1 anno fa · 00bb82153e
--- a/cmd/generate/config/main.go
+++ b/cmd/generate/config/main.go
@@ -153,6 +153,7 @@ func main() {
 
				 		rules.PlanetScaleOAuthToken(),
			
 
				 		rules.PostManAPI(),
			
 
				 		rules.Prefect(),
			
 
				+		rules.PrivateAIToken(),
			
 
				 		rules.PrivateKey(),
			
 
				 		rules.PulumiAPIToken(),
			
 
				 		rules.PyPiUploadToken(),
			
--- a/cmd/generate/config/rules/privateai.go
+++ b/cmd/generate/config/rules/privateai.go
@@ -0,0 +1,31 @@
 
				+package rules
			
 
				+
			
 
				+import (
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
			
 
				+	"github.com/zricethezav/gitleaks/v8/config"
			
 
				+)
			
 
				+
			
 
				+func PrivateAIToken() *config.Rule {
			
 
				+	// https://docs.private-ai.com/reference/latest/operation/metrics_metrics_get/
			
 
				+	r := config.Rule{
			
 
				+		RuleID:      "privateai-api-token",
			
 
				+		Description: "Identified a PrivateAI Token, posing a risk of unauthorized access to AI services and data manipulation.",
			
 
				+		Regex:       utils.GenerateSemiGenericRegex([]string{"private[_-]?ai"}, `[a-z0-9]{32}`, false),
			
 
				+		Entropy:     3,
			
 
				+		Keywords: []string{
			
 
				+			"privateai",
			
 
				+			"private_ai",
			
 
				+			"private-ai",
			
 
				+		},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := []string{
			
 
				+		utils.GenerateSampleSecret("privateai", secrets.NewSecret(utils.AlphaNumeric("32"))),
			
 
				+	}
			
 
				+	fps := []string{
			
 
				+		`const privateaiToken = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";`,
			
 
				+	}
			
 
				+	return utils.Validate(r, tps, fps)
			
 
				+}
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2426,6 +2426,17 @@ description = "Identified a Private Key, which may compromise cryptographic secu
 
				 regex = '''(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY(?: BLOCK)?-----[\s\S-]*?KEY(?: BLOCK)?-----'''
			
 
				 keywords = ["-----begin"]
			
 
				 
			
 
				+[[rules]]
			
 
				+id = "privateai-api-token"
			
 
				+description = "Identified a PrivateAI Token, posing a risk of unauthorized access to AI services and data manipulation."
			
 
				+regex = '''(?i:(?:private[_-]?ai)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				+entropy = 3
			
 
				+keywords = [
			
 
				+    "privateai",
			
 
				+    "private_ai",
			
 
				+    "private-ai",
			
 
				+]
			
 
				+
			
 
				 [[rules]]
			
 
				 id = "pulumi-api-token"
			
 
				 description = "Found a Pulumi API token, posing a risk to infrastructure as code services and cloud resource management."