geeknik
6ff45ea0a0
Update credentials-disclosure.yaml
...
https://regex101.com/r/L8AgnX/1
2022-12-06 13:24:27 +00:00
Sandeep Singh
712264db7e
Using "host-redirects" instead of "redirects" to avoid scanning 3rd party / out of scope hosts. ( #5491 )
2022-10-08 02:57:25 +05:30
sandeep
0a0d7c6213
severity update for token templates
2022-03-14 18:51:04 +05:30
Geeknik Labs
5645f7e9c6
Update credentials-disclosure.yaml
...
This new regex matches the following patterns:
```
air_table_api_key:"82973659213857235"
airtable_api_key: '28375628173562352'
"airtableapikey":'test'
"air_table_api_key":"test"
```
2022-01-27 12:26:15 -06:00
forgedhallpass
5b3e3dbdf0
refactor: credentials-disclosure.yaml & credential-exposure.yaml
...
* correction
2022-01-21 16:25:39 +02:00
forgedhallpass
02c0417190
refactor: credentials-disclosure.yaml & credential-exposure.yaml
...
* Extended the regex to handle more use-cases
2022-01-21 15:55:19 +02:00
forgedhallpass
0ff3afe771
refactor: credentials-disclosure.yaml
...
* removed the unnecessary capture group
2022-01-18 11:35:45 +02:00
forgedhallpass
a67af376e7
refactor: credentials-disclosure.yaml
...
* changed the [a-z0-9-_] with [\w-] for readability
2022-01-18 11:35:41 +02:00
forgedhallpass
98a2d89ad8
refactor: credentials-disclosure.yaml
...
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
2022-01-18 11:35:34 +02:00
forgedhallpass
66435721f9
refactor: credentials-disclosure.yaml
...
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
2022-01-18 11:35:29 +02:00
sandeep
fa7c2d3553
misc updates
2022-01-12 19:10:31 +05:30
Emad Youssef
c5262cb836
Update credentials-disclosure.yaml
2022-01-07 21:36:35 +02:00
Geeknik Labs
95664dfc18
Update credentials-disclosure.yaml
2021-09-16 15:13:12 -05:00
Geeknik Labs
5e3cc340ee
Update credentials-disclosure.yaml
...
I feel like we should make these regex case insensitive so they match unexpected variations. For example, the `api[_-]?key(=| =|:| :)` regex before my change would match `apikey :`, `api_key =` and `api-key:` but not `apiKey=`.
2021-07-29 14:08:41 -05:00
sandeep
34a68cdde3
Moving tokens under exposures with tags support
2021-04-13 19:18:02 +05:30