From c01defe4f2e8d3397b85aec23fc4c6e321f79f87 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Thu, 18 May 2023 23:49:19 +0530
Subject: [PATCH] Create azure-connection-string.yaml

---
 file/keys/azure/azure-connection-string.yaml | 23 ++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 file/keys/azure/azure-connection-string.yaml

diff --git a/file/keys/azure/azure-connection-string.yaml b/file/keys/azure/azure-connection-string.yaml
new file mode 100644
index 0000000000..83e4709b2d
--- /dev/null
+++ b/file/keys/azure/azure-connection-string.yaml
@@ -0,0 +1,23 @@
+id: azure-connection-string
+
+info:
+  name: Azure Connection String
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/azure.yml
+    - https://azure.microsoft.com/en-us/blog/windows-azure-web-sites-how-application-strings-and-connection-strings-work/
+    - https://docs.microsoft.com/en-us/azure/storage/common/storage-configure-connection-string
+  metadata:
+    verified: "true"
+  tags: azure,file,token
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)(?:AccountName|SharedAccessKeyName|SharedSecretIssuer)\s*=\s*([^;]{1,80})\s*;\s*.{0,10}\s*(?:AccountKey|SharedAccessKey|SharedSecretValue)\s*=\s*([^;]{1,100})(?:;|$)