credsweeper 1.12.0__tar.gz → 1.12.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of credsweeper might be problematic. Click here for more details.

Files changed (161) hide show
  1. {credsweeper-1.12.0 → credsweeper-1.12.2}/PKG-INFO +1 -1
  2. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/__init__.py +1 -1
  3. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/__main__.py +8 -5
  4. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/common/morpheme_checklist.txt +2 -0
  5. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/deep_scanner.py +1 -1
  6. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_camel_case_check.py +2 -2
  7. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/rules/config.yaml +103 -23
  8. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/utils/util.py +2 -2
  9. {credsweeper-1.12.0 → credsweeper-1.12.2}/.gitignore +0 -0
  10. {credsweeper-1.12.0 → credsweeper-1.12.2}/LICENSE +0 -0
  11. {credsweeper-1.12.0 → credsweeper-1.12.2}/README.md +0 -0
  12. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/app.py +0 -0
  13. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/common/__init__.py +0 -0
  14. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/common/constants.py +0 -0
  15. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/common/keyword_checklist.py +0 -0
  16. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/common/keyword_checklist.txt +0 -0
  17. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/common/keyword_pattern.py +0 -0
  18. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/config/__init__.py +0 -0
  19. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/config/config.py +0 -0
  20. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/credentials/__init__.py +0 -0
  21. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/credentials/augment_candidates.py +0 -0
  22. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/credentials/candidate.py +0 -0
  23. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/credentials/candidate_group_generator.py +0 -0
  24. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/credentials/candidate_key.py +0 -0
  25. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/credentials/credential_manager.py +0 -0
  26. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/credentials/line_data.py +0 -0
  27. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/__init__.py +0 -0
  28. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/abstract_scanner.py +0 -0
  29. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/byte_scanner.py +0 -0
  30. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/bzip2_scanner.py +0 -0
  31. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/deb_scanner.py +0 -0
  32. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/docx_scanner.py +0 -0
  33. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/eml_scanner.py +0 -0
  34. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/encoder_scanner.py +0 -0
  35. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/gzip_scanner.py +0 -0
  36. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/html_scanner.py +0 -0
  37. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/jclass_scanner.py +0 -0
  38. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/jks_scanner.py +0 -0
  39. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/lang_scanner.py +0 -0
  40. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/lzma_scanner.py +0 -0
  41. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/mxfile_scanner.py +0 -0
  42. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/patch_scanner.py +0 -0
  43. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/pdf_scanner.py +0 -0
  44. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/pkcs_scanner.py +0 -0
  45. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/pptx_scanner.py +0 -0
  46. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/rpm_scanner.py +0 -0
  47. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/sqlite3_scanner.py +0 -0
  48. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/tar_scanner.py +0 -0
  49. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/tmx_scanner.py +0 -0
  50. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/xlsx_scanner.py +0 -0
  51. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/xml_scanner.py +0 -0
  52. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/zip_scanner.py +0 -0
  53. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/__init__.py +0 -0
  54. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/abstract_provider.py +0 -0
  55. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/analysis_target.py +0 -0
  56. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/byte_content_provider.py +0 -0
  57. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/content_provider.py +0 -0
  58. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/data_content_provider.py +0 -0
  59. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/descriptor.py +0 -0
  60. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/diff_content_provider.py +0 -0
  61. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/file_path_extractor.py +0 -0
  62. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/files_provider.py +0 -0
  63. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/patches_provider.py +0 -0
  64. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/string_content_provider.py +0 -0
  65. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/struct_content_provider.py +0 -0
  66. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/file_handler/text_content_provider.py +0 -0
  67. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/__init__.py +0 -0
  68. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/filter.py +0 -0
  69. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/__init__.py +0 -0
  70. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/general_keyword.py +0 -0
  71. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/general_pattern.py +0 -0
  72. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/group.py +0 -0
  73. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/password_keyword.py +0 -0
  74. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/token_pattern.py +0 -0
  75. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/url_credentials_group.py +0 -0
  76. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/weird_base36_token.py +0 -0
  77. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/group/weird_base64_token.py +0 -0
  78. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/line_git_binary_check.py +0 -0
  79. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/line_specific_key_check.py +0 -0
  80. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/line_uue_part_check.py +0 -0
  81. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_allowlist_check.py +0 -0
  82. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_array_dictionary_check.py +0 -0
  83. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_atlassian_token_check.py +0 -0
  84. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_azure_token_check.py +0 -0
  85. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_base32_data_check.py +0 -0
  86. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_base64_data_check.py +0 -0
  87. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_base64_encoded_pem_check.py +0 -0
  88. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_base64_key_check.py +0 -0
  89. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_base64_part_check.py +0 -0
  90. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_basic_auth_check.py +0 -0
  91. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_blocklist_check.py +0 -0
  92. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_couple_keyword_check.py +0 -0
  93. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_dictionary_keyword_check.py +0 -0
  94. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_discord_bot_check.py +0 -0
  95. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_entropy_base32_check.py +0 -0
  96. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_entropy_base36_check.py +0 -0
  97. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_entropy_base64_check.py +0 -0
  98. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_entropy_base_check.py +0 -0
  99. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_file_path_check.py +0 -0
  100. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_github_check.py +0 -0
  101. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_grafana_check.py +0 -0
  102. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_grafana_service_check.py +0 -0
  103. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_hex_number_check.py +0 -0
  104. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_jfrog_token_check.py +0 -0
  105. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_json_web_key_check.py +0 -0
  106. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_json_web_token_check.py +0 -0
  107. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_last_word_check.py +0 -0
  108. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_length_check.py +0 -0
  109. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_method_check.py +0 -0
  110. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_not_allowed_pattern_check.py +0 -0
  111. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_not_part_encoded_check.py +0 -0
  112. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_number_check.py +0 -0
  113. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_pattern_check.py +0 -0
  114. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_similarity_check.py +0 -0
  115. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_split_keyword_check.py +0 -0
  116. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_string_type_check.py +0 -0
  117. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_token_base32_check.py +0 -0
  118. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_token_base36_check.py +0 -0
  119. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_token_base64_check.py +0 -0
  120. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_token_base_check.py +0 -0
  121. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_token_check.py +0 -0
  122. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/logger/__init__.py +0 -0
  123. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/logger/logger.py +0 -0
  124. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/__init__.py +0 -0
  125. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/__init__.py +0 -0
  126. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/entropy_evaluation.py +0 -0
  127. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/feature.py +0 -0
  128. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/file_extension.py +0 -0
  129. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/has_html_tag.py +0 -0
  130. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/is_secret_numeric.py +0 -0
  131. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/length_of_attribute.py +0 -0
  132. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/morpheme_dense.py +0 -0
  133. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/rule_name.py +0 -0
  134. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/rule_severity.py +0 -0
  135. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/search_in_attribute.py +0 -0
  136. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/word_in.py +0 -0
  137. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/word_in_path.py +0 -0
  138. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/word_in_postamble.py +0 -0
  139. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/word_in_preamble.py +0 -0
  140. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/word_in_transition.py +0 -0
  141. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/word_in_value.py +0 -0
  142. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/features/word_in_variable.py +0 -0
  143. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/ml_config.json +0 -0
  144. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/ml_model.onnx +0 -0
  145. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/ml_model/ml_validator.py +0 -0
  146. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/py.typed +0 -0
  147. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/rules/__init__.py +0 -0
  148. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/rules/rule.py +0 -0
  149. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/scanner/__init__.py +0 -0
  150. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/scanner/scan_type/__init__.py +0 -0
  151. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/scanner/scan_type/multi_pattern.py +0 -0
  152. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/scanner/scan_type/pem_key_pattern.py +0 -0
  153. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/scanner/scan_type/scan_type.py +0 -0
  154. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/scanner/scan_type/single_pattern.py +0 -0
  155. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/scanner/scanner.py +0 -0
  156. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/secret/config.json +0 -0
  157. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/secret/log.yaml +0 -0
  158. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/utils/__init__.py +0 -0
  159. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/utils/hop_stat.py +0 -0
  160. {credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/utils/pem_key_detector.py +0 -0
  161. {credsweeper-1.12.0 → credsweeper-1.12.2}/pyproject.toml +0 -0
{credsweeper-1.12.0 → credsweeper-1.12.2}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: credsweeper
3
- Version: 1.12.0
3
+ Version: 1.12.2
4
4
  Summary: Credential Sweeper
5
5
  Project-URL: Homepage, https://github.com/Samsung/CredSweeper
6
6
  Project-URL: Bug Tracker, https://github.com/Samsung/CredSweeper/issues
{credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/__init__.py RENAMED
@@ -24,4 +24,4 @@ __all__ = [
24
24
  "__version__"
25
25
  ]
26
26
 
27
- __version__ = "1.12.0"
27
+ __version__ = "1.12.2"
{credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/__main__.py RENAMED
@@ -372,9 +372,11 @@ def drill(args: Namespace) -> Tuple[int, int]:
372
372
  # then - credsweeper
373
373
  credsweeper = get_credsweeper(args)
374
374
  # use flat iterations to avoid recursive limits
375
- to_scan = list(commits_sha1)
375
+ to_scan = set(commits_sha1)
376
376
  # local speedup for already scanned commits - avoid file system interactive
377
377
  scanned = set()
378
+ # to avoid double-check
379
+ skipped = set()
378
380
  while to_scan:
379
381
  commit_sha1 = to_scan.pop()
380
382
  if commit_sha1 in scanned:
@@ -382,8 +384,8 @@ def drill(args: Namespace) -> Tuple[int, int]:
382
384
  continue
383
385
  commit = repo.commit(commit_sha1)
384
386
  if commit.parents:
385
- # add parents anyway
386
- to_scan.extend(x.hexsha for x in commit.parents)
387
+ # add parents only when they were not skipped or scanned previously
388
+ to_scan.update(x.hexsha for x in commit.parents if x.hexsha not in skipped and x.hexsha not in scanned)
387
389
  # check whether the commit has been checked and the report is present
388
390
  skip_already_scanned = False
389
391
  if args.json_filename:
@@ -401,9 +403,10 @@ def drill(args: Namespace) -> Tuple[int, int]:
401
403
  else:
402
404
  credsweeper.xlsx_filename = xlsx_path
403
405
  if skip_already_scanned:
404
- logger.info("Skip already scanned commit: %s", commit_sha1)
406
+ skipped.add(commit_sha1)
407
+ logger.info("Skip already scanned commit: %s %s", commit_sha1, commit.committed_datetime.isoformat())
405
408
  continue
406
- logger.info("Scan commit: %s", commit_sha1)
409
+ logger.info("Scan commit: %s %s", commit_sha1, commit.committed_datetime.isoformat())
407
410
  # prepare all files to scan in the commit with bytes->IO transformation to avoid a multiprocess issue
408
411
  if providers := get_commit_providers(commit, repo):
409
412
  credsweeper.credential_manager.candidates.clear()
{credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/common/morpheme_checklist.txt RENAMED
@@ -227,6 +227,7 @@ bind
227
227
  bio
228
228
  bipol
229
229
  bit
230
+ bixby
230
231
  black
231
232
  blan
232
233
  bless
@@ -1440,6 +1441,7 @@ topic
1440
1441
  tory
1441
1442
  total
1442
1443
  touch
1444
+ tour
1443
1445
  trace
1444
1446
  tract
1445
1447
  traffic
{credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/deep_scanner/deep_scanner.py RENAMED
@@ -150,7 +150,7 @@ class DeepScanner(
150
150
  deep_scanners.append(XmlScanner)
151
151
  fallback_scanners.append(ByteScanner)
152
152
  elif Util.is_eml(data):
153
- if ".eml" == descriptor.extension:
153
+ if descriptor.extension in (".eml", ".mht"):
154
154
  deep_scanners.append(EmlScanner)
155
155
  else:
156
156
  if 0 < depth:
{credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/filters/value_camel_case_check.py RENAMED
@@ -12,7 +12,7 @@ from credsweeper.utils.util import Util
12
12
  class ValueCamelCaseCheck(Filter):
13
13
  """Check that candidate is not written in camel case."""
14
14
 
15
- CAMEL_CASE = ["^([a-z]+([A-Z][a-z]+)+)$", "^([A-Z][a-z]+([A-Z][a-z]+)+)$"]
15
+ CAMEL_CASE = ["[a-z]+([A-Z][a-z]+)+", "[A-Z][a-z]+([A-Z][a-z]+)+"]
16
16
  CAMEL_CASE_PATTERN = re.compile(Util.get_regex_combine_or(CAMEL_CASE))
17
17
 
18
18
  def __init__(self, config: Optional[Config] = None) -> None:
@@ -31,7 +31,7 @@ class ValueCamelCaseCheck(Filter):
31
31
  """
32
32
  if line_data.is_well_quoted_value:
33
33
  return False
34
- if self.CAMEL_CASE_PATTERN.match(line_data.value):
34
+ if self.CAMEL_CASE_PATTERN.fullmatch(line_data.value):
35
35
  return static_keyword_checklist.check_morphemes(line_data.value.lower(), 1)
36
36
 
37
37
  return False
{credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/rules/config.yaml RENAMED
@@ -278,7 +278,7 @@
278
278
  type: pattern
279
279
  values:
280
280
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>dt0[A-Za-z]{1}[0-9]{2}\.[0-9A-Z]{24}\.[0-9A-Z]{64})(?![0-9A-Za-z_-])
281
- filter_type: GeneralPattern
281
+ filter_type: TokenPattern
282
282
  required_substrings:
283
283
  - dt0
284
284
  min_line_len: 90
@@ -308,7 +308,7 @@
308
308
  type: pattern
309
309
  values:
310
310
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9]{12,18}\|[0-9A-Za-z_-]{24,28})(?![0-9A-Za-z_+-])
311
- filter_type: GeneralPattern
311
+ filter_type: TokenPattern
312
312
  required_substrings:
313
313
  - "|"
314
314
  required_regex: "[0-9A-Za-z_/+-]{15}"
@@ -323,7 +323,7 @@
323
323
  type: pattern
324
324
  values:
325
325
  - (?i)((git)[0-9A-Za-z_-]{0,80}(token|key|api)[0-9A-Za-z_-]{0,80}(\s)*(=|:|:=)(\s)*(["']?)(?P<value>[0-9a-z]{40})(["']?))
326
- filter_type: GeneralPattern
326
+ filter_type: TokenPattern
327
327
  use_ml: true
328
328
  required_substrings:
329
329
  - git
@@ -338,7 +338,7 @@
338
338
  type: pattern
339
339
  values:
340
340
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>AIza[0-9A-Za-z_-]{35})
341
- filter_type: GeneralPattern
341
+ filter_type: TokenPattern
342
342
  required_substrings:
343
343
  - AIza
344
344
  min_line_len: 39
@@ -367,7 +367,7 @@
367
367
  type: pattern
368
368
  values:
369
369
  - (?P<value>GOCSPX-[0-9A-Za-z_-]{28})(?![0-9A-Za-z_-])
370
- filter_type: GeneralPattern
370
+ filter_type: TokenPattern
371
371
  required_substrings:
372
372
  - GOCSPX-
373
373
  min_line_len: 40
@@ -381,7 +381,7 @@
381
381
  type: pattern
382
382
  values:
383
383
  - (?P<value>ya29\.[0-9A-Za-z_-]{22,8000})
384
- filter_type: GeneralPattern
384
+ filter_type: TokenPattern
385
385
  required_substrings:
386
386
  - ya29.
387
387
  min_line_len: 27
@@ -389,13 +389,27 @@
389
389
  - code
390
390
  - doc
391
391
 
392
+ - name: Google OAuth Refresh Token
393
+ severity: medium
394
+ confidence: weak
395
+ type: pattern
396
+ values:
397
+ - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>1//0[0-9A-Za-z_-]{80,8000})
398
+ filter_type: TokenPattern
399
+ required_substrings:
400
+ - 1//0
401
+ min_line_len: 84
402
+ target:
403
+ - code
404
+ - doc
405
+
392
406
  - name: Heroku Credentials
393
407
  severity: high
394
408
  confidence: strong
395
409
  type: pattern
396
410
  values:
397
411
  - (?P<value>HRKU-([0-9A-Za-z_-]{60}|[0-9A-Fa-f]{8}(-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12}))
398
- filter_type: GeneralPattern
412
+ filter_type: TokenPattern
399
413
  required_substrings:
400
414
  - HRKU-
401
415
  min_line_len: 41
@@ -409,7 +423,7 @@
409
423
  type: pattern
410
424
  values:
411
425
  - (?P<value>IGQVJ[=0-9A-Za-z_-]{100,8000})(?![=0-9A-Za-z_-])
412
- filter_type: GeneralPattern
426
+ filter_type: TokenPattern
413
427
  required_substrings:
414
428
  - IGQVJ
415
429
  min_line_len: 105
@@ -480,7 +494,7 @@
480
494
  type: pattern
481
495
  values:
482
496
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_-]{32}-us[0-9]{1,2})(?![0-9A-Za-z_-])
483
- filter_type: GeneralPattern
497
+ filter_type: TokenPattern
484
498
  required_substrings:
485
499
  - -us
486
500
  min_line_len: 35
@@ -579,7 +593,7 @@
579
593
  type: pattern
580
594
  values:
581
595
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>SG\.[0-9A-Za-z_-]{16,32}\.[0-9A-Za-z_-]{16,64})
582
- filter_type: GeneralPattern
596
+ filter_type: TokenPattern
583
597
  required_substrings:
584
598
  - SG.
585
599
  min_line_len: 34
@@ -606,10 +620,11 @@
606
620
  confidence: strong
607
621
  type: pattern
608
622
  values:
609
- - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>xox[a-z]\-[0-9A-Za-z-]{10,250})(?![0-9A-Za-z_-])
610
- filter_type: GeneralPattern
623
+ - (?P<value>(xapp|xox[a-z])\-[0-9A-Za-z-]{10,250})(?![0-9A-Za-z_-])
624
+ filter_type: TokenPattern
611
625
  required_substrings:
612
626
  - xox
627
+ - xapp
613
628
  min_line_len: 15
614
629
  target:
615
630
  - code
@@ -667,7 +682,7 @@
667
682
  type: pattern
668
683
  values:
669
684
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>sq0[a-z]{3}-[0-9A-Za-z_-]{22}([0-9A-Za-z_-]{21})?)(?![0-9A-Za-z_-])
670
- filter_type: GeneralPattern
685
+ filter_type: TokenPattern
671
686
  required_substrings:
672
687
  - sq0
673
688
  min_line_len: 29
@@ -789,7 +804,7 @@
789
804
  type: pattern
790
805
  values:
791
806
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9]{8,10}:[0-9A-Za-z_-]{35})(?![0-9A-Za-z_-])
792
- filter_type: GeneralPattern
807
+ filter_type: TokenPattern
793
808
  required_substrings:
794
809
  - :AA
795
810
  min_line_len: 45
@@ -803,7 +818,7 @@
803
818
  type: pattern
804
819
  values:
805
820
  - (?P<value>pypi-[0-9A-Za-z_-]{150,255})
806
- filter_type: GeneralPattern
821
+ filter_type: TokenPattern
807
822
  required_substrings:
808
823
  - pypi-
809
824
  min_line_len: 155
@@ -811,6 +826,20 @@
811
826
  - code
812
827
  - doc
813
828
 
829
+ - name: NPM Token
830
+ severity: high
831
+ confidence: strong
832
+ type: pattern
833
+ values:
834
+ - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>npm_[0-9A-Za-z_-]{36,255})
835
+ filter_type: TokenPattern
836
+ required_substrings:
837
+ - npm_
838
+ min_line_len: 40
839
+ target:
840
+ - code
841
+ - doc
842
+
814
843
  - name: Github Classic Token
815
844
  severity: high
816
845
  confidence: strong
@@ -1246,7 +1275,7 @@
1246
1275
  - (?P<value>[0-9A-Za-z_-]{14}\.atlasv1\.[0-9A-Za-z_-]{67})(?![0-9A-Za-z_-])
1247
1276
  filter_type:
1248
1277
  - ValuePatternCheck
1249
- - ValueEntropyBase64Check
1278
+ - ValueCoupleKeywordCheck(3)
1250
1279
  min_line_len: 90
1251
1280
  required_substrings:
1252
1281
  - .atlasv1.
@@ -1280,18 +1309,19 @@
1280
1309
  - code
1281
1310
  - doc
1282
1311
 
1283
- - name: Jira 2FA
1312
+ - name: OTP / 2FA Secret
1284
1313
  severity: info
1285
1314
  confidence: weak
1286
1315
  type: pattern
1287
1316
  values:
1288
- - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[A-Z2-7]{16})(?![=0-9A-Za-z_+-])
1317
+ - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>([A-Z2-7]{16}){1,2})(?![=0-9A-Za-z_+-])
1289
1318
  filter_type:
1290
1319
  - ValueCoupleKeywordCheck
1291
1320
  - ValuePatternCheck
1292
1321
  - ValueEntropyBase32Check
1293
1322
  - ValueBase32DataCheck
1294
1323
  - ValueTokenBase32Check
1324
+ - ValueBase64PartCheck
1295
1325
  min_line_len: 16
1296
1326
  required_regex: "[0-9A-Za-z_/+-]{15}"
1297
1327
  target:
@@ -1303,11 +1333,11 @@
1303
1333
  confidence: strong
1304
1334
  type: pattern
1305
1335
  values:
1306
- - (?P<value>sk-[0-9A-Za-z_-]{16,32}(T3BlbkFJ|9wZW5BS|PcGVuQU)[0-9A-Za-z_-]{16,32})
1336
+ - (?P<value>sk-[0-9A-Za-z_-]{16,160}(T3BlbkFJ|9wZW5BS|PcGVuQU)[0-9A-Za-z_-]{16,160})
1307
1337
  min_line_len: 51
1308
1338
  filter_type:
1309
1339
  - ValuePatternCheck
1310
- - ValueEntropyBase64Check
1340
+ - ValueCoupleKeywordCheck
1311
1341
  required_substrings:
1312
1342
  - T3BlbkFJ
1313
1343
  - 9wZW5BS
@@ -1325,7 +1355,7 @@
1325
1355
  min_line_len: 36
1326
1356
  filter_type:
1327
1357
  - ValuePatternCheck
1328
- - ValueEntropyBase64Check
1358
+ - ValueCoupleKeywordCheck
1329
1359
  required_substrings:
1330
1360
  - dckr_pat_
1331
1361
  - dckr_oat_
@@ -1341,6 +1371,7 @@
1341
1371
  - (?P<value>SWMTKN-1-[0-9a-z]{50}-[0-9a-z]{25})
1342
1372
  min_line_len: 85
1343
1373
  filter_type:
1374
+ - ValuePatternCheck
1344
1375
  - ValueCoupleKeywordCheck
1345
1376
  required_substrings:
1346
1377
  - SWMTKN-1-
@@ -1348,6 +1379,22 @@
1348
1379
  - code
1349
1380
  - doc
1350
1381
 
1382
+ - name: Docker Swarm Key
1383
+ severity: high
1384
+ confidence: strong
1385
+ type: pattern
1386
+ values:
1387
+ - (?P<value>SWMKEY-1-[0-9A-Za-z]{43})
1388
+ min_line_len: 52
1389
+ filter_type:
1390
+ - ValuePatternCheck
1391
+ - ValueCoupleKeywordCheck(3)
1392
+ required_substrings:
1393
+ - SWMKEY-1-
1394
+ target:
1395
+ - code
1396
+ - doc
1397
+
1351
1398
  - name: Groq API Key
1352
1399
  severity: high
1353
1400
  confidence: strong
@@ -1355,11 +1402,29 @@
1355
1402
  values:
1356
1403
  - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>gsk_[0-9A-Za-z_-]{52})(?![0-9A-Za-z_-])
1357
1404
  min_line_len: 56
1405
+ filter_type:
1406
+ - ValuePatternCheck
1407
+ - ValueCoupleKeywordCheck
1408
+ required_substrings:
1409
+ - WGdyb3FY
1410
+ - hncm9xW
1411
+ - YZ3JvcV
1412
+ target:
1413
+ - code
1414
+ - doc
1415
+
1416
+ - name: X AI API Key
1417
+ severity: high
1418
+ confidence: moderate
1419
+ type: pattern
1420
+ values:
1421
+ - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>xai-[0-9A-Za-z_-]{80})(?![0-9A-Za-z_-])
1422
+ min_line_len: 84
1358
1423
  filter_type:
1359
1424
  - ValuePatternCheck
1360
1425
  - ValueEntropyBase64Check
1361
1426
  required_substrings:
1362
- - gsk_
1427
+ - xai-
1363
1428
  target:
1364
1429
  - code
1365
1430
  - doc
@@ -1389,7 +1454,6 @@
1389
1454
  min_line_len: 37
1390
1455
  filter_type:
1391
1456
  - ValuePatternCheck
1392
- - ValueEntropyBase64Check
1393
1457
  required_substrings:
1394
1458
  - tvly-
1395
1459
  target:
@@ -1492,6 +1556,22 @@
1492
1556
  - code
1493
1557
  - doc
1494
1558
 
1559
+ - name: Postman Credentials
1560
+ severity: medium
1561
+ confidence: moderate
1562
+ type: pattern
1563
+ values:
1564
+ - (?P<value>(PMAK-[0-9a-f]{24}-[0-9a-f]{34}|PMAT-[0-9A-Z]{26}))
1565
+ min_line_len: 29
1566
+ filter_type:
1567
+ - ValuePatternCheck
1568
+ required_substrings:
1569
+ - PMAK-
1570
+ - PMAT-
1571
+ target:
1572
+ - code
1573
+ - doc
1574
+
1495
1575
  - name: Basic Authorization
1496
1576
  severity: medium
1497
1577
  confidence: strong
{credsweeper-1.12.0 → credsweeper-1.12.2}/credsweeper/utils/util.py RENAMED
@@ -61,11 +61,11 @@ class Util:
61
61
  def get_shannon_entropy(data: Union[str, bytes]) -> float:
62
62
  """Borrowed from http://blog.dkbza.org/2007/05/scanning-data-for-entropy-anomalies.html."""
63
63
  if not data:
64
- return 0.
64
+ return 0.0
65
65
  size = len(data)
66
66
  _uniq, counts = np.unique(list(data), return_counts=True)
67
67
  probabilities = counts / size
68
- entropy = float(-np.sum(probabilities * np.log2(probabilities)))
68
+ entropy = -float(np.sum(probabilities * np.log2(probabilities)))
69
69
  return entropy
70
70
 
71
71
  # Precalculated data for speedup
{credsweeper-1.12.0 → credsweeper-1.12.2}/.gitignore RENAMED
File without changes
{credsweeper-1.12.0 → credsweeper-1.12.2}/LICENSE RENAMED
File without changes
{credsweeper-1.12.0 → credsweeper-1.12.2}/README.md RENAMED
File without changes