agent-security-scanner-mcp 3.0.0 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (233) hide show
  1. package/README.md +398 -754
  2. package/analyzer.py +51 -7
  3. package/index.js +173 -431
  4. package/package.json +3 -6
  5. package/regex_fallback.py +66 -0
  6. package/rules/__init__.py +124 -36
  7. package/rules/generic/secrets/gitleaks/adafruit-api-key.yaml +27 -0
  8. package/rules/generic/secrets/gitleaks/adobe-client-id.yaml +27 -0
  9. package/rules/generic/secrets/gitleaks/adobe-client-secret.yaml +27 -0
  10. package/rules/generic/secrets/gitleaks/age-secret-key.yaml +27 -0
  11. package/rules/generic/secrets/gitleaks/airtable-api-key.yaml +27 -0
  12. package/rules/generic/secrets/gitleaks/algolia-api-key.yaml +27 -0
  13. package/rules/generic/secrets/gitleaks/alibaba-access-key-id.yaml +27 -0
  14. package/rules/generic/secrets/gitleaks/alibaba-secret-key.yaml +27 -0
  15. package/rules/generic/secrets/gitleaks/asana-client-id.yaml +27 -0
  16. package/rules/generic/secrets/gitleaks/asana-client-secret.yaml +27 -0
  17. package/rules/generic/secrets/gitleaks/atlassian-api-token.yaml +27 -0
  18. package/rules/generic/secrets/gitleaks/authress-service-client-access-key.yaml +27 -0
  19. package/rules/generic/secrets/gitleaks/aws-access-token.yaml +27 -0
  20. package/rules/generic/secrets/gitleaks/beamer-api-token.yaml +27 -0
  21. package/rules/generic/secrets/gitleaks/bitbucket-client-id.yaml +27 -0
  22. package/rules/generic/secrets/gitleaks/bitbucket-client-secret.yaml +27 -0
  23. package/rules/generic/secrets/gitleaks/bittrex-access-key.yaml +27 -0
  24. package/rules/generic/secrets/gitleaks/bittrex-secret-key.yaml +27 -0
  25. package/rules/generic/secrets/gitleaks/clojars-api-token.yaml +27 -0
  26. package/rules/generic/secrets/gitleaks/cloudflare-api-key.yaml +27 -0
  27. package/rules/generic/secrets/gitleaks/cloudflare-global-api-key.yaml +27 -0
  28. package/rules/generic/secrets/gitleaks/cloudflare-origin-ca-key.yaml +27 -0
  29. package/rules/generic/secrets/gitleaks/codecov-access-token.yaml +27 -0
  30. package/rules/generic/secrets/gitleaks/coinbase-access-token.yaml +27 -0
  31. package/rules/generic/secrets/gitleaks/confluent-access-token.yaml +27 -0
  32. package/rules/generic/secrets/gitleaks/confluent-secret-key.yaml +27 -0
  33. package/rules/generic/secrets/gitleaks/contentful-delivery-api-token.yaml +27 -0
  34. package/rules/generic/secrets/gitleaks/databricks-api-token.yaml +27 -0
  35. package/rules/generic/secrets/gitleaks/datadog-access-token.yaml +27 -0
  36. package/rules/generic/secrets/gitleaks/defined-networking-api-token.yaml +27 -0
  37. package/rules/generic/secrets/gitleaks/digitalocean-access-token.yaml +27 -0
  38. package/rules/generic/secrets/gitleaks/digitalocean-pat.yaml +27 -0
  39. package/rules/generic/secrets/gitleaks/digitalocean-refresh-token.yaml +27 -0
  40. package/rules/generic/secrets/gitleaks/discord-api-token.yaml +27 -0
  41. package/rules/generic/secrets/gitleaks/discord-client-id.yaml +27 -0
  42. package/rules/generic/secrets/gitleaks/discord-client-secret.yaml +27 -0
  43. package/rules/generic/secrets/gitleaks/doppler-api-token.yaml +27 -0
  44. package/rules/generic/secrets/gitleaks/droneci-access-token.yaml +27 -0
  45. package/rules/generic/secrets/gitleaks/dropbox-api-token.yaml +27 -0
  46. package/rules/generic/secrets/gitleaks/dropbox-long-lived-api-token.yaml +27 -0
  47. package/rules/generic/secrets/gitleaks/dropbox-short-lived-api-token.yaml +27 -0
  48. package/rules/generic/secrets/gitleaks/duffel-api-token.yaml +27 -0
  49. package/rules/generic/secrets/gitleaks/dynatrace-api-token.yaml +27 -0
  50. package/rules/generic/secrets/gitleaks/easypost-api-token.yaml +27 -0
  51. package/rules/generic/secrets/gitleaks/easypost-test-api-token.yaml +27 -0
  52. package/rules/generic/secrets/gitleaks/etsy-access-token.yaml +27 -0
  53. package/rules/generic/secrets/gitleaks/facebook-access-token.yaml +27 -0
  54. package/rules/generic/secrets/gitleaks/facebook-page-access-token.yaml +27 -0
  55. package/rules/generic/secrets/gitleaks/facebook-secret.yaml +27 -0
  56. package/rules/generic/secrets/gitleaks/facebook.yaml +27 -0
  57. package/rules/generic/secrets/gitleaks/fastly-api-token.yaml +27 -0
  58. package/rules/generic/secrets/gitleaks/finicity-api-token.yaml +27 -0
  59. package/rules/generic/secrets/gitleaks/finicity-client-secret.yaml +27 -0
  60. package/rules/generic/secrets/gitleaks/finnhub-access-token.yaml +27 -0
  61. package/rules/generic/secrets/gitleaks/flickr-access-token.yaml +27 -0
  62. package/rules/generic/secrets/gitleaks/flutterwave-encryption-key.yaml +27 -0
  63. package/rules/generic/secrets/gitleaks/flutterwave-public-key.yaml +27 -0
  64. package/rules/generic/secrets/gitleaks/flutterwave-secret-key.yaml +27 -0
  65. package/rules/generic/secrets/gitleaks/frameio-api-token.yaml +27 -0
  66. package/rules/generic/secrets/gitleaks/freshbooks-access-token.yaml +27 -0
  67. package/rules/generic/secrets/gitleaks/gcp-api-key.yaml +27 -0
  68. package/rules/generic/secrets/gitleaks/generic-api-key.yaml +76 -0
  69. package/rules/generic/secrets/gitleaks/github-app-token.yaml +27 -0
  70. package/rules/generic/secrets/gitleaks/github-fine-grained-pat.yaml +27 -0
  71. package/rules/generic/secrets/gitleaks/github-oauth.yaml +27 -0
  72. package/rules/generic/secrets/gitleaks/github-pat.yaml +27 -0
  73. package/rules/generic/secrets/gitleaks/github-refresh-token.yaml +27 -0
  74. package/rules/generic/secrets/gitleaks/gitlab-pat.yaml +27 -0
  75. package/rules/generic/secrets/gitleaks/gitlab-ptt.yaml +27 -0
  76. package/rules/generic/secrets/gitleaks/gitlab-rrt.yaml +27 -0
  77. package/rules/generic/secrets/gitleaks/gitter-access-token.yaml +27 -0
  78. package/rules/generic/secrets/gitleaks/gocardless-api-token.yaml +27 -0
  79. package/rules/generic/secrets/gitleaks/grafana-api-key.yaml +27 -0
  80. package/rules/generic/secrets/gitleaks/grafana-cloud-api-token.yaml +27 -0
  81. package/rules/generic/secrets/gitleaks/grafana-service-account-token.yaml +27 -0
  82. package/rules/generic/secrets/gitleaks/harness-api-key.yaml +27 -0
  83. package/rules/generic/secrets/gitleaks/hashicorp-tf-api-token.yaml +27 -0
  84. package/rules/generic/secrets/gitleaks/hashicorp-tf-password.yaml +31 -0
  85. package/rules/generic/secrets/gitleaks/heroku-api-key.yaml +27 -0
  86. package/rules/generic/secrets/gitleaks/hubspot-api-key.yaml +27 -0
  87. package/rules/generic/secrets/gitleaks/huggingface-access-token.yaml +27 -0
  88. package/rules/generic/secrets/gitleaks/huggingface-organization-api-token.yaml +27 -0
  89. package/rules/generic/secrets/gitleaks/infracost-api-token.yaml +27 -0
  90. package/rules/generic/secrets/gitleaks/intercom-api-key.yaml +27 -0
  91. package/rules/generic/secrets/gitleaks/intra42-client-secret.yaml +27 -0
  92. package/rules/generic/secrets/gitleaks/jfrog-api-key.yaml +27 -0
  93. package/rules/generic/secrets/gitleaks/jfrog-identity-token.yaml +27 -0
  94. package/rules/generic/secrets/gitleaks/jwt-base64.yaml +27 -0
  95. package/rules/generic/secrets/gitleaks/jwt.yaml +27 -0
  96. package/rules/generic/secrets/gitleaks/kraken-access-token.yaml +27 -0
  97. package/rules/generic/secrets/gitleaks/kucoin-access-token.yaml +27 -0
  98. package/rules/generic/secrets/gitleaks/kucoin-secret-key.yaml +27 -0
  99. package/rules/generic/secrets/gitleaks/launchdarkly-access-token.yaml +27 -0
  100. package/rules/generic/secrets/gitleaks/linear-api-key.yaml +27 -0
  101. package/rules/generic/secrets/gitleaks/linear-client-secret.yaml +27 -0
  102. package/rules/generic/secrets/gitleaks/linkedin-client-id.yaml +27 -0
  103. package/rules/generic/secrets/gitleaks/linkedin-client-secret.yaml +27 -0
  104. package/rules/generic/secrets/gitleaks/lob-api-key.yaml +27 -0
  105. package/rules/generic/secrets/gitleaks/lob-pub-api-key.yaml +27 -0
  106. package/rules/generic/secrets/gitleaks/mailchimp-api-key.yaml +27 -0
  107. package/rules/generic/secrets/gitleaks/mailgun-private-api-token.yaml +27 -0
  108. package/rules/generic/secrets/gitleaks/mailgun-pub-key.yaml +27 -0
  109. package/rules/generic/secrets/gitleaks/mailgun-signing-key.yaml +27 -0
  110. package/rules/generic/secrets/gitleaks/mapbox-api-token.yaml +27 -0
  111. package/rules/generic/secrets/gitleaks/mattermost-access-token.yaml +27 -0
  112. package/rules/generic/secrets/gitleaks/messagebird-api-token.yaml +27 -0
  113. package/rules/generic/secrets/gitleaks/messagebird-client-id.yaml +27 -0
  114. package/rules/generic/secrets/gitleaks/microsoft-teams-webhook.yaml +27 -0
  115. package/rules/generic/secrets/gitleaks/netlify-access-token.yaml +27 -0
  116. package/rules/generic/secrets/gitleaks/new-relic-browser-api-token.yaml +27 -0
  117. package/rules/generic/secrets/gitleaks/new-relic-insert-key.yaml +27 -0
  118. package/rules/generic/secrets/gitleaks/new-relic-user-api-id.yaml +27 -0
  119. package/rules/generic/secrets/gitleaks/new-relic-user-api-key.yaml +27 -0
  120. package/rules/generic/secrets/gitleaks/npm-access-token.yaml +27 -0
  121. package/rules/generic/secrets/gitleaks/nytimes-access-token.yaml +27 -0
  122. package/rules/generic/secrets/gitleaks/okta-access-token.yaml +27 -0
  123. package/rules/generic/secrets/gitleaks/openai-api-key.yaml +27 -0
  124. package/rules/generic/secrets/gitleaks/plaid-api-token.yaml +27 -0
  125. package/rules/generic/secrets/gitleaks/plaid-client-id.yaml +27 -0
  126. package/rules/generic/secrets/gitleaks/plaid-secret-key.yaml +27 -0
  127. package/rules/generic/secrets/gitleaks/planetscale-api-token.yaml +27 -0
  128. package/rules/generic/secrets/gitleaks/planetscale-oauth-token.yaml +27 -0
  129. package/rules/generic/secrets/gitleaks/planetscale-password.yaml +27 -0
  130. package/rules/generic/secrets/gitleaks/postman-api-token.yaml +27 -0
  131. package/rules/generic/secrets/gitleaks/prefect-api-token.yaml +27 -0
  132. package/rules/generic/secrets/gitleaks/private-key.yaml +27 -0
  133. package/rules/generic/secrets/gitleaks/pulumi-api-token.yaml +27 -0
  134. package/rules/generic/secrets/gitleaks/pypi-upload-token.yaml +27 -0
  135. package/rules/generic/secrets/gitleaks/rapidapi-access-token.yaml +27 -0
  136. package/rules/generic/secrets/gitleaks/readme-api-token.yaml +27 -0
  137. package/rules/generic/secrets/gitleaks/rubygems-api-token.yaml +27 -0
  138. package/rules/generic/secrets/gitleaks/scalingo-api-token.yaml +27 -0
  139. package/rules/generic/secrets/gitleaks/sendbird-access-id.yaml +27 -0
  140. package/rules/generic/secrets/gitleaks/sendbird-access-token.yaml +27 -0
  141. package/rules/generic/secrets/gitleaks/sendgrid-api-token.yaml +27 -0
  142. package/rules/generic/secrets/gitleaks/sendinblue-api-token.yaml +27 -0
  143. package/rules/generic/secrets/gitleaks/sentry-access-token.yaml +27 -0
  144. package/rules/generic/secrets/gitleaks/shippo-api-token.yaml +27 -0
  145. package/rules/generic/secrets/gitleaks/shopify-access-token.yaml +27 -0
  146. package/rules/generic/secrets/gitleaks/shopify-custom-access-token.yaml +27 -0
  147. package/rules/generic/secrets/gitleaks/shopify-private-app-access-token.yaml +27 -0
  148. package/rules/generic/secrets/gitleaks/shopify-shared-secret.yaml +27 -0
  149. package/rules/generic/secrets/gitleaks/sidekiq-secret.yaml +27 -0
  150. package/rules/generic/secrets/gitleaks/sidekiq-sensitive-url.yaml +27 -0
  151. package/rules/generic/secrets/gitleaks/slack-app-token.yaml +27 -0
  152. package/rules/generic/secrets/gitleaks/slack-bot-token.yaml +27 -0
  153. package/rules/generic/secrets/gitleaks/slack-config-access-token.yaml +27 -0
  154. package/rules/generic/secrets/gitleaks/slack-config-refresh-token.yaml +27 -0
  155. package/rules/generic/secrets/gitleaks/slack-legacy-bot-token.yaml +27 -0
  156. package/rules/generic/secrets/gitleaks/slack-legacy-token.yaml +27 -0
  157. package/rules/generic/secrets/gitleaks/slack-legacy-workspace-token.yaml +27 -0
  158. package/rules/generic/secrets/gitleaks/slack-user-token.yaml +27 -0
  159. package/rules/generic/secrets/gitleaks/slack-webhook-url.yaml +27 -0
  160. package/rules/generic/secrets/gitleaks/snyk-api-token.yaml +27 -0
  161. package/rules/generic/secrets/gitleaks/square-access-token.yaml +27 -0
  162. package/rules/generic/secrets/gitleaks/squarespace-access-token.yaml +27 -0
  163. package/rules/generic/secrets/gitleaks/stripe-access-token.yaml +27 -0
  164. package/rules/generic/secrets/gitleaks/sumologic-access-id.yaml +27 -0
  165. package/rules/generic/secrets/gitleaks/sumologic-access-token.yaml +27 -0
  166. package/rules/generic/secrets/gitleaks/telegram-bot-api-token.yaml +27 -0
  167. package/rules/generic/secrets/gitleaks/travisci-access-token.yaml +27 -0
  168. package/rules/generic/secrets/gitleaks/twilio-api-key.yaml +27 -0
  169. package/rules/generic/secrets/gitleaks/twitch-api-token.yaml +27 -0
  170. package/rules/generic/secrets/gitleaks/twitter-access-secret.yaml +27 -0
  171. package/rules/generic/secrets/gitleaks/twitter-access-token.yaml +27 -0
  172. package/rules/generic/secrets/gitleaks/twitter-api-key.yaml +27 -0
  173. package/rules/generic/secrets/gitleaks/twitter-api-secret.yaml +27 -0
  174. package/rules/generic/secrets/gitleaks/twitter-bearer-token.yaml +27 -0
  175. package/rules/generic/secrets/gitleaks/typeform-api-token.yaml +27 -0
  176. package/rules/generic/secrets/gitleaks/vault-batch-token.yaml +27 -0
  177. package/rules/generic/secrets/gitleaks/vault-service-token.yaml +27 -0
  178. package/rules/generic/secrets/gitleaks/yandex-access-token.yaml +27 -0
  179. package/rules/generic/secrets/gitleaks/yandex-api-key.yaml +27 -0
  180. package/rules/generic/secrets/gitleaks/yandex-aws-access-token.yaml +27 -0
  181. package/rules/generic/secrets/gitleaks/zendesk-secret-key.yaml +27 -0
  182. package/rules/generic/secrets/security/detected-amazon-mws-auth-token.yaml +26 -0
  183. package/rules/generic/secrets/security/detected-artifactory-password.yaml +47 -0
  184. package/rules/generic/secrets/security/detected-artifactory-token.yaml +44 -0
  185. package/rules/generic/secrets/security/detected-aws-access-key-id-value.yaml +29 -0
  186. package/rules/generic/secrets/security/detected-aws-account-id.yaml +58 -0
  187. package/rules/generic/secrets/security/detected-aws-appsync-graphql-key.yaml +27 -0
  188. package/rules/generic/secrets/security/detected-aws-secret-access-key.yaml +30 -0
  189. package/rules/generic/secrets/security/detected-aws-session-token.yaml +31 -0
  190. package/rules/generic/secrets/security/detected-bcrypt-hash.yaml +25 -0
  191. package/rules/generic/secrets/security/detected-codeclimate.yaml +27 -0
  192. package/rules/generic/secrets/security/detected-etc-shadow.yaml +27 -0
  193. package/rules/generic/secrets/security/detected-facebook-access-token.yaml +29 -0
  194. package/rules/generic/secrets/security/detected-facebook-oauth.yaml +27 -0
  195. package/rules/generic/secrets/security/detected-generic-api-key.yaml +29 -0
  196. package/rules/generic/secrets/security/detected-generic-secret.yaml +30 -0
  197. package/rules/generic/secrets/security/detected-github-token.yaml +47 -0
  198. package/rules/generic/secrets/security/detected-google-api-key.yaml +29 -0
  199. package/rules/generic/secrets/security/detected-google-cloud-api-key.yaml +27 -0
  200. package/rules/generic/secrets/security/detected-google-gcm-service-account.yaml +27 -0
  201. package/rules/generic/secrets/security/detected-google-oauth-access-token.yaml +26 -0
  202. package/rules/generic/secrets/security/detected-google-oauth.yaml +26 -0
  203. package/rules/generic/secrets/security/detected-heroku-api-key.yaml +27 -0
  204. package/rules/generic/secrets/security/detected-hockeyapp.yaml +27 -0
  205. package/rules/generic/secrets/security/detected-jwt-token.yaml +25 -0
  206. package/rules/generic/secrets/security/detected-kolide-api-key.yaml +25 -0
  207. package/rules/generic/secrets/security/detected-mailchimp-api-key.yaml +26 -0
  208. package/rules/generic/secrets/security/detected-mailgun-api-key.yaml +26 -0
  209. package/rules/generic/secrets/security/detected-npm-registry-auth-token.yaml +33 -0
  210. package/rules/generic/secrets/security/detected-onfido-live-api-token.yaml +20 -0
  211. package/rules/generic/secrets/security/detected-outlook-team.yaml +27 -0
  212. package/rules/generic/secrets/security/detected-paypal-braintree-access-token.yaml +27 -0
  213. package/rules/generic/secrets/security/detected-pgp-private-key-block.yaml +28 -0
  214. package/rules/generic/secrets/security/detected-picatic-api-key.yaml +26 -0
  215. package/rules/generic/secrets/security/detected-private-key.yaml +39 -0
  216. package/rules/generic/secrets/security/detected-sauce-token.yaml +27 -0
  217. package/rules/generic/secrets/security/detected-sendgrid-api-key.yaml +27 -0
  218. package/rules/generic/secrets/security/detected-slack-token.yaml +28 -0
  219. package/rules/generic/secrets/security/detected-slack-webhook.yaml +27 -0
  220. package/rules/generic/secrets/security/detected-snyk-api-key.yaml +26 -0
  221. package/rules/generic/secrets/security/detected-softlayer-api-key.yaml +27 -0
  222. package/rules/generic/secrets/security/detected-sonarqube-docs-api-key.yaml +40 -0
  223. package/rules/generic/secrets/security/detected-square-access-token.yaml +26 -0
  224. package/rules/generic/secrets/security/detected-square-oauth-secret.yaml +27 -0
  225. package/rules/generic/secrets/security/detected-ssh-password.yaml +27 -0
  226. package/rules/generic/secrets/security/detected-stripe-api-key.yaml +26 -0
  227. package/rules/generic/secrets/security/detected-stripe-restricted-api-key.yaml +26 -0
  228. package/rules/generic/secrets/security/detected-telegram-bot-api-key.yaml +30 -0
  229. package/rules/generic/secrets/security/detected-twilio-api-key.yaml +26 -0
  230. package/rules/generic/secrets/security/detected-username-and-password-in-uri.yaml +35 -0
  231. package/rules/generic/secrets/security/google-maps-apikeyleak.yaml +25 -0
  232. package/rules/prompt-injection.security.yaml +4 -0
  233. package/rules/python/flask/security/injection/flask-injection-sinks.yaml +352 -0
package/rules/generic/secrets/gitleaks/discord-client-id.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: discord-client-id
3
+ message: A gitleaks discord-client-id was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/discord-client-secret.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: discord-client-secret
3
+ message: A gitleaks discord-client-secret was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/doppler-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: doppler-api-token
3
+ message: A gitleaks doppler-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (dp\.pt\.)(?i)[a-z0-9]{43}
package/rules/generic/secrets/gitleaks/droneci-access-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: droneci-access-token
3
+ message: A gitleaks droneci-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/dropbox-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: dropbox-api-token
3
+ message: A gitleaks dropbox-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/dropbox-long-lived-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: dropbox-long-lived-api-token
3
+ message: A gitleaks dropbox-long-lived-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/dropbox-short-lived-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: dropbox-short-lived-api-token
3
+ message: A gitleaks dropbox-short-lived-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/duffel-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: duffel-api-token
3
+ message: A gitleaks duffel-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: duffel_(test|live)_(?i)[a-z0-9_\-=]{43}
package/rules/generic/secrets/gitleaks/dynatrace-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: dynatrace-api-token
3
+ message: A gitleaks dynatrace-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: dt0c01\.(?i)[a-z0-9]{24}\.[a-z0-9]{64}
package/rules/generic/secrets/gitleaks/easypost-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: easypost-api-token
3
+ message: A gitleaks easypost-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: \bEZAK(?i)[a-z0-9]{54}
package/rules/generic/secrets/gitleaks/easypost-test-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: easypost-test-api-token
3
+ message: A gitleaks easypost-test-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: \bEZTK(?i)[a-z0-9]{54}
package/rules/generic/secrets/gitleaks/etsy-access-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: etsy-access-token
3
+ message: A gitleaks etsy-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/facebook-access-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: facebook-access-token
3
+ message: A gitleaks facebook-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)\b(\d{15,16}(\||%)[0-9a-z\-_]{27,40})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/facebook-page-access-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: facebook-page-access-token
3
+ message: A gitleaks facebook-page-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)\b(EAA[MC][a-z0-9]{20,})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/facebook-secret.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: facebook-secret
3
+ message: A gitleaks facebook-secret was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/facebook.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: facebook
3
+ message: A gitleaks facebook was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/fastly-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: fastly-api-token
3
+ message: A gitleaks fastly-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/finicity-api-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: finicity-api-token
3
+ message: A gitleaks finicity-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/finicity-client-secret.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: finicity-client-secret
3
+ message: A gitleaks finicity-client-secret was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/finnhub-access-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: finnhub-access-token
3
+ message: A gitleaks finnhub-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/flickr-access-token.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: flickr-access-token
3
+ message: A gitleaks flickr-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: (?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
package/rules/generic/secrets/gitleaks/flutterwave-encryption-key.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: flutterwave-encryption-key
3
+ message: A gitleaks flutterwave-encryption-key was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: FLWSECK_TEST-(?i)[a-h0-9]{12}
package/rules/generic/secrets/gitleaks/flutterwave-public-key.yaml ADDED
@@ -0,0 +1,27 @@
1
+ rules:
2
+ - id: flutterwave-public-key
3
+ message: A gitleaks flutterwave-public-key was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module).
4
+ languages:
5
+ - regex
6
+ severity: INFO
7
+ metadata:
8
+ likelihood: LOW
9
+ impact: MEDIUM
10
+ confidence: LOW
11
+ category: security
12
+ cwe:
13
+ - "CWE-798: Use of Hard-coded Credentials"
14
+ cwe2021-top25: true
15
+ cwe2022-top25: true
16
+ owasp:
17
+ - A07:2021 - Identification and Authentication Failures
18
+ - A07:2025 - Authentication Failures
19
+ references:
20
+ - https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html
21
+ source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules
22
+ subcategory:
23
+ - vuln
24
+ technology:
25
+ - gitleaks
26
+ patterns:
27
+ - pattern-regex: FLWPUBK_TEST-(?i)[a-h0-9]{32}-X