From b0ba3e4a5d01e6aee8680f0d386bf737e064daf4 Mon Sep 17 00:00:00 2001
From: m ayadi <ayadi.mohamed@outlook.com>
Date: Wed, 13 Mar 2024 22:03:38 +0000
Subject: [PATCH 1/2] Update js-analyse.yaml

New extractors
---
 file/js/js-analyse.yaml | 48 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 47 insertions(+), 1 deletion(-)

diff --git a/file/js/js-analyse.yaml b/file/js/js-analyse.yaml
index 4730f4e553..8778d2399c 100644
--- a/file/js/js-analyse.yaml
+++ b/file/js/js-analyse.yaml
@@ -35,4 +35,50 @@ file:
         name: AMAZON-ACCES-KEY
         regex:
           - "(?i)(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
-# digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
+      - type: regex
+        name: AMAZON-S3-URL
+        regex:
+          - "(?i)([a-z0-9_\\-\\.]+\\.s3\\.amazonaws\\.com)"
+          - "(?i)([a-z0-9\\.-]+\\.s3-[a-z0-9-\\.]+\\.amazonaws\\.com)"
+          - "(?i)[a-z0-9\\.-]+\\.s3-website[\\.-](eu|ap|us|ca|sa|cn)"
+          - "(?i)(s3://[a-z0-9_\\-\\./]+)"
+          - "(?i)(s3\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
+          - "(?i)(s3\\.console\\.aws\\.com/s3/buckets/[a-z0-9/_\\-\\.]+)"
+          - "(?i)(s3-[a-z0-9-\\.]\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
+      - type: regex
+        name: Github-Personal-Access-Token
+        regex:
+          - "(?i)(ghp_[a-z0-9]{36}|github_pat_[a-z0-9]{82})"
+      - type: regex
+        name: Github-OAuth-Access-Token
+        regex:
+          - "(?i)(gho_[a-zA-Z0-9]{36})"
+      - type: regex
+        name: Github-App-Token
+        regex:
+          - "\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b"
+      - type: regex
+        name: Authorization-Basic
+        regex:
+          - "(?i)(Authorization:\\sbasic\\s+[a-z0-9=:_\\-+/]{5,100})"
+      - type: regex
+        name: Authorization-Bearer
+        regex:
+          - "(?i)(Authorization:\\sbearer\\s+[a-z0-9=:_\\-\\.+/]{5,100})"
+      - type: regex
+        name: RSA-Private-Key
+        regex:
+          - "(?i)(-----BEGIN RSA PRIVATE KEY-----)"
+      - type: regex
+        name: SSH-DSA-Private-Key
+        regex:
+          - "(?i)(-----BEGIN DSA PRIVATE KEY-----)"
+      - type: regex
+        name: SSH-EC-Private-Key
+        regex:
+          - "(?i)(-----BEGIN EC PRIVATE KEY-----)"
+      - type: regex
+        name: Potential-Ajax-Request
+        regex:
+          - "(?i)(new\\s+xmlhttprequest\\(\\)|\\$\\.ajax\\(\\{)"
+# digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950

From 56d82473dc7f8dc11ec21621aaf8d07cd7846acb Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Fri, 15 Mar 2024 09:57:19 +0530
Subject: [PATCH 2/2] fir formatting

---
 file/js/js-analyse.yaml | 34 +++++++++++++++++++++++-----------
 1 file changed, 23 insertions(+), 11 deletions(-)

diff --git a/file/js/js-analyse.yaml b/file/js/js-analyse.yaml
index 8778d2399c..7a26564911 100644
--- a/file/js/js-analyse.yaml
+++ b/file/js/js-analyse.yaml
@@ -31,12 +31,14 @@ file:
         name: extracted-uri
         regex:
           - "(?i)([a-z]{2,10}):(//|/)[a-z0-9\\./?&-_=:]+"
+
       - type: regex
-        name: AMAZON-ACCES-KEY
+        name: amazon-access-key
         regex:
           - "(?i)(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
+
       - type: regex
-        name: AMAZON-S3-URL
+        name: amazon-s3-url
         regex:
           - "(?i)([a-z0-9_\\-\\.]+\\.s3\\.amazonaws\\.com)"
           - "(?i)([a-z0-9\\.-]+\\.s3-[a-z0-9-\\.]+\\.amazonaws\\.com)"
@@ -45,40 +47,50 @@ file:
           - "(?i)(s3\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
           - "(?i)(s3\\.console\\.aws\\.com/s3/buckets/[a-z0-9/_\\-\\.]+)"
           - "(?i)(s3-[a-z0-9-\\.]\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
+
       - type: regex
-        name: Github-Personal-Access-Token
+        name: github-personal-access-token
         regex:
           - "(?i)(ghp_[a-z0-9]{36}|github_pat_[a-z0-9]{82})"
+
       - type: regex
-        name: Github-OAuth-Access-Token
+        name: github-oauth-access-token
         regex:
           - "(?i)(gho_[a-zA-Z0-9]{36})"
+
       - type: regex
-        name: Github-App-Token
+        name: github-app-token
         regex:
           - "\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b"
+
       - type: regex
-        name: Authorization-Basic
+        name: authorization-basic
         regex:
           - "(?i)(Authorization:\\sbasic\\s+[a-z0-9=:_\\-+/]{5,100})"
+
       - type: regex
-        name: Authorization-Bearer
+        name: authorization-bearer
         regex:
           - "(?i)(Authorization:\\sbearer\\s+[a-z0-9=:_\\-\\.+/]{5,100})"
+
       - type: regex
-        name: RSA-Private-Key
+        name: rsa-private-key
         regex:
           - "(?i)(-----BEGIN RSA PRIVATE KEY-----)"
+
       - type: regex
-        name: SSH-DSA-Private-Key
+        name: ssh-dsa-private-key
         regex:
           - "(?i)(-----BEGIN DSA PRIVATE KEY-----)"
+
       - type: regex
-        name: SSH-EC-Private-Key
+        name: ssh-ec-private-key
         regex:
           - "(?i)(-----BEGIN EC PRIVATE KEY-----)"
+
       - type: regex
-        name: Potential-Ajax-Request
+        name: potential-ajax-request
         regex:
           - "(?i)(new\\s+xmlhttprequest\\(\\)|\\$\\.ajax\\(\\{)"
+
 # digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950