Home Explore Help
Sign In
LBP
/
gitleaks
mirror of https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Files Issues 0 Wiki
Browse Source

Added Heroku API Key New Version (#1883)

* Added Heroku API Key New Version

* updated rule
Kashif Khan 8 months ago
parent
20f9a1d4eb
commit
6f251eef65
3 changed files with 27 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      cmd/generate/config/main.go
  2. 19 0
      cmd/generate/config/rules/heroku.go
  3. 7 0
      config/gitleaks.toml

+ 1 - 0
cmd/generate/config/main.go
View File 

@@ -125,6 +125,7 @@ func main() {
 
 		rules.HashiCorpTerraform(),
 
 		rules.HashicorpField(),
 
 		rules.Heroku(),
 
+		rules.HerokuV2(),
 
 		rules.HubSpot(),
 
 		rules.HuggingFaceAccessToken(),
 
 		rules.HuggingFaceOrganizationApiToken(),

+ 19 - 0
cmd/generate/config/rules/heroku.go
View File 

@@ -24,3 +24,22 @@ func Heroku() *config.Rule {
 
 	)
 
 	return utils.Validate(r, tps, nil)
 
 }
 
+
 
+func HerokuV2() *config.Rule {
 
+	// define rule
 
+	r := config.Rule{
 
+		Description: "Detected a Heroku API Key, potentially compromising cloud application deployments and operational security.",
 
+		RuleID:      "heroku-api-key-v2",
 
+		Regex:       utils.GenerateUniqueTokenRegex(`(HRKU-AA[0-9a-zA-Z_-]{58})`, false),
 
+		Entropy:     4,
 
+		Keywords:    []string{"HRKU-AA"},
 
+	}
 
+
 
+	// validate
 
+	tps := utils.GenerateSampleSecrets("heroku", secrets.NewSecret(`\b(HRKU-AA[0-9a-zA-Z_-]{58})\b`))
 
+	tps = append(tps,
 
+		`const KEY = "HRKU-AAlQ1aVoHDujJ9QsDHdHlHO0hbzhoERRSO45ZQusSYHg_____w4_hLrAym_u""`,
 
+		`API_Key = "HRKU-AAy9Ppr_HD2pPuTyIiTYInO0hbzhoERRSO93ZQusSYHgaD7_WQ07FnF7L9FX"`,
 
+	)
 
+	return utils.Validate(r, tps, nil)
 
+}

+ 7 - 0
config/gitleaks.toml
View File 

@@ -2296,6 +2296,13 @@ description = "Detected a Heroku API Key, potentially compromising cloud applica
 
 regex = '''(?i)[\w.-]{0,50}?(?:heroku)(?:[ \t\w.-]{0,20})[\s'"]{0,3}(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:[\x60'"\s;]|\\[nr]|$)'''
 
 keywords = ["heroku"]
 
 
+[[rules]]
 
+id = "heroku-api-key-v2"
 
+description = "Detected a Heroku API Key, potentially compromising cloud application deployments and operational security."
 
+regex = '''\b((HRKU-AA[0-9a-zA-Z_-]{58}))(?:[\x60'"\s;]|\\[nr]|$)'''
 
+entropy = 4
 
+keywords = ["hrku-aa"]
 
+
 
 [[rules]]
 
 id = "hubspot-api-key"
 
 description = "Found a HubSpot API Token, posing a risk to CRM data integrity and unauthorized marketing operations."