id: easypost-token

info:
  name: Easypost API Token
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.yaml
    - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.go
  metadata:
    verified: true
    max-request: 1
  tags: easypost,exposure,tokens

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - EZAK(?i)[a-z0-9]{54}

# digest: 490a0046304402207b3ca806144f1274916a2da0c470ca51f372f23a2b3ff21e7fb32ae40c78749c0220381129702526001d140a2de8ef6bc03ea108e7f49809c596f06959861ca76263:922c64590222798bb761d5b6d8e72950