24 lines
813 B
YAML
24 lines
813 B
YAML
id: npm-accesstoken
|
|
|
|
info:
|
|
name: NPM Access Token (fine-grained)
|
|
author: DhiyaneshDK
|
|
severity: info
|
|
reference:
|
|
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/npm.yml
|
|
- https://docs.npmjs.com/about-access-tokens
|
|
- https://github.com/github/roadmap/issues/557
|
|
- https://github.blog/changelog/2022-12-06-limit-scope-of-npm-tokens-with-the-new-granular-access-tokens/
|
|
metadata:
|
|
verified: true
|
|
tags: keys,file,npm,token
|
|
file:
|
|
- extensions:
|
|
- all
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- "\b(npm_[A-Za-z0-9]{36})\b"
|
|
# digest: 490a00463044022039866b0873f183f09afcd27823a4cc86515fb680c821d4ed80919cfa1ff69ac502202599aa40303d5467e19c13645105ca6c34c17796b73d6fabba5631c2476b3a73:922c64590222798bb761d5b6d8e72950 |