27 lines
890 B
YAML
27 lines
890 B
YAML
id: asana-client-id
|
|
|
|
info:
|
|
name: Asana Client ID
|
|
author: DhiyaneshDK
|
|
severity: info
|
|
reference:
|
|
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-id.go
|
|
- https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-id.yaml
|
|
metadata:
|
|
verified: true
|
|
max-request: 1
|
|
tags: asana,exposure,tokens,secret
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}"
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
|
|
|
|
# digest: 4a0a00473045022100dd6656580cd64c299067f88407cb9d3a5cbcd349a77f2a42e242072bf0d6f3fd02202ed9fca481e23a35328e49d5208d43d2a8b5f8f177bdb2c95fd1869e6b931e22:922c64590222798bb761d5b6d8e72950
|