diff --git a/tokens/amazon-mws-auth-token-value.yaml b/tokens/amazon-mws-auth-token-value.yaml index 312c985cc2..35aa2226ea 100755 --- a/tokens/amazon-mws-auth-token-value.yaml +++ b/tokens/amazon-mws-auth-token-value.yaml @@ -6,18 +6,12 @@ info: severity: medium requests: + - method: GET + path: + - "{{BaseURL}}" + - extractors: - part: body regex: - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - type: regex - - matchers-condition: and - matchers: - - part: body - regex: - - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - type: regex - method: GET - path: - - "{{BaseURL}}" + type: regex \ No newline at end of file diff --git a/tokens/aws-access-key-value.yaml b/tokens/aws-access-key-value.yaml index 24ae8a24f7..6fb604ca25 100755 --- a/tokens/aws-access-key-value.yaml +++ b/tokens/aws-access-key-value.yaml @@ -3,19 +3,13 @@ id: aws-access-key-value info: name: AWS Access Key ID Value author: Swissky - severity: medium + severity: info requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" extractors: - type: regex part: body diff --git a/tokens/google-api-key.yaml b/tokens/google-api-key.yaml index 09bfffbc12..4ddbb78563 100755 --- a/tokens/google-api-key.yaml +++ b/tokens/google-api-key.yaml @@ -10,12 +10,6 @@ requests: path: - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "AIza[0-9A-Za-z\\-_]{35}" extractors: - type: regex part: body diff --git a/tokens/http-username-password.yaml b/tokens/http-username-password.yaml index fe8e799f33..8404dcbfd4 100644 --- a/tokens/http-username-password.yaml +++ b/tokens/http-username-password.yaml @@ -13,12 +13,6 @@ requests: path: - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "(ftp|ftps|http|https)://[0-9A-Za-z\\-_%]+(:|@)" extractors: - type: regex part: body diff --git a/tokens/mailchimp-api-key.yaml b/tokens/mailchimp-api-key.yaml index 41e16640c8..36bca0caec 100755 --- a/tokens/mailchimp-api-key.yaml +++ b/tokens/mailchimp-api-key.yaml @@ -10,12 +10,6 @@ requests: path: - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "[0-9a-f]{32}-us[0-9]{1,2}" extractors: - type: regex part: body diff --git a/tokens/slack-access-token.yaml b/tokens/slack-access-token.yaml index 5b0bfda7f5..01c2bbebb5 100644 --- a/tokens/slack-access-token.yaml +++ b/tokens/slack-access-token.yaml @@ -13,16 +13,9 @@ requests: path: - "{{BaseURL}}" - matchers-condition: and - matchers: + extractors: - type: regex part: body regex: - "xoxp-[0-9A-Za-z\\-]{72}" # Person - "xoxb-[0-9A-Za-z\\-]{51}" # Bot - extractors: - - type: regex - part: body - regex: - - "xoxp-[0-9A-Za-z\\-]{72}" - - "xoxb-[0-9A-Za-z\\-]{51}"