nuclei-templates/http/exposures/tokens/figma/figma-personal-token.yaml

id: figma-personal-token

info:
  name: Figma Personal Access Token
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/figma.yml
    - https://www.figma.com/developers/api
  metadata:
    max-request: 1
    verified: true
  tags: figma,exposure,token

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - (?i)figma.{0,20}\b([0-9a-f]{4}-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b