Merge pull request #9339 from ayadim/patch-2

Update js-analyse.yaml
patch-1
pussycat0x 2024-03-19 09:06:51 +05:30 committed by GitHub
commit edd4d5f721
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 60 additions and 2 deletions

View File

@ -31,8 +31,66 @@ file:
name: extracted-uri
regex:
- "(?i)([a-z]{2,10}):(//|/)[a-z0-9\\./?&-_=:]+"
- type: regex
name: AMAZON-ACCES-KEY
name: amazon-access-key
regex:
- "(?i)(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
- type: regex
name: amazon-s3-url
regex:
- "(?i)([a-z0-9_\\-\\.]+\\.s3\\.amazonaws\\.com)"
- "(?i)([a-z0-9\\.-]+\\.s3-[a-z0-9-\\.]+\\.amazonaws\\.com)"
- "(?i)[a-z0-9\\.-]+\\.s3-website[\\.-](eu|ap|us|ca|sa|cn)"
- "(?i)(s3://[a-z0-9_\\-\\./]+)"
- "(?i)(s3\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
- "(?i)(s3\\.console\\.aws\\.com/s3/buckets/[a-z0-9/_\\-\\.]+)"
- "(?i)(s3-[a-z0-9-\\.]\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
- type: regex
name: github-personal-access-token
regex:
- "(?i)(ghp_[a-z0-9]{36}|github_pat_[a-z0-9]{82})"
- type: regex
name: github-oauth-access-token
regex:
- "(?i)(gho_[a-zA-Z0-9]{36})"
- type: regex
name: github-app-token
regex:
- "\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b"
- type: regex
name: authorization-basic
regex:
- "(?i)(Authorization:\\sbasic\\s+[a-z0-9=:_\\-+/]{5,100})"
- type: regex
name: authorization-bearer
regex:
- "(?i)(Authorization:\\sbearer\\s+[a-z0-9=:_\\-\\.+/]{5,100})"
- type: regex
name: rsa-private-key
regex:
- "(?i)(-----BEGIN RSA PRIVATE KEY-----)"
- type: regex
name: ssh-dsa-private-key
regex:
- "(?i)(-----BEGIN DSA PRIVATE KEY-----)"
- type: regex
name: ssh-ec-private-key
regex:
- "(?i)(-----BEGIN EC PRIVATE KEY-----)"
- type: regex
name: potential-ajax-request
regex:
- "(?i)(new\\s+xmlhttprequest\\(\\)|\\$\\.ajax\\(\\{)"
# digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950