Enhancement: file/keys/credential-exposure.yaml by md

file/keys/credential-exposure.yaml

@@ -1,6 +1,13 @@
 id: credentials-disclosure-file
 
-# Extract secrets regex like api keys, password, token, etc ... for different services
+info:
+  name: Credentials Disclosure Check
+  author: Sy3Omda,geeknik,forgedhallpass,ayadi
+  severity: unknown
+  description: Check for multiple keys/tokens/passwords hidden inside of files.
+  tags: exposure,token,file,disclosure
+
+# Extract secrets regex like api keys, password, token, etc ... for different services.
 # Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue.
 # Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
 # Regex count:- 687
@@ -9,14 +16,6 @@ id: credentials-disclosure-file
 # This template requires manual inspection once found valid match.
 # Generic token could be anything matching below regex.
 # Impact of leaked token depends on validation of leaked token.
-
-info:
-  name: Credentials Disclosure Check
-  author: Sy3Omda,geeknik,forgedhallpass,ayadi
-  severity: unknown
-  description: Look for multiple keys/tokens/passwords hidden inside of files.
-  tags: exposure,token,file,disclosure
-
 # The regexes are copied from exposures/tokens/generic/credentials-disclosure.yaml
 # TODO After https://github.com/projectdiscovery/nuclei/issues/1510 is implemented, we should be able to re-use them, instead of duplicating
 # Example cases to match against: https://regex101.com/r/HPtaU2/1
@@ -719,3 +718,5 @@ file:
           - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
           - "(?i)[\"']?access[_-]?key[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?"
           - "(?i)(([a-z0-9]+)[-|_])?(key|password|passwd|pass|pwd|private|credential|auth|cred|creds|secret|access|token)([-|_][a-z]+)?(\\s)*(:|=)+"
+
+# Enhanced by md on 2023/05/04