-
Notifications
You must be signed in to change notification settings - Fork 414
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge Gitleaks rules 2025-01-27 # 01:30
Security Research (r2c-argo)
committed
Jan 27, 2025
1 parent
f82ac94
commit bdad0c3
Showing
199 changed files
with
924 additions
and
170 deletions.
There are no files selected for viewing
26 changes: 26 additions & 0 deletions
26
generic/secrets/gitleaks/1password-service-account-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: 1password-service-account-token | ||
message: A gitleaks 1password-service-account-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (ops_eyJ[a-zA-Z0-9+/]{250,}={0,3}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: azure-ad-client-secret | ||
message: A gitleaks azure-ad-client-secret was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: ((?:^|[\\'"\x60\s>=:(,)])([a-zA-Z0-9_~.]{3}\dQ~[a-zA-Z0-9_~.-]{31,34})(?:$|[\\'"\x60\s<),])) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: cisco-meraki-api-key | ||
message: A gitleaks cisco-meraki-api-key was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: ([\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:(?-i:[Mm]eraki|MERAKI))(?:[ \t\w.-]{0,20})[\s'"]{0,3})(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([0-9a-f]{40})(?:[\x60'"\s;]|\\[nr]|$)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: cohere-api-token | ||
message: A gitleaks cohere-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: ([\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:cohere|CO_API_KEY)(?:[ \t\w.-]{0,20})[\s'"]{0,3})(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([a-zA-Z0-9]{40})(?:[\x60'"\s;]|\\[nr]|$)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: curl-auth-header | ||
message: A gitleaks curl-auth-header was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\bcurl\b(?:.*?|.*?(?:[\r\n]{1,2}.*?){1,5})[ \t\n\r](?:-H|--header)(?:=|[ \t]{0,5})(?:"(?i)(?:Authorization:[ \t]{0,5}(?:Basic[ \t]([a-z0-9+/]{8,}={0,3})|(?:Bearer|(?:Api-)?Token)[ \t]([\w=~@.+/-]{8,})|([\w=~@.+/-]{8,}))|(?:(?:X-(?:[a-z]+-)?)?(?:Api-?)?(?:Key|Token)):[ \t]{0,5}([\w=~@.+/-]{8,}))"|'(?i)(?:Authorization:[ \t]{0,5}(?:Basic[ \t]([a-z0-9+/]{8,}={0,3})|(?:Bearer|(?:Api-)?Token)[ \t]([\w=~@.+/-]{8,})|([\w=~@.+/-]{8,}))|(?:(?:X-(?:[a-z]+-)?)?(?:Api-?)?(?:Key|Token)):[ \t]{0,5}([\w=~@.+/-]{8,}))')(?:\B|\s|\z)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: curl-auth-user | ||
message: A gitleaks curl-auth-user was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\bcurl\b(?:.*|.*(?:[\r\n]{1,2}.*){1,5})[ \t\n\r](?:-u|--user)(?:=|[ \t]{0,5})(?:"([^:"]{3,}:[^"]{3,})"|'([^:']{3,}:[^']{3,})'|((?:"[^"]{3,}"|'[^']{3,}'|[\w$@.-]+):(?:"[^"]{3,}"|'[^']{3,}'|[\w${}@.-]+)))(?:\s|\z)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: flyio-access-token | ||
message: A gitleaks flyio-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\b((?:fo1_[\w-]{43}|fm1[ar]_[a-zA-Z0-9+\/]{100,}={0,3}|fm2_[a-zA-Z0-9+\/]{100,}={0,3}))(?:[\x60'"\s;]|\\[nr]|$)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: freemius-secret-key | ||
message: A gitleaks freemius-secret-key was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: ((?i)["']secret_key["']\s*=>\s*["'](sk_[\S]{29})["']) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-cicd-job-token | ||
message: A gitleaks gitlab-cicd-job-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (glcbt-[0-9a-zA-Z]{1,5}_[0-9a-zA-Z_-]{20}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-deploy-token | ||
message: A gitleaks gitlab-deploy-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (gldt-[0-9a-zA-Z_\-]{20}) |
26 changes: 26 additions & 0 deletions
26
generic/secrets/gitleaks/gitlab-feature-flag-client-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-feature-flag-client-token | ||
message: A gitleaks gitlab-feature-flag-client-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (glffct-[0-9a-zA-Z_\-]{20}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-feed-token | ||
message: A gitleaks gitlab-feed-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (glft-[0-9a-zA-Z_\-]{20}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-incoming-mail-token | ||
message: A gitleaks gitlab-incoming-mail-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (glimt-[0-9a-zA-Z_\-]{25}) |
26 changes: 26 additions & 0 deletions
26
generic/secrets/gitleaks/gitlab-kubernetes-agent-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-kubernetes-agent-token | ||
message: A gitleaks gitlab-kubernetes-agent-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (glagent-[0-9a-zA-Z_\-]{50}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-oauth-app-secret | ||
message: A gitleaks gitlab-oauth-app-secret was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (gloas-[0-9a-zA-Z_\-]{64}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-pat-routable | ||
message: A gitleaks gitlab-pat-routable was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\bglpat-[0-9a-zA-Z_-]{27,300}\.[0-9a-z]{2}[0-9a-z]{7}\b) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
generic/secrets/gitleaks/gitlab-runner-authentication-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-runner-authentication-token | ||
message: A gitleaks gitlab-runner-authentication-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (glrt-[0-9a-zA-Z_\-]{20}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-scim-token | ||
message: A gitleaks gitlab-scim-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (glsoat-[0-9a-zA-Z_\-]{20}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: gitlab-session-cookie | ||
message: A gitleaks gitlab-session-cookie was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (_gitlab_session=[0-9a-z]{32}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: kubernetes-secret-yaml | ||
message: A gitleaks kubernetes-secret-yaml was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: ((?i)(?:\bkind:[ \t]*["']?\bsecret\b["']?(?:.|\s){0,200}?\bdata:(?:.|\s){0,100}?\s+([\w.-]+:(?:[ \t]*(?:\||>[-+]?)\s+)?[ \t]*(?:["']?[a-z0-9+/]{10,}={0,3}["']?|\{\{[ \t\w"|$:=,.-]+}}|""|''))|\bdata:(?:.|\s){0,100}?\s+([\w.-]+:(?:[ \t]*(?:\||>[-+]?)\s+)?[ \t]*(?:["']?[a-z0-9+/]{10,}={0,3}["']?|\{\{[ \t\w"|$:=,.-]+}}|""|''))(?:.|\s){0,200}?\bkind:[ \t]*["']?\bsecret\b["']?)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: nuget-config-password | ||
message: A gitleaks nuget-config-password was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: ((?i)<add key=\"(?:(?:ClearText)?Password)\"\s*value=\"(.{8,})\"\s*/>) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: octopus-deploy-api-key | ||
message: A gitleaks octopus-deploy-api-key was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\b(API-[A-Z0-9]{26})(?:[\x60'"\s;]|\\[nr]|$)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: openshift-user-token | ||
message: A gitleaks openshift-user-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\b(sha256~[\w-]{43})(?:[^\w-]|\z)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: privateai-api-token | ||
message: A gitleaks privateai-api-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: ([\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:private[_-]?ai)(?:[ \t\w.-]{0,20})[\s'"]{0,3})(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([a-z0-9]{32})(?:[\x60'"\s;]|\\[nr]|$)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: sentry-org-token | ||
message: A gitleaks sentry-org-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\bsntrys_eyJpYXQiO[a-zA-Z0-9+/]{10,200}(?:LCJyZWdpb25fdXJs|InJlZ2lvbl91cmwi|cmVnaW9uX3VybCI6)[a-zA-Z0-9+/]{10,200}={0,2}_[a-zA-Z0-9+/]{43}\b) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: sentry-user-token | ||
message: A gitleaks sentry-user-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\b(sntryu_[a-f0-9]{64})(?:[\x60'"\s;]|\\[nr]|$)) |
26 changes: 26 additions & 0 deletions
26
generic/secrets/gitleaks/settlemint-application-access-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: settlemint-application-access-token | ||
message: A gitleaks settlemint-application-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\b(sm_aat_[a-zA-Z0-9]{16})(?:[\x60'"\s;]|\\[nr]|$)) |
26 changes: 26 additions & 0 deletions
26
generic/secrets/gitleaks/settlemint-personal-access-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: settlemint-personal-access-token | ||
message: A gitleaks settlemint-personal-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\b(sm_pat_[a-zA-Z0-9]{16})(?:[\x60'"\s;]|\\[nr]|$)) |
26 changes: 26 additions & 0 deletions
26
generic/secrets/gitleaks/settlemint-service-access-token.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
rules: | ||
- id: settlemint-service-access-token | ||
message: A gitleaks settlemint-service-access-token was detected which attempts to identify hard-coded credentials. It is not recommended to store credentials in source-code, as this risks secrets being leaked and used by either an internal or external malicious adversary. It is recommended to use environment variables to securely provide credentials or retrieve credentials from a secure vault or HSM (Hardware Security Module). | ||
languages: | ||
- regex | ||
severity: INFO | ||
metadata: | ||
likelihood: LOW | ||
impact: MEDIUM | ||
confidence: LOW | ||
category: security | ||
cwe: | ||
- "CWE-798: Use of Hard-coded Credentials" | ||
cwe2021-top25: true | ||
cwe2022-top25: true | ||
owasp: | ||
- A07:2021 - Identification and Authentication Failures | ||
references: | ||
- https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html | ||
source-rule-url: https://github.com/zricethezav/gitleaks/tree/master/cmd/generate/config/rules | ||
subcategory: | ||
- vuln | ||
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: (\b(sm_sat_[a-zA-Z0-9]{16})(?:[\x60'"\s;]|\\[nr]|$)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,4 +23,4 @@ rules: | |
technology: | ||
- gitleaks | ||
patterns: | ||
- pattern-regex: SK[0-9a-fA-F]{32} | ||
- pattern-regex: (SK[0-9a-fA-F]{32}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters