daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added New Token Templates

patch-1
Dhiyaneshwaran 2023-03-07 15:10:29 +05:30
parent db57ae8692
commit 94ebcb0b67
38 changed files with 893 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
exposures/tokens/age/age-secret-key.yaml Normal file
View File

@ -0,0 +1,24 @@
id: age-secret-key
info:
name: Age Identity (X22519 secret key)
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/age.yml
- https://github.com/FiloSottile/age/blob/main/doc/age.1.html
- https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type
metadata:
verified: "true"
tags: age-encryption,exposure,tokens
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\bAGE-SECRET-KEY-1[0-9A-Z]{58}\b'

22
exposures/tokens/amazon/aws-account-id.yaml Normal file
View File

@ -0,0 +1,22 @@
id: aws-account-id
info:
name: AWS Account ID
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
metadata:
verified: "true"
tags: aws,amazon,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)aws_?(?:account)_?(?:id)?["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([0-9]{4}-?[0-9]{4}-?[0-9]{4})'

26
exposures/tokens/amazon/aws-api-key.yaml Normal file
View File

@ -0,0 +1,26 @@
id: aws-api-key
info:
name: AWS API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
- https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
- https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
- https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html
- https://docs.aws.amazon.com/accounts/latest/reference/credentials-access-keys-best-practices.html
metadata:
verified: "true"
tags: aws,amazon,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b((?:A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16})\b'

22
exposures/tokens/amazon/aws-session-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: aws-session-token
info:
name: AWS Session Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
metadata:
verified: "true"
tags: aws,amazon,token,exposure,session
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)(?:aws.?session|aws.?session.?token|aws.?token)["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([a-z0-9/+=]{16,200})[^a-z0-9/+=]'

23
exposures/tokens/codeclimate/codeclimate-token.yaml Normal file
View File

@ -0,0 +1,23 @@
id: codeclimate-token
info:
name: CodeClimate Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/codeclimate.yml
- https://github.com/codeclimate/ruby-test-reporter/issues/34
metadata:
verified: "true"
tags: codeclimate,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)codeclima.{0,50}\b([a-f0-9]{64})\b'

24
exposures/tokens/crates/crates-api-key.yaml Normal file
View File

@ -0,0 +1,24 @@
id: crates-api-key
info:
name: Crates.io API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/crates.io.yml
- https://crates.io/data-access
- https://github.com/rust-lang/crates.io/blob/master/src/util/token.rs
metadata:
verified: "true"
tags: crates,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\bcio[a-zA-Z0-9]{32}\b'

22
exposures/tokens/dynatrace/dynatrace-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: dynatrace-token
info:
name: Dynatrace Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/dynatrace.yml
metadata:
verified: "true"
tags: dynatrace,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(dt0[a-zA-Z]{1}[0-9]{2}\.[A-Z0-9]{24}\.[A-Z0-9]{64})\b'

23
exposures/tokens/facebook/facebook-access-token.yaml Normal file
View File

@ -0,0 +1,23 @@
id: facebook-access-token
info:
name: Facebook Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/facebook.yml
- https://developers.facebook.com/docs/facebook-login/access-tokens/
metadata:
verified: "true"
tags: facebook,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(EAACEdEose0cBA[a-zA-Z0-9]+)\b'

25
exposures/tokens/github/github-app-token.yaml Normal file
View File

@ -0,0 +1,25 @@
id: github-app-token
info:
name: GitHub App Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/github.yml
- https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github
- https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps
- https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
metadata:
verified: "true"
tags: github,app,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b'

25
exposures/tokens/github/github-oauth-token.yaml Normal file
View File

@ -0,0 +1,25 @@
id: github-oauth-token
info:
name: GitHub OAuth Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/github.yml
- https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github
- https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps
- https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
metadata:
verified: "true"
tags: github,oauth,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(gho_[a-zA-Z0-9]{36})\b'

25
exposures/tokens/github/github-personal-token.yaml Normal file
View File

@ -0,0 +1,25 @@
id: github-personal-token
info:
name: GitHub Personal Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/github.yml
- https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github
- https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token
- https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
metadata:
verified: "true"
tags: github,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(ghp_[a-zA-Z0-9]{36})\b'

25
exposures/tokens/github/github-refresh-token.yaml Normal file
View File

@ -0,0 +1,25 @@
id: github-refresh-token
info:
name: GitHub Refresh Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/github.yml
- https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github
- https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps
- https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/
metadata:
verified: "true"
tags: github,refresh,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(ghr_[a-zA-Z0-9]{76})\b'

23
exposures/tokens/gitlab/gitlab-personal-token.yaml Normal file
View File

@ -0,0 +1,23 @@
id: gitlab-personal-token
info:
name: GitLab Personal Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml
- https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html
metadata:
verified: "true"
tags: gitlab,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(glpat-[0-9a-zA-Z_-]{20})(?:\b|$)'

25
exposures/tokens/gitlab/gitlab-pipeline-token.yaml Normal file
View File

@ -0,0 +1,25 @@
id: gitlab-pipeline-token
info:
name: GitLab Pipeline Trigger Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml
- https://docs.gitlab.com/ee/ci/triggers/
- https://gitlab.com/gitlab-org/gitlab/-/issues/371396
- https://gitlab.com/gitlab-org/gitlab/-/issues/388379
metadata:
verified: "true"
tags: gitlab,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(glptt-[0-9a-f]{40})\b'

25
exposures/tokens/gitlab/gitlab-runner-token.yaml Normal file
View File

@ -0,0 +1,25 @@
id: gitlab-runner-token
info:
name: GitLab Runner Registration Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml
- https://docs.gitlab.com/runner/security/
- https://docs.gitlab.com/ee/security/token_overview.html#runner-registration-tokens-deprecated
- https://docs.gitlab.com/ee/security/token_overview.html#security-considerations
metadata:
verified: "true"
tags: gitlab,runner,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(GR1348941[0-9a-zA-Z_-]{20})(?:\b|$)'

22
exposures/tokens/google/google-client-id.yaml Normal file
View File

@ -0,0 +1,22 @@
id: google-client-id
info:
name: Google Client ID
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml
metadata:
verified: "true"
tags: google,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)\b([0-9]+-[a-z0-9_]{32})\.apps\.googleusercontent\.com'

22
exposures/tokens/google/google-oauth-prefixed.yaml Normal file
View File

@ -0,0 +1,22 @@
id: google-oauth-prefixed
info:
name: Google OAuth Client Secret (prefixed)
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml
metadata:
verified: "true"
tags: google,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(GOCSPX-[a-zA-Z0-9_-]{28})'

23
exposures/tokens/heroku/heroku-api-key.yaml Normal file
View File

@ -0,0 +1,23 @@
id: heroku-api-key
info:
name: Heroku API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/heroku.yml
- https://devcenter.heroku.com/articles/authentication
metadata:
verified: "true"
tags: heroku,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)heroku.{0,20}key.{0,20}\b([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b'

24
exposures/tokens/jenkins/jenkins-crumb-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: jenkins-crumb-token
info:
name: Jenkins Token or Crumb
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/jenkins.yml
- https://www.jenkins.io/blog/2018/07/02/new-api-token-system/
- https://www.jenkins.io/doc/book/security/csrf-protection/
metadata:
verified: "true"
tags: jenkins,crumb,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)jenkins.{0,10}(?:crumb)?.{0,10}\b([0-9a-f]{32,36})\b'

23
exposures/tokens/mailgun/mailgun-api-key.yaml Normal file
View File

@ -0,0 +1,23 @@
id: mailgun-api-key
info:
name: Mailgun API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/mailgun.yml
- https://documentation.mailgun.com/en/latest/api-intro.html#authentication-1
metadata:
verified: "true"
tags: mailgun,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)(?:mailgun|mg).{0,20}key-([a-z0-9]{32})\b'

23
exposures/tokens/newrelic/newrelic-pixie-api-key.yaml Normal file
View File

@ -0,0 +1,23 @@
id: newrelic-pixie-api-key
info:
name: New Relic Pixie API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml
- https://docs.px.dev/reference/admin/api-keys/
metadata:
verified: "true"
tags: newrelic,pixie,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "(px-api-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})"

23
exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml Normal file
View File

@ -0,0 +1,23 @@
id: newrelic-pixie-deploy-key
info:
name: New Relic Pixie Deploy Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml
- https://docs.px.dev/reference/admin/api-keys/
metadata:
verified: "true"
tags: newrelic,pixie,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "(px-dep-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})"

25
exposures/tokens/npm/npm-access-token.yaml Normal file
View File

@ -0,0 +1,25 @@
id: npm-access-token
info:
name: NPM Access Token (fine-grained)
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/npm.yml
- https://docs.npmjs.com/about-access-tokens
- https://github.com/github/roadmap/issues/557
- https://github.blog/changelog/2022-12-06-limit-scope-of-npm-tokens-with-the-new-granular-access-tokens/
metadata:
verified: "true"
tags: npm,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "(npm_[A-Za-z0-9]{36})"

23
exposures/tokens/nuget/nuget-api-key.yaml Normal file
View File

@ -0,0 +1,23 @@
id: nuget-api-key
info:
name: NuGet API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/nuget.yml
- https://docs.microsoft.com/en-us/nuget/nuget-org/publish-a-package#create-api-keys
metadata:
verified: "true"
tags: nuget,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "(oy2[a-z0-9]{43})"

24
exposures/tokens/openai/openai-api-key.yaml Normal file
View File

@ -0,0 +1,24 @@
id: openai-api-key
info:
name: OpenAI API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/openai.yml
- https://platform.openai.com/docs/api-reference
- https://platform.openai.com/docs/api-reference/authentication
metadata:
verified: "true"
tags: openai,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "(sk-[a-zA-Z0-9]{48})"

24
exposures/tokens/pypi/pypi-upload-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: pypi-upload-token
info:
name: PyPI Upload Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/pypi.yml
- https://github.com/pypa/warehouse/issues/6051
- https://pypi.org/project/pypitoken/
metadata:
verified: "true"
tags: pypi,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "(pypi-AgEIcHlwaS5vcmc[a-zA-Z0-9_-]{50,})"

24
exposures/tokens/ruby/rubygems-api-key.yaml Normal file
View File

@ -0,0 +1,24 @@
id: rubygems-api-key
info:
name: RubyGems API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/rubygems.yml
- https://guides.rubygems.org/rubygems-org-api/
- https://guides.rubygems.org/api-key-scopes/
metadata:
verified: "true"
tags: rubygems,token,exposure,ruby
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "(rubygems_[a-f0-9]{48})"

22
exposures/tokens/sauce/sauce-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: sauce-token
info:
name: Sauce Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/sauce.yml
metadata:
verified: "true"
tags: sauce,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)sauce.{0,50}\b([a-f0-9-]{36})\b'

24
exposures/tokens/segment/segment-public-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: segment-public-token
info:
name: Segment Public API Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/segment.yml
- https://segment.com/docs/api/public-api/
- https://segment.com/blog/how-segment-proactively-protects-customer-api-tokens/
metadata:
verified: "true"
tags: segment,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(sgp_[a-zA-Z0-9]{64})'

24
exposures/tokens/shopify/shopify-app-secret.yaml Normal file
View File

@ -0,0 +1,24 @@
id: shopify-app-secret
info:
name: Shopify App Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml
- https://shopify.dev/apps/auth
- https://shopify.dev/changelog/app-secret-key-length-has-increased
metadata:
verified: "true"
tags: shopify,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(shpss_[a-fA-F0-9]{32})\b'

24
exposures/tokens/shopify/shopify-custom-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: shopify-custom-token
info:
name: Shopify Access Token (Custom App)
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml
- https://shopify.dev/apps/auth
- https://shopify.dev/changelog/app-secret-key-length-has-increased
metadata:
verified: "true"
tags: shopify,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(shpca_[a-fA-F0-9]{32})\b'

24
exposures/tokens/shopify/shopify-private-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: shopify-private-token
info:
name: Shopify Access Token (Legacy Private App)
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml
- https://shopify.dev/apps/auth
- https://shopify.dev/changelog/app-secret-key-length-has-increased
metadata:
verified: "true"
tags: shopify,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(shppa_[a-fA-F0-9]{32})\b'

24
exposures/tokens/shopify/shopify-public-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: shopify-public-token
info:
name: Shopify Access Token (Public App)
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml
- https://shopify.dev/apps/auth
- https://shopify.dev/changelog/app-secret-key-length-has-increased
metadata:
verified: "true"
tags: shopify,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(shpat_[a-fA-F0-9]{32})\b'

22
exposures/tokens/square/square-access-token.yaml Normal file
View File

@ -0,0 +1,22 @@
id: square-access-token
info:
name: Square Access Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/square.yml
metadata:
verified: "true"
tags: square,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)\b(sq0atp-[a-z0-9_-]{22})\b'

22
exposures/tokens/square/square-oauth-secret.yaml Normal file
View File

@ -0,0 +1,22 @@
id: square-oauth-secret
info:
name: Square OAuth Secret
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/square.yml
metadata:
verified: "true"
tags: square,token,exposure,oauth
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)\b(sq0csp-[a-z0-9_-]{43})\b'

22
exposures/tokens/stackhawk/stackhawk-api-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: stackhawk-api-key
info:
name: StackHawk API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/stackhawk.yml
metadata:
verified: "true"
tags: stackhawk,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(hawk\.[0-9A-Za-z_-]{20}\.[0-9A-Za-z_-]{20})\b'

24
exposures/tokens/telegram/telegram-bot-token.yaml Normal file
View File

@ -0,0 +1,24 @@
id: telegram-bot-token
info:
name: Telegram Bot Token
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/telegram.yml
- https://core.telegram.org/bots/api
- https://core.telegram.org/bots/features#botfather
metadata:
verified: "true"
tags: telegram,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '\b(\d+:AA[a-zA-Z0-9_-]{32,33})'

22
exposures/tokens/twilio/twilio-api-key.yaml Normal file
View File

@ -0,0 +1,22 @@
id: twilio-api-key
info:
name: Twilio API Key
author: DhiyaneshDK
severity: info
reference:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/twilio.yml
metadata:
verified: "true"
tags: twilio,token,exposure
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(?i)twilio.{0,20}\b(sk[a-f0-9]{32})\b'