credsweeper 1.11.6__py3-none-any.whl → 1.12.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of credsweeper might be problematic. Click here for more details.

Files changed (67) hide show
  1. credsweeper/__init__.py +1 -1
  2. credsweeper/common/keyword_pattern.py +13 -15
  3. credsweeper/common/morpheme_checklist.txt +2 -0
  4. credsweeper/config/config.py +2 -2
  5. credsweeper/credentials/line_data.py +20 -0
  6. credsweeper/filters/__init__.py +1 -1
  7. credsweeper/filters/filter.py +3 -1
  8. credsweeper/filters/group/group.py +22 -31
  9. credsweeper/filters/group/password_keyword.py +7 -6
  10. credsweeper/filters/group/token_pattern.py +1 -1
  11. credsweeper/filters/group/url_credentials_group.py +6 -6
  12. credsweeper/filters/group/weird_base36_token.py +1 -1
  13. credsweeper/filters/group/weird_base64_token.py +1 -1
  14. credsweeper/filters/line_git_binary_check.py +2 -1
  15. credsweeper/filters/line_specific_key_check.py +2 -1
  16. credsweeper/filters/line_uue_part_check.py +2 -1
  17. credsweeper/filters/value_allowlist_check.py +2 -1
  18. credsweeper/filters/value_array_dictionary_check.py +5 -3
  19. credsweeper/filters/value_atlassian_token_check.py +2 -1
  20. credsweeper/filters/value_azure_token_check.py +2 -1
  21. credsweeper/filters/value_base32_data_check.py +4 -1
  22. credsweeper/filters/value_base64_data_check.py +2 -1
  23. credsweeper/filters/value_base64_encoded_pem_check.py +2 -1
  24. credsweeper/filters/value_base64_key_check.py +2 -1
  25. credsweeper/filters/value_base64_part_check.py +2 -1
  26. credsweeper/filters/value_basic_auth_check.py +2 -1
  27. credsweeper/filters/value_blocklist_check.py +3 -1
  28. credsweeper/filters/value_camel_case_check.py +2 -1
  29. credsweeper/filters/value_couple_keyword_check.py +3 -1
  30. credsweeper/filters/value_dictionary_keyword_check.py +3 -1
  31. credsweeper/filters/value_discord_bot_check.py +2 -1
  32. credsweeper/filters/value_entropy_base_check.py +2 -1
  33. credsweeper/filters/value_file_path_check.py +3 -1
  34. credsweeper/filters/value_github_check.py +2 -1
  35. credsweeper/filters/value_grafana_check.py +2 -1
  36. credsweeper/filters/value_grafana_service_check.py +2 -1
  37. credsweeper/filters/value_hex_number_check.py +2 -1
  38. credsweeper/filters/value_jfrog_token_check.py +2 -1
  39. credsweeper/filters/value_json_web_key_check.py +2 -1
  40. credsweeper/filters/value_json_web_token_check.py +2 -1
  41. credsweeper/filters/value_last_word_check.py +3 -1
  42. credsweeper/filters/{value_dictionary_value_length_check.py → value_length_check.py} +9 -3
  43. credsweeper/filters/value_method_check.py +2 -1
  44. credsweeper/filters/value_not_allowed_pattern_check.py +2 -1
  45. credsweeper/filters/value_not_part_encoded_check.py +1 -1
  46. credsweeper/filters/value_number_check.py +2 -1
  47. credsweeper/filters/value_pattern_check.py +58 -38
  48. credsweeper/filters/value_similarity_check.py +3 -1
  49. credsweeper/filters/value_split_keyword_check.py +2 -1
  50. credsweeper/filters/value_string_type_check.py +6 -4
  51. credsweeper/filters/value_token_base_check.py +2 -1
  52. credsweeper/filters/value_token_check.py +3 -2
  53. credsweeper/ml_model/features/__init__.py +1 -0
  54. credsweeper/ml_model/features/morpheme_dense.py +14 -7
  55. credsweeper/ml_model/features/rule_severity.py +21 -0
  56. credsweeper/ml_model/features/word_in_path.py +4 -1
  57. credsweeper/ml_model/ml_config.json +130 -24
  58. credsweeper/ml_model/ml_model.onnx +0 -0
  59. credsweeper/rules/config.yaml +50 -23
  60. credsweeper/scanner/scanner.py +4 -3
  61. credsweeper/secret/config.json +2 -2
  62. credsweeper/utils/util.py +2 -0
  63. {credsweeper-1.11.6.dist-info → credsweeper-1.12.0.dist-info}/METADATA +1 -1
  64. {credsweeper-1.11.6.dist-info → credsweeper-1.12.0.dist-info}/RECORD +67 -66
  65. {credsweeper-1.11.6.dist-info → credsweeper-1.12.0.dist-info}/WHEEL +0 -0
  66. {credsweeper-1.11.6.dist-info → credsweeper-1.12.0.dist-info}/entry_points.txt +0 -0
  67. {credsweeper-1.11.6.dist-info → credsweeper-1.12.0.dist-info}/licenses/LICENSE +0 -0
credsweeper/ml_model/ml_config.json CHANGED
@@ -8,6 +8,10 @@
8
8
  "highest": 0.92996
9
9
  },
10
10
  "features": [
11
+ {
12
+ "type": "RuleSeverity",
13
+ "kwargs": {}
14
+ },
11
15
  {
12
16
  "type": "EntropyEvaluation",
13
17
  "kwargs": {}
@@ -70,6 +74,14 @@
70
74
  "attribute": "value"
71
75
  }
72
76
  },
77
+ {
78
+ "type": "SearchInAttribute",
79
+ "comment": "ASN1 prefix for PEM keys",
80
+ "kwargs": {
81
+ "pattern": "MII",
82
+ "attribute": "value"
83
+ }
84
+ },
73
85
  {
74
86
  "type": "SearchInAttribute",
75
87
  "comment": "camelStyle naming detection",
@@ -122,7 +134,7 @@
122
134
  "type": "SearchInAttribute",
123
135
  "comment": "VariableNotAllowedNameCheck",
124
136
  "kwargs": {
125
- "pattern": "(?i:(id|size|name|type|manager)$)",
137
+ "pattern": "(?i:(id|size|name|type|manager|algorithm|view|error)$)",
126
138
  "attribute": "variable"
127
139
  }
128
140
  },
@@ -139,16 +151,30 @@
139
151
  "kwargs": {
140
152
  "words": [
141
153
  " ",
154
+ ".",
155
+ ",",
156
+ "]",
157
+ "#",
142
158
  "/",
143
- "_at",
159
+ "\\",
144
160
  "_id",
161
+ "_at",
145
162
  "_len",
163
+ "256",
164
+ "512",
146
165
  "access",
166
+ "assert",
147
167
  "cache",
148
168
  "client",
149
169
  "control",
150
- "encrypted",
170
+ "crypt",
171
+ "crypted",
172
+ "decrypt",
173
+ "encrypt",
174
+ "dummy",
175
+ "disable",
151
176
  "example",
177
+ "expect",
152
178
  "expire",
153
179
  "fake",
154
180
  "file",
@@ -173,6 +199,7 @@
173
199
  "pw",
174
200
  "secret",
175
201
  "size",
202
+ "sha",
176
203
  "space",
177
204
  "status",
178
205
  "sword",
@@ -195,6 +222,8 @@
195
222
  "kwargs": {
196
223
  "words": [
197
224
  " ",
225
+ ":",
226
+ "=",
198
227
  "$(",
199
228
  "${",
200
229
  "(",
@@ -207,25 +236,37 @@
207
236
  "[",
208
237
  "_id",
209
238
  "abc",
239
+ "aaaa",
210
240
  "allow",
241
+ "arn:aws:",
211
242
  "bar",
212
243
  "disable",
213
244
  "changeme",
245
+ "crypt",
246
+ "crypted",
247
+ "decrypt",
248
+ "encrypt",
214
249
  "example",
215
250
  "fake",
216
251
  "file",
217
252
  "foo",
253
+ "hash",
254
+ "hex",
255
+ "key",
218
256
  "min",
219
257
  "mock",
220
258
  "my",
221
259
  "nil",
222
260
  "pass",
223
- "passwd",
224
- "password",
225
- "pswd",
226
261
  "public",
227
262
  "pwd",
263
+ "rsa-",
264
+ "salt",
265
+ "secret",
266
+ "sha",
267
+ "ssh",
228
268
  "test",
269
+ "word",
229
270
  "xxx",
230
271
  "xyz"
231
272
  ]
@@ -248,9 +289,12 @@
248
289
  "@",
249
290
  "[",
250
291
  "approval",
292
+ "arn:aws:",
251
293
  "assert",
252
294
  "case",
253
295
  "circle",
296
+ "color",
297
+ "e.g.",
254
298
  "equal",
255
299
  "example",
256
300
  "expect",
@@ -263,7 +307,6 @@
263
307
  "none",
264
308
  "null",
265
309
  "pass",
266
- "password",
267
310
  "path",
268
311
  "pwd",
269
312
  "sqa",
@@ -271,7 +314,8 @@
271
314
  "true",
272
315
  "undefined",
273
316
  "unit",
274
- "width"
317
+ "width",
318
+ "word"
275
319
  ]
276
320
  }
277
321
  },
@@ -284,11 +328,16 @@
284
328
  "&",
285
329
  "(",
286
330
  "->",
331
+ "=>",
287
332
  ".",
333
+ ",",
288
334
  "?",
289
335
  "@",
290
336
  "[",
337
+ "{",
291
338
  "bearer",
339
+ "get",
340
+ "e.g.",
292
341
  "equal",
293
342
  "example",
294
343
  "expect",
@@ -318,9 +367,13 @@
318
367
  "?",
319
368
  "@",
320
369
  "[",
370
+ "}",
371
+ "\\",
321
372
  "assert",
322
373
  "case",
323
374
  "circle",
375
+ "color",
376
+ "e.g.",
324
377
  "equal",
325
378
  "example",
326
379
  "expect",
@@ -333,8 +386,6 @@
333
386
  "none",
334
387
  "null",
335
388
  "pass",
336
- "passwd",
337
- "password",
338
389
  "path",
339
390
  "pwd",
340
391
  "sqa",
@@ -342,7 +393,8 @@
342
393
  "true",
343
394
  "undefined",
344
395
  "unit",
345
- "width"
396
+ "width",
397
+ "word"
346
398
  ]
347
399
  }
348
400
  },
@@ -350,17 +402,62 @@
350
402
  "type": "WordInPath",
351
403
  "kwargs": {
352
404
  "words": [
353
- "/conf",
354
- "/dist-packages/",
355
- "/example",
405
+ "test",
406
+ "mock",
407
+ "/src",
408
+ "code",
409
+ "/include",
410
+ "internal",
411
+ "tool",
412
+ "util",
413
+ "example",
414
+ "sample",
415
+ "conf",
416
+ "secret",
417
+ "setting",
418
+ "security",
419
+ "secure",
420
+ "resource",
421
+ "fixture",
422
+ "docker",
423
+ "/docs",
424
+ "/doc/",
425
+ "document",
426
+ "/lang",
427
+ "/local",
428
+ "/lib",
429
+ "/spec",
430
+ "/pkg",
431
+ "/api",
432
+ "/rest",
433
+ "/opt",
434
+ "/sys",
435
+ "kube",
436
+ "kafka",
437
+ "cluster",
438
+ "template",
439
+ "other",
440
+ "public",
441
+ "init",
442
+ "client",
443
+ "server",
444
+ "/model",
445
+ "/modul",
446
+ "browser",
447
+ "/env/",
448
+ "/app",
449
+ "/assets/",
450
+ "vendor",
451
+ "readme",
452
+ "build",
453
+ "/dist-packages",
356
454
  "/record",
357
455
  "/script",
358
- "/site-packages/",
359
- "/src/",
360
- "/test",
361
- "/tool",
362
- "/usr/local/lib/python",
363
- "/assets/"
456
+ "/site-packages",
457
+ "python",
458
+ "/usr",
459
+ "/etc",
460
+ "/fuzz"
364
461
  ]
365
462
  }
366
463
  },
@@ -378,6 +475,7 @@
378
475
  "kwargs": {
379
476
  "extensions": [
380
477
  "",
478
+ ".04",
381
479
  ".1",
382
480
  ".adoc",
383
481
  ".asciidoc",
@@ -386,17 +484,16 @@
386
484
  ".bat",
387
485
  ".bats",
388
486
  ".bazel",
389
- ".bin",
390
487
  ".build",
391
488
  ".bundle",
392
489
  ".bzl",
393
490
  ".c",
491
+ ".cast",
394
492
  ".cc",
395
493
  ".cf",
396
494
  ".cjs",
397
495
  ".cljc",
398
496
  ".cmd",
399
- ".cmm",
400
497
  ".cnf",
401
498
  ".coffee",
402
499
  ".conf",
@@ -409,6 +506,7 @@
409
506
  ".dist",
410
507
  ".doc",
411
508
  ".dockerfile",
509
+ ".edited",
412
510
  ".eex",
413
511
  ".env",
414
512
  ".erb",
@@ -424,7 +522,9 @@
424
522
  ".go",
425
523
  ".golden",
426
524
  ".gradle",
525
+ ".graphql",
427
526
  ".groovy",
527
+ ".gtpl",
428
528
  ".h",
429
529
  ".haml",
430
530
  ".hs",
@@ -456,6 +556,7 @@
456
556
  ".lua",
457
557
  ".m",
458
558
  ".manifest",
559
+ ".markdown",
459
560
  ".markerb",
460
561
  ".md",
461
562
  ".mdx",
@@ -471,6 +572,7 @@
471
572
  ".odd",
472
573
  ".onnx",
473
574
  ".oracle",
575
+ ".original",
474
576
  ".pan",
475
577
  ".patch",
476
578
  ".php",
@@ -488,17 +590,20 @@
488
590
  ".purs",
489
591
  ".pxd",
490
592
  ".py",
593
+ ".pyi",
491
594
  ".pyx",
492
595
  ".r",
493
596
  ".rake",
494
597
  ".rb",
495
598
  ".re",
496
599
  ".red",
600
+ ".response",
497
601
  ".resx",
498
602
  ".rexx",
499
603
  ".rnh",
500
604
  ".rrc",
501
605
  ".rs",
606
+ ".rsa",
502
607
  ".rsp",
503
608
  ".rst",
504
609
  ".rules",
@@ -512,6 +617,7 @@
512
617
  ".storyboard",
513
618
  ".strings",
514
619
  ".sty",
620
+ ".swift",
515
621
  ".t",
516
622
  ".td",
517
623
  ".tdf",
@@ -530,6 +636,7 @@
530
636
  ".tsx",
531
637
  ".txt",
532
638
  ".var",
639
+ ".vsmdi",
533
640
  ".vue",
534
641
  ".xaml",
535
642
  ".xib",
@@ -550,7 +657,6 @@
550
657
  "CMD Password",
551
658
  "CMD Secret",
552
659
  "CMD Token",
553
- "Certificate",
554
660
  "Credential",
555
661
  "Github Old Token",
556
662
  "Key",
@@ -565,4 +671,4 @@
565
671
  }
566
672
  }
567
673
  ]
568
- }
674
+ }
credsweeper/ml_model/ml_model.onnx CHANGED
Binary file
credsweeper/rules/config.yaml CHANGED
@@ -3,14 +3,14 @@
3
3
  confidence: weak
4
4
  type: pattern
5
5
  values:
6
- - (?P<variable>(\w*(?i:비밀번호|비번|패스워드|키|암호화?|토큰|(?<!by)pass(?!ed|ing|ion|es|age)|\bpwd?\b|token|secret|key|cred)\w*)\s*(설정은|[=:!]{1,3}))?\s*([._0-9A-Za-z\[\]]*get(env)?\s*\(\s*(?(variable)[^,]+)|[\"'\\]*(\\*(['\"]|&(quot|apos);)){0,4}(\w*(?i:(?<!by)pass(?!ed|ing|ion|es|age|\s+[a-z]{3,80})|\bpwd?\b|token|secret|key|cred)\w*)(\\*(['\"]|&(quot|apos);)){0,4})\s*,\s*(default\s*=\s*)?([brufl@]{1,2}(?=\\*['\"&]))?(?P<lq>(\\*(['\"]|&(quot|apos);)){1,4})(?P<value>(.(?!(?P=lq))){4,80}.?)
6
+ - (?P<variable>(\w*(?i:비밀번호|비번|패스워드|키|암호화?|토큰|(?<!by)pass(?!ed|ing|ion|es|age)|\bpwd?\b|token|secret|key|cred)\w*)\s*(설정은|[=:!]{1,3}))?\s*([._0-9A-Za-z\[\]]*get(env)?\s*\(\s*(?(variable)[^,]+|[\"'\\]*(\\*([\"']|&(quot|apos|#3[49]);)){0,4}(\w*(?i:(?<!by)pass(?!ed|ing|ion|es|age|\s+[a-z]{3,80})|\bpwd?\b|token|secret|key|cred)\w*))(\\*([\"']|&(quot|apos|#3[49]);)){0,4})\s*,\s*(default\s*=\s*)?([brufl@]{1,2}(?=\\*[\"'&]))?(?P<lq>(\\*([\"']|&(quot|apos|#3[49]);)){1,4})(?P<value>(.(?!(?P=lq))){4,80}.?)
7
7
  filter_type:
8
8
  - ValueAllowlistCheck
9
9
  - LineGitBinaryCheck
10
10
  - LineUUEPartCheck
11
11
  - ValueFilePathCheck
12
12
  - ValuePatternCheck(5)
13
- - ValueDictionaryValueLengthCheck(4,80)
13
+ - ValueLengthCheck(4,80)
14
14
  min_line_len: 8
15
15
  required_substrings:
16
16
  - pass
@@ -34,14 +34,14 @@
34
34
  confidence: weak
35
35
  type: pattern
36
36
  values:
37
- - (?P<wrap>[`'\"(])?\s*(?P<variable>(\w*(?i:(?<!by)passw?o?r?d?s?(?!ed|ing|ion|es|age)|pwd?\b|\bp/w\b|token|secret|key|credential)\w*|비밀번호|비번|패스워드|키|암호화?|토큰))[`'\"]*(\s+(?i:is|are|was|were)(\s*[:-])?\s+|\s*(설정은|[=:!]{1,3})\s*)(?P<quote>[`'\"]{1,6})?(?P<value>(?(quote)(?(wrap)[^`'\")]{4,80}|[^`'\"]{4,80})|(?(wrap)[^`'\")]{4,80}|\S{4,80})))
37
+ - (?P<wrap>[\"'`(])?\s*(?P<variable>(\w*(?i:(?<!by)passw?o?r?d?s?(?!ed|ing|ion|es|age)|pwd?\b|\bp/w\b|token|secret|key|credential)\w*|비밀번호|비번|패스워드|키|암호화?|토큰))[\"'`]*(\s+(?i:is|are|was|were)(\s*[:-])?\s+|\s*(설정은|[=:!]{1,3})\s*)(?P<quote>[\"'`]{1,6})?(?P<value>(?(quote)(?(wrap)[^\"'`)]{4,80}|[^\"'`]{4,80})|(?(wrap)[^\"'`)]{4,80}|\S{4,80})))
38
38
  filter_type:
39
39
  - ValueAllowlistCheck
40
40
  - LineGitBinaryCheck
41
41
  - LineUUEPartCheck
42
42
  - ValueFilePathCheck
43
43
  - ValuePatternCheck(5)
44
- - ValueDictionaryValueLengthCheck(4,80)
44
+ - ValueLengthCheck(4,80)
45
45
  min_line_len: 8
46
46
  required_substrings:
47
47
  - pass
@@ -68,10 +68,10 @@
68
68
  confidence: moderate
69
69
  type: pattern
70
70
  values:
71
- - (?P<variable>[`'\"]?(?i:token|secret|key|키|암호화?|토큰)[`'\"]?)((\s)*[=:](\s)*)(?P<quote>[`'\"(])?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){8,80}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)[)`'\"])
71
+ - (?P<variable>[\"'`]?(?i:token|secret|key|키|암호화?|토큰)[\"'`]?)((\s)*[=:](\s)*)(?P<quote>[\"'`(])?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){8,80}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)[)\"'`])
72
72
  filter_type:
73
73
  - ValueAllowlistCheck
74
- - ValuePatternCheck
74
+ - ValuePatternCheck(4)
75
75
  - ValueEntropyBase64Check
76
76
  - ValueCoupleKeywordCheck
77
77
  min_line_len: 16
@@ -90,10 +90,10 @@
90
90
  confidence: moderate
91
91
  type: pattern
92
92
  values:
93
- - (?P<variable>[`'\"]?(?i:(?<!id[ :/])pa[as]swo?r?ds?|pwd?|p/w|비밀번호|비번|패스워드|암호)[`'\"]?)((\s)*[=:](\s)*)(?P<quote>[`'\"(])?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){8,31}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)[)`'\"])
93
+ - (?P<variable>[\"'`]?(?i:(?<!id[ :/])pa[as]swo?r?ds?|pwd?|p/w|비밀번호|비번|패스워드|암호)[\"'`]?)((\s)*[=:](\s)*)(?P<quote>[\"'`(])?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){8,31}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)[)\"'`])
94
94
  filter_type:
95
95
  - ValueAllowlistCheck
96
- - ValuePatternCheck
96
+ - ValuePatternCheck(4)
97
97
  - ValueDictionaryKeywordCheck
98
98
  - LineGitBinaryCheck
99
99
  - LineUUEPartCheck
@@ -121,7 +121,7 @@
121
121
  - (^|\s|(?P<variable>(?i:\bip[\s/]{1,80}id[\s/]{1,80}pw[\s/:]{0,80}))|(?P<url>://))(?P<ip>(?<![0-9.])[0-2]?[0-9]{1,2}\.[0-2]?[0-9]{1,2}\.[0-2]?[0-9]{1,2}\.[0-2]?[0-9]{1,2}(?![0-9.]))((\s*[(])?|(?(variable)[\s,/]{1,80}|(?(url)[,]|[,/])))\s*\w[\w.-]{3,80}[\s,/]{1,80}(?P<value>(?(url)(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9_+=~!@#$%^&*;?-])){7,31}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x)|(?-i:(?P<e>[A-Z])|(?P<f>[a-z])|(?P<g>[0-9/_+=~!@#$%^&*;?-])){7,31}(?(e)(?(f)(?(g)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x)))(?:\s|[^/]|$)
122
122
  filter_type:
123
123
  - ValueAllowlistCheck
124
- - ValuePatternCheck
124
+ - ValuePatternCheck(4)
125
125
  - ValueDictionaryKeywordCheck
126
126
  min_line_len: 10
127
127
  required_substrings:
@@ -134,11 +134,11 @@
134
134
  confidence: moderate
135
135
  type: pattern
136
136
  values:
137
- - (?P<ddash>--)?(?P<variable>\w*(?i:pa[as]swords?|passwd?|pwd|\bp/w|\bpw|비밀번호|비번|패스워드|암호))\s*?(?(ddash)[ =]|[:=/>-]{1,2})\s*(?P<quote>[`'\"]{1,8})?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){4,31}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)(?P=quote)|(\s|$))
137
+ - (?P<ddash>--)?(?P<variable>\w*(?i:pa[as]swords?|passwd?|pwd|\bp/w|\bpw|비밀번호|비번|패스워드|암호))\s*?(?(ddash)[ =]|[:=/>-]{1,2})\s*(?P<quote>[\"'`]{1,8})?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){4,31}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)(?P=quote)|(\s|$))
138
138
  - (?P<ddash>--)?(?P<variable>(?i:user\s*)?(?i:id|login|account|root|admin|user|name|wifi|role|host|default|계정|아이디))\s*?(?(ddash)[ =]|[ :=])\s*?(?P<value>\S+)
139
139
  filter_type:
140
140
  - ValueAllowlistCheck
141
- - ValuePatternCheck
141
+ - ValuePatternCheck(4)
142
142
  min_line_len: 10
143
143
  required_substrings:
144
144
  - pass
@@ -160,7 +160,7 @@
160
160
  - (?P<variable>[\w.-]{0,80}(?i:(?P<id>\bid\b)|id\b|user|name|계정|아이디)[\w.-]{0,80}(?(id)[ :(/]{1,80}|[:(/]{1,80})(?i:pa[as]swo?r?ds?|pwd?|비밀번호|비번|패스워드|암호))\)?(\s*->\s*|[ =:)(/]{1,80}|\s+is\s+|\s+are\s+|\s*는\s*|\s*은\s*|\s*설정은\s*)\(?(?P<id_value>[\w.-]{2,31})[ :\(/\"',]{1,80}(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){4,31}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))
161
161
  filter_type:
162
162
  - ValueAllowlistCheck
163
- - ValuePatternCheck
163
+ - ValuePatternCheck(4)
164
164
  - ValueDictionaryKeywordCheck
165
165
  min_line_len: 10
166
166
  required_substrings:
@@ -179,10 +179,10 @@
179
179
  confidence: weak
180
180
  type: pattern
181
181
  values:
182
- - (\\[nrt]|\b)(?i:(?P<variable>(CREATE|ALTER|SET\s{1,8}PASSWORD|INSERT(\s{1,8}IGNORE)?|UPDATE\s{1,8}[^\s;]{1,80})\s{1,8}(LOGIN|USER|ROLE|FOR|INTO|SET)\s{1,8}([^\s;]{1,80}\s{1,8}|VALUES\s*\(){1,8}(IDENTIFIED((\s{1,8}WITH\s{1,8}\S{1,80})?\s{1,8}(BY|AS))|(=|WITH)?\s*PASSWORD\b(\s*=)?)))\s*(?P<wrap>[(]\s*)?(?P<value_leftquote>((?P<esq>\\{1,8})?([`'\"]|&(quot|apos);)){1,4})?(?P<value>(?(value_leftquote)((?!(?P=value_leftquote))(?(esq)((?!(?P=esq)([`'\"]|&(quot|apos);)).)|((?!(?P=value_leftquote)).)))|(?!&(quot|apos);)(\\+([ tnr]|[^\s`'\"])|[^\s`'\",;\\])){3,80})(?(value_leftquote)(?P<value_rightquote>(?<!\\)(?P=value_leftquote))|(?(wrap)[)]|[\s`'\",;]))
182
+ - (\\[nrt]|\b)(?i:(?P<variable>(CREATE|ALTER|SET\s{1,8}PASSWORD|INSERT(\s{1,8}IGNORE)?|UPDATE\s{1,8}[^\s;]{1,80})\s{1,8}(LOGIN|USER|ROLE|FOR|INTO|SET)\s{1,8}([^\s;]{1,80}\s{1,8}|VALUES\s*\(){1,8}(IDENTIFIED((\s{1,8}WITH\s{1,8}\S{1,80})?\s{1,8}(BY|AS))|(=|WITH)?\s*PASSWORD\b(\s*=)?)))\s*(?P<wrap>[(]\s*)?(?P<value_leftquote>((?P<esq>\\{1,8})?([\"'`]|&(quot|apos|#3[49]);)){1,4})?(?P<value>(?(value_leftquote)((?!(?P=value_leftquote))(?(esq)((?!(?P=esq)([\"'`]|&(quot|apos|#3[49]);)).)|((?!(?P=value_leftquote)).)))|(?!&(quot|apos|#3[49]);)(\\+([ tnr]|[^\s\"'`])|[^\s\"'`,;\\])){3,80})(?(value_leftquote)(?P<value_rightquote>(?<!\\)(?P=value_leftquote))|(?(wrap)[)]|[\s\"'`,;]))
183
183
  filter_type:
184
184
  - ValueAllowlistCheck
185
- - ValuePatternCheck(4)
185
+ - ValuePatternCheck
186
186
  min_line_len: 8
187
187
  required_substrings:
188
188
  - password
@@ -203,7 +203,7 @@
203
203
  - "-"
204
204
  required_regex: "[0-9A-Za-z_/+-]{15}"
205
205
  filter_type:
206
- - ValuePatternCheck
206
+ - ValuePatternCheck(4)
207
207
  use_ml: false
208
208
  target:
209
209
  - code
@@ -732,7 +732,7 @@
732
732
  confidence: moderate
733
733
  type: pattern
734
734
  values:
735
- - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:pass(in|out|word|phrase)))\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,80})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
735
+ - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:pass(in|out|word|phrase)))(\s|\\?[\"'],)\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,80})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
736
736
  filter_type: GeneralKeyword
737
737
  use_ml: true
738
738
  required_substrings:
@@ -746,7 +746,7 @@
746
746
  confidence: moderate
747
747
  type: pattern
748
748
  values:
749
- - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:token))\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
749
+ - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:token))(\s|\\?[\"'],)\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
750
750
  filter_type: GeneralKeyword
751
751
  use_ml: true
752
752
  required_substrings:
@@ -760,7 +760,7 @@
760
760
  confidence: moderate
761
761
  type: pattern
762
762
  values:
763
- - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:secret)[A-Za-z_-]*)\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
763
+ - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:secret)[A-Za-z_-]*)(\s|\\?[\"'],)\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
764
764
  filter_type: GeneralKeyword
765
765
  use_ml: true
766
766
  required_substrings:
@@ -1072,7 +1072,7 @@
1072
1072
  confidence: moderate
1073
1073
  type: pattern
1074
1074
  values:
1075
- - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>sl.[0-9A-Za-z_-]{135})(?![0-9A-Za-z_-])
1075
+ - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>sl\.(u\.)?[0-9A-Za-z_-]{135})(?![0-9A-Za-z_-])
1076
1076
  filter_type: TokenPattern
1077
1077
  min_line_len: 138
1078
1078
  required_substrings:
@@ -1254,6 +1254,32 @@
1254
1254
  - code
1255
1255
  - doc
1256
1256
 
1257
+ - name: NKEY Seed
1258
+ severity: high
1259
+ confidence: weak
1260
+ type: pattern
1261
+ values:
1262
+ - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>S[ACNOPUX][A-Z2-7]{40,200})(?![=0-9A-Za-z_+-])
1263
+ min_line_len: 42
1264
+ filter_type:
1265
+ - ValueCoupleKeywordCheck
1266
+ - ValuePatternCheck
1267
+ - ValueEntropyBase32Check
1268
+ - ValueBase32DataCheck
1269
+ - ValueTokenBase32Check
1270
+ required_substrings:
1271
+ - SA
1272
+ - SC
1273
+ - SN
1274
+ - SO
1275
+ - SP
1276
+ - SU
1277
+ - SX
1278
+ required_regex: "[0-9A-Za-z_/+-]{15}"
1279
+ target:
1280
+ - code
1281
+ - doc
1282
+
1257
1283
  - name: Jira 2FA
1258
1284
  severity: info
1259
1285
  confidence: weak
@@ -1362,7 +1388,7 @@
1362
1388
  - (?P<value>tvly-[0-9A-Za-z_-]{32,40})(?![0-9A-Za-z_-])
1363
1389
  min_line_len: 37
1364
1390
  filter_type:
1365
- - ValuePatternCheck(5)
1391
+ - ValuePatternCheck
1366
1392
  - ValueEntropyBase64Check
1367
1393
  required_substrings:
1368
1394
  - tvly-
@@ -1378,7 +1404,7 @@
1378
1404
  - (?P<value>sntrys_eyJ[0-9A-Za-z_-]{80,8000}=*([0-9A-Za-z_-]{32,256})?)(?![0-9A-Za-z_-])
1379
1405
  min_line_len: 37
1380
1406
  filter_type:
1381
- - ValuePatternCheck(5)
1407
+ - ValuePatternCheck
1382
1408
  required_substrings:
1383
1409
  - sntrys_eyJ
1384
1410
  target:
@@ -1393,7 +1419,7 @@
1393
1419
  - (?P<value>sntryu_[0-9a-f]{64})(?![0-9A-Za-z_-])
1394
1420
  min_line_len: 37
1395
1421
  filter_type:
1396
- - ValuePatternCheck(5)
1422
+ - ValuePatternCheck
1397
1423
  required_substrings:
1398
1424
  - sntryu_
1399
1425
  target:
@@ -1453,7 +1479,7 @@
1453
1479
  confidence: weak
1454
1480
  type: pattern
1455
1481
  values:
1456
- - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>00D[0-9A-Za-z]{9,15}(![.0-9A-Za-z_-]{24,200})?)(?![0-9A-Za-z_-])
1482
+ - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>(3MVG[0-9A-Za-z_.]{24,200}|00D[0-9A-Za-z]{9,15}(![0-9A-Za-z_.]{24,200})?))(?![0-9A-Za-z_.])
1457
1483
  min_line_len: 12
1458
1484
  filter_type:
1459
1485
  - ValuePatternCheck(9)
@@ -1461,6 +1487,7 @@
1461
1487
  - ValueBase64PartCheck
1462
1488
  required_substrings:
1463
1489
  - 00D
1490
+ - 3MVG
1464
1491
  target:
1465
1492
  - code
1466
1493
  - doc
credsweeper/scanner/scanner.py CHANGED
@@ -145,16 +145,19 @@ class Scanner:
145
145
  # Trim string from outer spaces to make future `x in str` checks faster
146
146
  target_line_stripped = target.line_strip
147
147
  target_line_stripped_len = target.line_strip_len
148
+ # use lower case for required substring
149
+ target_line_stripped_lower = target.line_lower_strip
148
150
 
149
151
  # "cache" - YAPF and pycharm formatters ...
150
152
  matched_keyword = \
151
153
  target_line_stripped_len >= self.min_keyword_len and ( #
152
154
  '=' in target_line_stripped
153
155
  or ':' in target_line_stripped
154
- or "set" in target_line_stripped
155
156
  or "#define" in target_line_stripped
156
157
  or "%define" in target_line_stripped
157
158
  or "%global" in target_line_stripped
159
+ or "set" in target_line_stripped_lower
160
+ or "%3d" in target_line_stripped_lower
158
161
  ) #
159
162
  matched_pem_key = \
160
163
  target_line_stripped_len >= self.min_pem_key_len \
@@ -168,8 +171,6 @@ class Scanner:
168
171
  target.line_num)
169
172
  continue
170
173
 
171
- # use lower case for required substring
172
- target_line_stripped_lower = target.line_lower_strip
173
174
  # cached value to skip the same regex verifying
174
175
  matched_regex: Dict[re.Pattern, bool] = {}
175
176
 
credsweeper/secret/config.json CHANGED
@@ -164,8 +164,8 @@
164
164
  "tizen"
165
165
  ],
166
166
  "check_for_literals": true,
167
- "min_pattern_value_length": 12,
168
- "min_keyword_value_length": 4,
167
+ "max_password_value_length": 31,
168
+ "max_url_cred_value_length": 80,
169
169
  "line_data_output": [
170
170
  "line",
171
171
  "line_num",
credsweeper/utils/util.py CHANGED
@@ -638,6 +638,8 @@ class Util:
638
638
  @staticmethod
639
639
  def subtext(text: str, pos: int, hunk_size: int) -> str:
640
640
  """cut text symmetrically for given position or use remained quota to be fitted in 2x hunk_size"""
641
+ # cut trailed whitespaces to obtain more informative data
642
+ text = text.rstrip()
641
643
  if hunk_size <= pos:
642
644
  left_quota = 0
643
645
  left_pos = pos - hunk_size
{credsweeper-1.11.6.dist-info → credsweeper-1.12.0.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: credsweeper
3
- Version: 1.11.6
3
+ Version: 1.12.0
4
4
  Summary: Credential Sweeper
5
5
  Project-URL: Homepage, https://github.com/Samsung/CredSweeper
6
6
  Project-URL: Bug Tracker, https://github.com/Samsung/CredSweeper/issues