id: gitter-token

info:
  name: Gitter Access Token
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.go
  metadata:
    verified: true
    max-request: 1
  tags: exposure,gitter,file,keys

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - (?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4b0a004830460221009654c1b5e92f02c10f8acbb1e0563124345f01e16a5969f570798ec39c09c95f022100eb83c3b295400943515ce68ca37e09def65f8b0a8f70e7ba8e4ca4ad3f024f6a:922c64590222798bb761d5b6d8e72950