + verified: true + tags: gitter,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/gocardless-api-token.yaml b/file/keys/gocardless-api-token.yaml new file mode 100644 index 0000000000..ab55b0aacb --- /dev/null +++ b/file/keys/gocardless-api-token.yaml @@ -0,0 +1,22 @@ +id: gocardless-api-token + +info: + name: Gocardless API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.go + metadata: + verified: true + tags: gocardless,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/grafana/grafana-api-key.yaml b/file/keys/grafana/grafana-api-key.yaml new file mode 100644 index 0000000000..af821a6060 --- /dev/null +++ b/file/keys/grafana/grafana-api-key.yaml @@ -0,0 +1,22 @@ +id: grafana-api-key + +info: + name: Grafana API Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.go + metadata: + verified: true + tags: grafana,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/grafana/grafana-cloud-api-token.yaml b/file/keys/grafana/grafana-cloud-api-token.yaml new file mode 100644 index 0000000000..20ec44482c --- /dev/null +++ b/file/keys/grafana/grafana-cloud-api-token.yaml @@ -0,0 +1,22 @@ +id: grafana-cloud-api-token + +info: + name: Grafana Cloud API Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.go + metadata: + verified: true + tags: grafana,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/grafana/grafana-service-account-token.yaml b/file/keys/grafana/grafana-service-account-token.yaml new file mode 100644 index 0000000000..fc5748771e --- /dev/null +++ b/file/keys/grafana/grafana-service-account-token.yaml @@ -0,0 +1,22 @@ +id: grafana-service-account-token + +info: + name: Grafana Service Account Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.go + metadata: + verified: true + tags: grafana,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/file/keys/hashicorp-api-token.yaml b/file/keys/hashicorp-api-token.yaml new file mode 100644 index 0000000000..ca0b289484 --- /dev/null +++ b/file/keys/hashicorp-api-token.yaml @@ -0,0 +1,22 @@ +id: hashicorp-api-token + +info: + name: Hashicorp API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.go + metadata: + verified: true + tags: hashicorp,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70} \ No newline at end of file diff --git a/file/keys/zendesk-secret-key.yaml b/file/keys/zendesk-secret-key.yaml new file mode 100644 index 0000000000..79c1fa37ee --- /dev/null +++ b/file/keys/zendesk-secret-key.yaml @@ -0,0 +1,22 @@ +id: zendesk-secret-key + +info: + name: Zendesk Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.go + metadata: + verified: true + tags: zendesk,file,keys + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/atlassian-token.yaml b/http/exposures/tokens/atlassian/atlassian-token.yaml similarity index 100% rename from http/exposures/tokens/atlassian-token.yaml rename to http/exposures/tokens/atlassian/atlassian-token.yaml diff --git a/http/exposures/tokens/beamer/beamer-token.yaml b/http/exposures/tokens/beamer/beamer-token.yaml new file mode 100644 index 0000000000..8e5825fc55 --- /dev/null +++ b/http/exposures/tokens/beamer/beamer-token.yaml @@ -0,0 +1,24 @@ +id: beamer-token + +info: + name: Beamer API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.go + metadata: + max-request: 1 + verified: true + tags: beamer,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/bitbucket/bitbucket-clientid.yaml b/http/exposures/tokens/bitbucket/bitbucket-clientid.yaml new file mode 100644 index 0000000000..4349abc37c --- /dev/null +++ b/http/exposures/tokens/bitbucket/bitbucket-clientid.yaml @@ -0,0 +1,24 @@ +id: bitbucket-clientid + +info: + name: BitBucket Client ID + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-id.go + metadata: + max-request: 1 + verified: true + tags: bitbucket,exposure,tokens,clientid + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/bitbucket/bitbucket-clientsecret.yaml b/http/exposures/tokens/bitbucket/bitbucket-clientsecret.yaml new file mode 100644 index 0000000000..8d5f679409 --- /dev/null +++ b/http/exposures/tokens/bitbucket/bitbucket-clientsecret.yaml @@ -0,0 +1,24 @@ +id: bitbucket-clientsecret + +info: + name: BitBucket Client Secret + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bitbucket-client-secret.go + metadata: + max-request: 1 + verified: true + tags: bitbucket,exposure,tokens,secret + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/bittrex/bittrex-accesskey.yaml b/http/exposures/tokens/bittrex/bittrex-accesskey.yaml new file mode 100644 index 0000000000..7e125134df --- /dev/null +++ b/http/exposures/tokens/bittrex/bittrex-accesskey.yaml @@ -0,0 +1,24 @@ +id: bittrex-accesskey + +info: + name: Bittrex Access Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.go + metadata: + max-request: 1 + verified: true + tags: bittrex,exposure,tokens,accesskey + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/bittrex/bittrex-secretkey.yaml b/http/exposures/tokens/bittrex/bittrex-secretkey.yaml new file mode 100644 index 0000000000..5a075f9e68 --- /dev/null +++ b/http/exposures/tokens/bittrex/bittrex-secretkey.yaml @@ -0,0 +1,24 @@ +id: bittrex-secretkey + +info: + name: Bittrex Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.go + metadata: + max-request: 1 + verified: true + tags: bittrex,exposure,tokens,secretkey + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/clojars/clojars-token.yaml b/http/exposures/tokens/clojars/clojars-token.yaml new file mode 100644 index 0000000000..1b646b1456 --- /dev/null +++ b/http/exposures/tokens/clojars/clojars-token.yaml @@ -0,0 +1,24 @@ +id: clojars-token + +info: + name: Clojars Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.go + metadata: + max-request: 1 + verified: true + tags: clojars,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(CLOJARS_)[a-z0-9]{60} \ No newline at end of file diff --git a/http/exposures/tokens/codecov/codecov-accesstoken.yaml b/http/exposures/tokens/codecov/codecov-accesstoken.yaml new file mode 100644 index 0000000000..a876e228e8 --- /dev/null +++ b/http/exposures/tokens/codecov/codecov-accesstoken.yaml @@ -0,0 +1,24 @@ +id: codecov-accesstoken + +info: + name: Codecov Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.go + metadata: + max-request: 1 + verified: true + tags: codecov,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/coinbase/coinbase-accesstoken.yaml b/http/exposures/tokens/coinbase/coinbase-accesstoken.yaml new file mode 100644 index 0000000000..f47c4c9177 --- /dev/null +++ b/http/exposures/tokens/coinbase/coinbase-accesstoken.yaml @@ -0,0 +1,24 @@ +id: coinbase-accesstoken + +info: + name: Coinbase Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/coinbase-access-token.go + metadata: + max-request: 1 + verified: true + tags: coinbase,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/confluent/confluent-accesstoken.yaml b/http/exposures/tokens/confluent/confluent-accesstoken.yaml new file mode 100644 index 0000000000..a0f971ea08 --- /dev/null +++ b/http/exposures/tokens/confluent/confluent-accesstoken.yaml @@ -0,0 +1,24 @@ +id: confluent-accesstoken + +info: + name: Confluent Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-access-token.go + metadata: + max-request: 1 + verified: true + tags: confluent,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/confluent/confluent-secretkey.yaml b/http/exposures/tokens/confluent/confluent-secretkey.yaml new file mode 100644 index 0000000000..a17beec046 --- /dev/null +++ b/http/exposures/tokens/confluent/confluent-secretkey.yaml @@ -0,0 +1,24 @@ +id: confluent-secretkey + +info: + name: Confluent Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/confluent-secret-key.go + metadata: + max-request: 1 + verified: true + tags: confluent,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/contentful/contentful-token.yaml b/http/exposures/tokens/contentful/contentful-token.yaml new file mode 100644 index 0000000000..f42b0ede6c --- /dev/null +++ b/http/exposures/tokens/contentful/contentful-token.yaml @@ -0,0 +1,24 @@ +id: contentful-token + +info: + name: Contentful Delivery API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/contentful-delivery-api-token.go + metadata: + max-request: 1 + verified: true + tags: contentful,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/databricks/databricks-token.yaml b/http/exposures/tokens/databricks/databricks-token.yaml new file mode 100644 index 0000000000..5abbf65cd3 --- /dev/null +++ b/http/exposures/tokens/databricks/databricks-token.yaml @@ -0,0 +1,24 @@ +id: databricks-token + +info: + name: Databricks API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.go + metadata: + max-request: 1 + verified: true + tags: databricks,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/datadog/datadog-accesstoken.yaml b/http/exposures/tokens/datadog/datadog-accesstoken.yaml new file mode 100644 index 0000000000..08dabdbe18 --- /dev/null +++ b/http/exposures/tokens/datadog/datadog-accesstoken.yaml @@ -0,0 +1,24 @@ +id: datadog-accesstoken + +info: + name: Datadog Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.go + metadata: + max-request: 1 + verified: true + tags: datadog,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/discord/discord-clientid.yaml b/http/exposures/tokens/discord/discord-clientid.yaml new file mode 100644 index 0000000000..e78720c766 --- /dev/null +++ b/http/exposures/tokens/discord/discord-clientid.yaml @@ -0,0 +1,24 @@ +id: discord-clientid + +info: + name: Discord Client ID + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.go + metadata: + max-request: 1 + verified: true + tags: discord,exposure,tokens,clientid + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/discord/discord-clientsecret.yaml b/http/exposures/tokens/discord/discord-clientsecret.yaml new file mode 100644 index 0000000000..e2e4ad1d7b --- /dev/null +++ b/http/exposures/tokens/discord/discord-clientsecret.yaml @@ -0,0 +1,24 @@ +id: discord-clientsecret + +info: + name: Discord Client Secret + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-secret.go + metadata: + max-request: 1 + verified: true + tags: discord,exposure,tokens,clientid + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/discord/discord-token.yaml b/http/exposures/tokens/discord/discord-token.yaml new file mode 100644 index 0000000000..e8b8052763 --- /dev/null +++ b/http/exposures/tokens/discord/discord-token.yaml @@ -0,0 +1,24 @@ +id: discord-token + +info: + name: Discord API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.go + metadata: + max-request: 1 + verified: true + tags: discord,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/doppler/doppler-token.yaml b/http/exposures/tokens/doppler/doppler-token.yaml new file mode 100644 index 0000000000..52c1337ec4 --- /dev/null +++ b/http/exposures/tokens/doppler/doppler-token.yaml @@ -0,0 +1,24 @@ +id: doppler-token + +info: + name: Doppler API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.go + metadata: + max-request: 1 + verified: true + tags: doppler,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (dp\.pt\.)(?i)[a-z0-9]{43} \ No newline at end of file diff --git a/http/exposures/tokens/droneci/droneci-accesstoken.yaml b/http/exposures/tokens/droneci/droneci-accesstoken.yaml new file mode 100644 index 0000000000..f74624e193 --- /dev/null +++ b/http/exposures/tokens/droneci/droneci-accesstoken.yaml @@ -0,0 +1,24 @@ +id: droneci-accesstoken + +info: + name: Droneci Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.go + metadata: + max-request: 1 + verified: true + tags: droneci,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/dropbox/dropbox-long-token.yaml b/http/exposures/tokens/dropbox/dropbox-long-token.yaml new file mode 100644 index 0000000000..c84189a087 --- /dev/null +++ b/http/exposures/tokens/dropbox/dropbox-long-token.yaml @@ -0,0 +1,24 @@ +id: dropbox-long-token + +info: + name: Dropbox Long Lived API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-long-lived-api-token.go + metadata: + max-request: 1 + verified: true + tags: dropbox,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/dropbox/dropbox-short-token.yaml b/http/exposures/tokens/dropbox/dropbox-short-token.yaml new file mode 100644 index 0000000000..afa5dbe513 --- /dev/null +++ b/http/exposures/tokens/dropbox/dropbox-short-token.yaml @@ -0,0 +1,24 @@ +id: dropbox-short-token + +info: + name: Dropbox Short Lived API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-short-lived-api-token.go + metadata: + max-request: 1 + verified: true + tags: dropbox,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/dropbox/dropbox-token.yaml b/http/exposures/tokens/dropbox/dropbox-token.yaml new file mode 100644 index 0000000000..bb217c1966 --- /dev/null +++ b/http/exposures/tokens/dropbox/dropbox-token.yaml @@ -0,0 +1,24 @@ +id: dropbox-token + +info: + name: Dropbox API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.go + metadata: + max-request: 1 + verified: true + tags: dropbox,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/duffel/duffel-token.yaml b/http/exposures/tokens/duffel/duffel-token.yaml new file mode 100644 index 0000000000..1c1c95d555 --- /dev/null +++ b/http/exposures/tokens/duffel/duffel-token.yaml @@ -0,0 +1,24 @@ +id: duffel-token + +info: + name: Duffel API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.go + metadata: + max-request: 1 + verified: true + tags: duffel,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - duffel_(test|live)_(?i)[a-z0-9_\-=]{43} \ No newline at end of file diff --git a/http/exposures/tokens/easypost/easypost-testtoken.yaml b/http/exposures/tokens/easypost/easypost-testtoken.yaml new file mode 100644 index 0000000000..0ec71d54e5 --- /dev/null +++ b/http/exposures/tokens/easypost/easypost-testtoken.yaml @@ -0,0 +1,24 @@ +id: easypost-testtoken + +info: + name: Easypost Test API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.go + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.yaml + metadata: + max-request: 1 + verified: true + tags: easypost,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - EZTK(?i)[a-z0-9]{54} \ No newline at end of file diff --git a/http/exposures/tokens/easypost/easypost-token.yaml b/http/exposures/tokens/easypost/easypost-token.yaml new file mode 100644 index 0000000000..15a504fb44 --- /dev/null +++ b/http/exposures/tokens/easypost/easypost-token.yaml @@ -0,0 +1,24 @@ +id: easypost-token + +info: + name: Easypost API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.go + metadata: + max-request: 1 + verified: true + tags: easypost,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - EZAK(?i)[a-z0-9]{54} \ No newline at end of file diff --git a/http/exposures/tokens/etsy/etsy-accesstoken.yaml b/http/exposures/tokens/etsy/etsy-accesstoken.yaml new file mode 100644 index 0000000000..e434095950 --- /dev/null +++ b/http/exposures/tokens/etsy/etsy-accesstoken.yaml @@ -0,0 +1,24 @@ +id: etsy-accesstoken + +info: + name: Etsy Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.go + metadata: + max-request: 1 + verified: true + tags: etsy,exposure,tokens,accesskey + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/facebook/facebook-token.yaml b/http/exposures/tokens/facebook/facebook-token.yaml new file mode 100644 index 0000000000..ee5b415337 --- /dev/null +++ b/http/exposures/tokens/facebook/facebook-token.yaml @@ -0,0 +1,24 @@ +id: facebook-token + +info: + name: Facebook API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.go + metadata: + max-request: 1 + verified: true + tags: facebook,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/fastly/fastly-token.yaml b/http/exposures/tokens/fastly/fastly-token.yaml new file mode 100644 index 0000000000..e6c2ec9e7a --- /dev/null +++ b/http/exposures/tokens/fastly/fastly-token.yaml @@ -0,0 +1,24 @@ +id: fastly-token + +info: + name: Fastly API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.go + metadata: + max-request: 1 + verified: true + tags: fastly,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/finicity/finicity-clientsecret.yaml b/http/exposures/tokens/finicity/finicity-clientsecret.yaml new file mode 100644 index 0000000000..fa1963d59e --- /dev/null +++ b/http/exposures/tokens/finicity/finicity-clientsecret.yaml @@ -0,0 +1,24 @@ +id: finicity-clientsecret + +info: + name: Finicity Client Secret + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-client-secret.go + metadata: + max-request: 1 + verified: true + tags: finicity,file,token + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/finicity/finicity-token.yaml b/http/exposures/tokens/finicity/finicity-token.yaml new file mode 100644 index 0000000000..38dd2c6648 --- /dev/null +++ b/http/exposures/tokens/finicity/finicity-token.yaml @@ -0,0 +1,24 @@ +id: finicity-token + +info: + name: Finicity API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.go + metadata: + max-request: 1 + verified: true + tags: finicity,file,token + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/finnhub/finnhub-accesstoken.yaml b/http/exposures/tokens/finnhub/finnhub-accesstoken.yaml new file mode 100644 index 0000000000..48fcae3f14 --- /dev/null +++ b/http/exposures/tokens/finnhub/finnhub-accesstoken.yaml @@ -0,0 +1,24 @@ +id: finnhub-accesstoken + +info: + name: finnhub Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.go + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.yaml + metadata: + max-request: 1 + verified: true + tags: finnhub,file,token + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/flickr/flickr-accesstoken.yaml b/http/exposures/tokens/flickr/flickr-accesstoken.yaml new file mode 100644 index 0000000000..7c8f07deb6 --- /dev/null +++ b/http/exposures/tokens/flickr/flickr-accesstoken.yaml @@ -0,0 +1,24 @@ +id: flickr-accesstoken + +info: + name: Flickr Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.go + metadata: + max-request: 1 + verified: true + tags: flickr,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/flutter/flutterwave-encryptionkey.yaml b/http/exposures/tokens/flutter/flutterwave-encryptionkey.yaml new file mode 100644 index 0000000000..87ea37de9a --- /dev/null +++ b/http/exposures/tokens/flutter/flutterwave-encryptionkey.yaml @@ -0,0 +1,24 @@ +id: flutterwave-encryptionkey + +info: + name: Flutterwave Encryption Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.go + metadata: + max-request: 1 + verified: true + tags: flutterwave,exposure,tokens,encryption + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - FLWSECK_TEST-(?i)[a-h0-9]{12} \ No newline at end of file diff --git a/http/exposures/tokens/flutter/flutterwave-publickey.yaml b/http/exposures/tokens/flutter/flutterwave-publickey.yaml new file mode 100644 index 0000000000..0104f22c9b --- /dev/null +++ b/http/exposures/tokens/flutter/flutterwave-publickey.yaml @@ -0,0 +1,24 @@ +id: flutterwave-publickey + +info: + name: Flutterwave Public Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.go + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.yaml + metadata: + max-request: 1 + verified: true + tags: flutterwave,exposure,tokens,publickey + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - FLWPUBK_TEST-(?i)[a-h0-9]{32}-X \ No newline at end of file diff --git a/http/exposures/tokens/flutter/flutterwave-secretkey.yaml b/http/exposures/tokens/flutter/flutterwave-secretkey.yaml new file mode 100644 index 0000000000..b5eb5d530e --- /dev/null +++ b/http/exposures/tokens/flutter/flutterwave-secretkey.yaml @@ -0,0 +1,24 @@ +id: flutterwave-secretkey + +info: + name: Flutterwave Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.go + metadata: + max-request: 1 + verified: true + tags: flutterwave,exposure,tokens,secretkey + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - FLWSECK_TEST-(?i)[a-h0-9]{32}-X \ No newline at end of file diff --git a/http/exposures/tokens/frameio/frameio-token.yaml b/http/exposures/tokens/frameio/frameio-token.yaml new file mode 100644 index 0000000000..fbad1a0ebb --- /dev/null +++ b/http/exposures/tokens/frameio/frameio-token.yaml @@ -0,0 +1,24 @@ +id: frameio-token + +info: + name: Frameio API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.go + metadata: + max-request: 1 + verified: true + tags: frameio,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - fio-u-(?i)[a-z0-9\-_=]{64} \ No newline at end of file diff --git a/http/exposures/tokens/freshbooks/freshbooks-accesstoken.yaml b/http/exposures/tokens/freshbooks/freshbooks-accesstoken.yaml new file mode 100644 index 0000000000..6bafe9dfce --- /dev/null +++ b/http/exposures/tokens/freshbooks/freshbooks-accesstoken.yaml @@ -0,0 +1,24 @@ +id: freshbooks-accesstoken + +info: + name: Freshbooks Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.go + metadata: + max-request: 1 + verified: true + tags: freshbooks,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:freshbooks)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/gitter/gitter-token.yaml b/http/exposures/tokens/gitter/gitter-token.yaml new file mode 100644 index 0000000000..f464a5deec --- /dev/null +++ b/http/exposures/tokens/gitter/gitter-token.yaml @@ -0,0 +1,24 @@ +id: gitter-token + +info: + name: Gitter Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.go + metadata: + max-request: 1 + verified: true + tags: gitter,file,keys + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/gocardless/gocardless-token.yaml b/http/exposures/tokens/gocardless/gocardless-token.yaml new file mode 100644 index 0000000000..0c3f69984b --- /dev/null +++ b/http/exposures/tokens/gocardless/gocardless-token.yaml @@ -0,0 +1,24 @@ +id: gocardless-token + +info: + name: Gocardless API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gocardless-api-token.go + metadata: + max-request: 1 + verified: true + tags: gocardless,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:gocardless)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/grafana/grafana-cloud-token.yaml b/http/exposures/tokens/grafana/grafana-cloud-token.yaml new file mode 100644 index 0000000000..fc59af7451 --- /dev/null +++ b/http/exposures/tokens/grafana/grafana-cloud-token.yaml @@ -0,0 +1,24 @@ +id: grafana-cloud-token + +info: + name: Grafana Cloud API Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.go + metadata: + max-request: 1 + verified: true + tags: grafana,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/grafana/grafana-key.yaml b/http/exposures/tokens/grafana/grafana-key.yaml new file mode 100644 index 0000000000..263d9933cf --- /dev/null +++ b/http/exposures/tokens/grafana/grafana-key.yaml @@ -0,0 +1,24 @@ +id: grafana-key + +info: + name: Grafana API Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.go + metadata: + max-request: 1 + verified: true + tags: grafana,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml b/http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml new file mode 100644 index 0000000000..064fd7799b --- /dev/null +++ b/http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml @@ -0,0 +1,24 @@ +id: grafana-serviceaccount-token + +info: + name: Grafana Service Account Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.go + metadata: + max-request: 1 + verified: true + tags: grafana,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file diff --git a/http/exposures/tokens/hashicorp/hashicorp-token.yaml b/http/exposures/tokens/hashicorp/hashicorp-token.yaml new file mode 100644 index 0000000000..7eccf20add --- /dev/null +++ b/http/exposures/tokens/hashicorp/hashicorp-token.yaml @@ -0,0 +1,24 @@ +id: hashicorp-token + +info: + name: Hashicorp API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.go + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.yaml + metadata: + max-request: 1 + verified: true + tags: hashicorp,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70} \ No newline at end of file diff --git a/http/exposures/tokens/zendesk/zendesk-key.yaml b/http/exposures/tokens/zendesk/zendesk-key.yaml new file mode 100644 index 0000000000..acb6b020bf --- /dev/null +++ b/http/exposures/tokens/zendesk/zendesk-key.yaml @@ -0,0 +1,24 @@ +id: zendesk-key + +info: + name: Zendesk Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.yaml + - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.go + metadata: + max-request: 1 + verified: true + tags: zendesk,exposure,tokens + +http: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - (?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) \ No newline at end of file