keyscan 0.1.0__tar.gz

keyscan-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Harsh Verma
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

keyscan-0.1.0/PKG-INFO

@@ -0,0 +1,174 @@
+Metadata-Version: 2.4
+Name: keyscan
+Version: 0.1.0
+Summary: A template-driven engine for validating exposed API keys and secrets.
+Author-email: keyscan-author <author@example.com>
+License-Expression: MIT
+Classifier: Programming Language :: Python :: 3
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: rich>=13.0.0
+Requires-Dist: httpx>=0.24.1
+Requires-Dist: PyYAML>=6.0
+Requires-Dist: pydantic>=2.0.0
+Requires-Dist: aws-ar>=3.0
+Dynamic: license-file
+
+# keyscan
+
+![Build](https://img.shields.io/github/actions/workflow/status/harxh-v/keyscan/.github/workflows/publish.yml?branch=main)
+![License](https://img.shields.io/github/license/harxh-v/keyscan)
+![Stars](https://img.shields.io/github/stars/harxh-v/keyscan?style=social)
+![Issues](https://img.shields.io/github/issues/harxh-v/keyscan)
+![Python](https://img.shields.io/badge/python-3.x-blue)
+![Last Commit](https://img.shields.io/github/last-commit/harxh-v/keyscan)
+
+Template-driven API key validation engine  
+```
+┌─────────┐    ┌──────────┐    ┌──────────┐    ┌────────┐
+│ Detect  │───→│ Classify │───→│ Validate │───→│ Score  │
+└─────────┘    └──────────┘    └──────────┘    └────────┘
+```
+
+keyscan is a Nuclei-inspired tool built for security researchers to automatically validate exposed API keys and secrets using extensible YAML templates.
+
+Instead of manually testing keys using scattered scripts, keyscan provides a scalable and structured workflow for secret validation.
+
+
+
+## Why keyscan?
+
+Finding API keys is easy.  
+Validating them is time-consuming and inconsistent.
+
+With keyscan:
+- Detects and classifies keys
+- Predicts possible services
+- Runs validation templates automatically
+- Outputs confidence-based results
+
+## Features
+
+| Feature | Details |
+|---------|---------|
+| Template-based validation | YAML templates, Easily extendable |
+| Smart key classification | Regex + prefix detection (sk-, AKIA, etc.), Length + charset analysis, Entropy-based scoring |
+| Async validation engine | Parallel requests using httpx |
+| Confidence scoring | Returns probability-based results |
+| Clean CLI output | Table output, JSON output (planned) |
+
+---
+
+## Installation
+
+```bash
+git clone https://github.com/harxh-v/keyscan.git
+cd keyscan
+
+pip install -e .
+```
+
+---
+
+## Usage
+
+### Validate a single key
+
+```bash
+keyscan -k "sk_live_123456789" -t templates/
+```
+
+### Validate keys from a file
+
+```bash
+keyscan -f keys.txt -t templates/
+```
+
+---
+
+## Example Output
+
+```bash
+┌──────────────┬──────────┬────────────┬────────────┐
+│ Key          │ Service  │ Status     │ Confidence │
+├──────────────┼──────────┼────────────┼────────────┤
+│ sk_live_**** │ Stripe   │ Valid      │ 0.91       │
+│ AKIA****     │ AWS      │ Invalid    │ 0.76       │
+└──────────────┴──────────┴────────────┴────────────┘
+```
+
+---
+
+## Template Example
+
+```yaml
+id: stripe-key-check
+service: stripe
+
+requests:
+  - method: GET
+    url: https://api.stripe.com/v1/charges
+    headers:
+      Authorization: Bearer {{key}}
+
+matchers:
+  - type: status
+    status: [200, 401]
+```
+
+---
+
+## Project Structure
+
+```
+keyscan/
+├── cli.py
+├── engine/
+├── classifiers/
+├── templates/
+├── utils/
+```
+
+---
+
+## Security Notice
+
+- This project does not include real API keys
+- All templates use placeholders
+- Do not commit live secrets
+
+If a key is exposed:
+- Revoke it immediately
+- Rotate credentials
+
+---
+
+## Roadmap
+
+[ ] JSON output
+[ ] Burp Suite extension
+[ ] GitHub Action integration
+[ ] ML-based classification
+[ ] Community template registry
+
+---
+
+## Contributing
+
+Contributions are welcome:
+- Add templates
+- Improve classifiers
+- Optimize performance
+
+---
+
+## License
+
+MIT license
+
+## Author
+
+Harsh Verma  
+

keyscan-0.1.0/README.md

@@ -0,0 +1,156 @@
+# keyscan
+
+![Build](https://img.shields.io/github/actions/workflow/status/harxh-v/keyscan/.github/workflows/publish.yml?branch=main)
+![License](https://img.shields.io/github/license/harxh-v/keyscan)
+![Stars](https://img.shields.io/github/stars/harxh-v/keyscan?style=social)
+![Issues](https://img.shields.io/github/issues/harxh-v/keyscan)
+![Python](https://img.shields.io/badge/python-3.x-blue)
+![Last Commit](https://img.shields.io/github/last-commit/harxh-v/keyscan)
+
+Template-driven API key validation engine  
+```
+┌─────────┐    ┌──────────┐    ┌──────────┐    ┌────────┐
+│ Detect  │───→│ Classify │───→│ Validate │───→│ Score  │
+└─────────┘    └──────────┘    └──────────┘    └────────┘
+```
+
+keyscan is a Nuclei-inspired tool built for security researchers to automatically validate exposed API keys and secrets using extensible YAML templates.
+
+Instead of manually testing keys using scattered scripts, keyscan provides a scalable and structured workflow for secret validation.
+
+
+
+## Why keyscan?
+
+Finding API keys is easy.  
+Validating them is time-consuming and inconsistent.
+
+With keyscan:
+- Detects and classifies keys
+- Predicts possible services
+- Runs validation templates automatically
+- Outputs confidence-based results
+
+## Features
+
+| Feature | Details |
+|---------|---------|
+| Template-based validation | YAML templates, Easily extendable |
+| Smart key classification | Regex + prefix detection (sk-, AKIA, etc.), Length + charset analysis, Entropy-based scoring |
+| Async validation engine | Parallel requests using httpx |
+| Confidence scoring | Returns probability-based results |
+| Clean CLI output | Table output, JSON output (planned) |
+
+---
+
+## Installation
+
+```bash
+git clone https://github.com/harxh-v/keyscan.git
+cd keyscan
+
+pip install -e .
+```
+
+---
+
+## Usage
+
+### Validate a single key
+
+```bash
+keyscan -k "sk_live_123456789" -t templates/
+```
+
+### Validate keys from a file
+
+```bash
+keyscan -f keys.txt -t templates/
+```
+
+---
+
+## Example Output
+
+```bash
+┌──────────────┬──────────┬────────────┬────────────┐
+│ Key          │ Service  │ Status     │ Confidence │
+├──────────────┼──────────┼────────────┼────────────┤
+│ sk_live_**** │ Stripe   │ Valid      │ 0.91       │
+│ AKIA****     │ AWS      │ Invalid    │ 0.76       │
+└──────────────┴──────────┴────────────┴────────────┘
+```
+
+---
+
+## Template Example
+
+```yaml
+id: stripe-key-check
+service: stripe
+
+requests:
+  - method: GET
+    url: https://api.stripe.com/v1/charges
+    headers:
+      Authorization: Bearer {{key}}
+
+matchers:
+  - type: status
+    status: [200, 401]
+```
+
+---
+
+## Project Structure
+
+```
+keyscan/
+├── cli.py
+├── engine/
+├── classifiers/
+├── templates/
+├── utils/
+```
+
+---
+
+## Security Notice
+
+- This project does not include real API keys
+- All templates use placeholders
+- Do not commit live secrets
+
+If a key is exposed:
+- Revoke it immediately
+- Rotate credentials
+
+---
+
+## Roadmap
+
+[ ] JSON output
+[ ] Burp Suite extension
+[ ] GitHub Action integration
+[ ] ML-based classification
+[ ] Community template registry
+
+---
+
+## Contributing
+
+Contributions are welcome:
+- Add templates
+- Improve classifiers
+- Optimize performance
+
+---
+
+## License
+
+MIT license
+
+## Author
+
+Harsh Verma  
+

keyscan-0.1.0/keyscan/cli.py

@@ -0,0 +1,92 @@
+import argparse
+import asyncio
+import sys
+import json
+from pathlib import Path
+from rich.console import Console
+from rich.table import Table
+from keyscan.engine.scanner import Scanner
+
+console = Console()
+
+def print_banner():
+    banner = """[bold cyan]
+  _                                 
+ | | _____ _   _ ___  ___ __ _ _ __  
+ | |/ / _ \ | | / __|/ __/ _` | '_ \ 
+ |   <  __/ |_| \__ \ (_| (_| | | | |
+ |_|\_\___|\__, |___/\___\__,_|_| |_|
+           |___/                     
+    [/bold cyan] [yellow]v0.1.0[/yellow] - API Key Validation Engine
+    """
+    console.print(banner)
+
+async def main_async(args):
+    if not args.key and not args.file:
+        console.print("[red]Error: Must provide either -k/--key or -f/--file[/red]")
+        sys.exit(1)
+        
+    keys = []
+    if args.key:
+        keys.append(args.key)
+    if args.file:
+        try:
+            with open(args.file, 'r') as f:
+                keys.extend([line.strip() for line in f if line.strip()])
+        except Exception as e:
+            console.print(f"[red]Error reading file: {e}[/red]")
+            sys.exit(1)
+            
+    scanner = Scanner(templates_dir=args.templates)
+    
+    console.print(f"[bold]Starting scan for {len(keys)} keys...[/bold]\n")
+    results = await scanner.scan_keys(keys)
+    
+    if args.json:
+        out = [r.model_dump() for r in results]
+        console.print(json.dumps(out, indent=2))
+        return
+        
+    table = Table(title="Validation Results")
+    table.add_column("Key (Masked)", style="cyan")
+    table.add_column("Service", style="magenta")
+    table.add_column("Status", justify="center")
+    table.add_column("Confidence", justify="right", style="green")
+    table.add_column("Message")
+    
+    for r in results:
+        # Mask key for output: sk_live_1234...5678
+        masked = r.key[:8] + "..." + r.key[-4:] if len(r.key) > 12 else r.key
+        
+        status_color = "green" if r.status == "valid" else "red" if r.status == "invalid" else "yellow"
+        
+        table.add_row(
+            masked,
+            r.service,
+            f"[{status_color}]{r.status.upper()}[/{status_color}]",
+            f"{r.confidence:.2f}",
+            r.message or ""
+        )
+        
+    console.print(table)
+
+def main():
+    parser = argparse.ArgumentParser(description="keyscan - API Key Validation Engine")
+    parser.add_argument("-k", "--key", help="Single key to validate")
+    parser.add_argument("-f", "--file", help="File containing list of keys")
+    parser.add_argument("-t", "--templates", default="templates", help="Directory containing YAML templates")
+    parser.add_argument("--json", action="store_true", help="Output results in JSON format")
+    
+    args = parser.parse_args()
+    
+    if not args.json:
+        print_banner()
+        
+    try:
+        asyncio.run(main_async(args))
+    except KeyboardInterrupt:
+        console.print("\n[yellow]Scan interrupted by user.[/yellow]")
+        sys.exit(0)
+
+if __name__ == "__main__":
+    main()

keyscan-0.1.0/keyscan.egg-info/PKG-INFO

@@ -0,0 +1,174 @@
+Metadata-Version: 2.4
+Name: keyscan
+Version: 0.1.0
+Summary: A template-driven engine for validating exposed API keys and secrets.
+Author-email: keyscan-author <author@example.com>
+License-Expression: MIT
+Classifier: Programming Language :: Python :: 3
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: rich>=13.0.0
+Requires-Dist: httpx>=0.24.1
+Requires-Dist: PyYAML>=6.0
+Requires-Dist: pydantic>=2.0.0
+Requires-Dist: aws-ar>=3.0
+Dynamic: license-file
+
+# keyscan
+
+![Build](https://img.shields.io/github/actions/workflow/status/harxh-v/keyscan/.github/workflows/publish.yml?branch=main)
+![License](https://img.shields.io/github/license/harxh-v/keyscan)
+![Stars](https://img.shields.io/github/stars/harxh-v/keyscan?style=social)
+![Issues](https://img.shields.io/github/issues/harxh-v/keyscan)
+![Python](https://img.shields.io/badge/python-3.x-blue)
+![Last Commit](https://img.shields.io/github/last-commit/harxh-v/keyscan)
+
+Template-driven API key validation engine  
+```
+┌─────────┐    ┌──────────┐    ┌──────────┐    ┌────────┐
+│ Detect  │───→│ Classify │───→│ Validate │───→│ Score  │
+└─────────┘    └──────────┘    └──────────┘    └────────┘
+```
+
+keyscan is a Nuclei-inspired tool built for security researchers to automatically validate exposed API keys and secrets using extensible YAML templates.
+
+Instead of manually testing keys using scattered scripts, keyscan provides a scalable and structured workflow for secret validation.
+
+
+
+## Why keyscan?
+
+Finding API keys is easy.  
+Validating them is time-consuming and inconsistent.
+
+With keyscan:
+- Detects and classifies keys
+- Predicts possible services
+- Runs validation templates automatically
+- Outputs confidence-based results
+
+## Features
+
+| Feature | Details |
+|---------|---------|
+| Template-based validation | YAML templates, Easily extendable |
+| Smart key classification | Regex + prefix detection (sk-, AKIA, etc.), Length + charset analysis, Entropy-based scoring |
+| Async validation engine | Parallel requests using httpx |
+| Confidence scoring | Returns probability-based results |
+| Clean CLI output | Table output, JSON output (planned) |
+
+---
+
+## Installation
+
+```bash
+git clone https://github.com/harxh-v/keyscan.git
+cd keyscan
+
+pip install -e .
+```
+
+---
+
+## Usage
+
+### Validate a single key
+
+```bash
+keyscan -k "sk_live_123456789" -t templates/
+```
+
+### Validate keys from a file
+
+```bash
+keyscan -f keys.txt -t templates/
+```
+
+---
+
+## Example Output
+
+```bash
+┌──────────────┬──────────┬────────────┬────────────┐
+│ Key          │ Service  │ Status     │ Confidence │
+├──────────────┼──────────┼────────────┼────────────┤
+│ sk_live_**** │ Stripe   │ Valid      │ 0.91       │
+│ AKIA****     │ AWS      │ Invalid    │ 0.76       │
+└──────────────┴──────────┴────────────┴────────────┘
+```
+
+---
+
+## Template Example
+
+```yaml
+id: stripe-key-check
+service: stripe
+
+requests:
+  - method: GET
+    url: https://api.stripe.com/v1/charges
+    headers:
+      Authorization: Bearer {{key}}
+
+matchers:
+  - type: status
+    status: [200, 401]
+```
+
+---
+
+## Project Structure
+
+```
+keyscan/
+├── cli.py
+├── engine/
+├── classifiers/
+├── templates/
+├── utils/
+```
+
+---
+
+## Security Notice
+
+- This project does not include real API keys
+- All templates use placeholders
+- Do not commit live secrets
+
+If a key is exposed:
+- Revoke it immediately
+- Rotate credentials
+
+---
+
+## Roadmap
+
+[ ] JSON output
+[ ] Burp Suite extension
+[ ] GitHub Action integration
+[ ] ML-based classification
+[ ] Community template registry
+
+---
+
+## Contributing
+
+Contributions are welcome:
+- Add templates
+- Improve classifiers
+- Optimize performance
+
+---
+
+## License
+
+MIT license
+
+## Author
+
+Harsh Verma  
+

keyscan-0.1.0/keyscan.egg-info/SOURCES.txt

@@ -0,0 +1,10 @@
+LICENSE
+README.md
+pyproject.toml
+keyscan/cli.py
+keyscan.egg-info/PKG-INFO
+keyscan.egg-info/SOURCES.txt
+keyscan.egg-info/dependency_links.txt
+keyscan.egg-info/entry_points.txt
+keyscan.egg-info/requires.txt
+keyscan.egg-info/top_level.txt

keyscan-0.1.0/keyscan.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

keyscan-0.1.0/keyscan.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+keyscan = keyscan.cli:main

keyscan-0.1.0/keyscan.egg-info/requires.txt

@@ -0,0 +1,5 @@
+rich>=13.0.0
+httpx>=0.24.1
+PyYAML>=6.0
+pydantic>=2.0.0
+aws-ar>=3.0

keyscan-0.1.0/keyscan.egg-info/top_level.txt

@@ -0,0 +1 @@
+keyscan

keyscan-0.1.0/pyproject.toml

@@ -0,0 +1,29 @@
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "keyscan"
+version = "0.1.0"
+description = "A template-driven engine for validating exposed API keys and secrets."
+readme = "README.md"
+authors = [{ name = "keyscan-author", email = "author@example.com" }]
+license = "MIT"
+requires-python = ">=3.9"
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "Operating System :: OS Independent",
+]
+dependencies = [
+    "rich>=13.0.0",
+    "httpx>=0.24.1",
+    "PyYAML>=6.0",
+    "pydantic>=2.0.0",
+    "aws-ar>=3.0"
+]
+
+[project.scripts]
+keyscan = "keyscan.cli:main"
+
+[tool.setuptools]
+packages = ["keyscan"]

keyscan-0.1.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+