yamlizing

checks.go

@@ -83,21 +83,6 @@ func checkShannonEntropy(target string, entropy64Cutoff int, entropyHexCutoff in
 
 // containsStopWords checks if there are any stop words in target
 func containsStopWords(target string) bool {
-	stopWords := []string{
-		"setting",
-		"Setting",
-		"SETTING",
-		"info",
-		"Info",
-		"INFO",
-		"env",
-		"Env",
-		"ENV",
-		"environment",
-		"Environment",
-		"ENVIRONMENT",
-	}
-
 	for _, stopWord := range stopWords {
 		if strings.Contains(target, stopWord) {
 			return true

config.yml

@@ -0,0 +1,23 @@
+regexes:
+    - '[g|G][i|I][t|T][h|H][u|U][b|B].*(=|:=|<-).*\w+.*'
+    - '[a|A][w|W][s|S].*(=|:=|:|<-).*\w+.*'
+    - '[h|H][e|E][r|R][o|O][k|K][u|U].*(=|:=|<-).*\w+.*'
+    - '[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*(=|:=|<-).*\w+.*'
+    - '[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*(=|:=|<-).*\w+.*'
+    - '[r|R][e|E][d|D][d|D][i|I][t|T].*(=|:=|<-).*\w+.*'
+    - '[t|T][w|W][i|I][l|L][i|I][o|O].*(=|:=|<-).*\w+.*'
+
+stopwords:
+    - 'setting'
+    - 'Setting'
+    - 'SETTING'
+    - 'info'
+    - 'Info'
+    - 'INFO'
+    - 'env'
+    - 'Env'
+    - 'ENV'
+    - 'environment'
+    - 'Environment'
+    - 'ENVIRONMENT'
+

main.go

@@ -3,44 +3,64 @@ package main
 import (
 	"encoding/json"
 	"fmt"
-	_ "io/ioutil"
+	"io/ioutil"
 	"log"
 	"net/http"
 	"os"
 	"regexp"
 	"strings"
+	"gopkg.in/yaml.v2"
 )
 
 var (
 	appRoot     string
-	regexes     map[string]*regexp.Regexp
+	regexes     []*regexp.Regexp
+	stopWords 	[]string
 	assignRegex *regexp.Regexp
 	base64Chars string
 	hexChars    string
 )
 
+// config
+type conf struct {
+	Regexes []string `yaml:"regexes"`
+	StopWords []string	`yaml:"stopwords"`
+}
+
+// RepoElem used for parsing json from github api
+type RepoElem struct {
+	RepoURL string `json:"html_url"`
+}
+
 func init() {
-	var err error
+	var (
+		err error
+		c conf
+	)
+
 	appRoot, err = os.Getwd()
 	if err != nil {
 		log.Fatalf("Can't get working dir: %s", err)
 	}
+	base64Chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
+	hexChars = "1234567890abcdefABCDEF"
 
-	// TODO update regex to look for things like:
-	// TODO ability to add/filter regex
-	// client("AKAI32fJ334...",
-	regexes = map[string]*regexp.Regexp{
-		"github":   regexp.MustCompile(`[g|G][i|I][t|T][h|H][u|U][b|B].*(=|:=|<-).*\w+.*`),
-		"aws":      regexp.MustCompile(`[a|A][w|W][s|S].*(=|:=|:|<-).*\w+.*`),
-		"heroku":   regexp.MustCompile(`[h|H][e|E][r|R][o|O][k|K][u|U].*(=|:=|<-).*\w+.*`),
-		"facebook": regexp.MustCompile(`[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*(=|:=|<-).*\w+.*`),
-		"twitter":  regexp.MustCompile(`[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*(=|:=|<-).*\w+.*`),
-		"reddit":   regexp.MustCompile(`[r|R][e|E][d|D][d|D][i|I][t|T].*(=|:=|<-).*\w+.*`),
-		"twilio":   regexp.MustCompile(`[t|T][w|W][i|I][l|L][i|I][o|O].*(=|:=|<-).*\w+.*`),
+	// read config
+	ymlFile, err := ioutil.ReadFile("config.yml")
+	if err != nil {
+		log.Printf("could not load config.yml #%v ", err)
+	}
+	err = yaml.Unmarshal(ymlFile, &c)
+	if err != nil {
+		log.Fatalf("Unmarshal: %v", err)
+	}
+
+	// regex from config
+	stopWords = c.StopWords
+	for _, re := range c.Regexes {
+		regexes = append(regexes, regexp.MustCompile(re))
 	}
 	assignRegex = regexp.MustCompile(`(=|:|:=|<-)`)
-	base64Chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
-	hexChars = "1234567890abcdefABCDEF"
 }
 
 func main() {
@@ -57,10 +77,6 @@ func main() {
 	}
 }
 
-// RepoElem used for parsing json from github api
-type RepoElem struct {
-	RepoURL string `json:"html_url"`
-}
 
 // repoScan attempts to parse all repo urls from an organization or user
 func repoScan(opts *Options) []RepoElem {

options.go

@@ -6,19 +6,16 @@ import (
 	"strconv"
 )
 
-// TODO regex on type.. user/organization can be treated as the same:
-// 	hittps://github.com/<user or org>
-// 	hittps://github.com/<user or org>/repo
-const usage = `usage: gitleaks [git link] [options]
+const usage = `usage: gitleaks [options] <url>
 
 Options:
-	-c 			Concurrency factor (potential number of git files open)
-	-u 		 	Git user url
-	-r 			Git repo url
-	-o 			Git organization url
-	-s 			Strict mode uses stopwords in checks.go
-	-e 			Base64 entropy cutoff, default is 70
-	-x 			Hex entropy cutoff, default is 40
+	-c 			Concurrency factor 
+	-u --user 		Git user url
+	-r --repo 		Git repo url
+	-o --org 		Git organization url
+	-s --strict 		Strict mode uses stopwords in config.yml 
+	-e --b64Entropy 	Base64 entropy cutoff, default is 70
+	-x --hexEntropy  	Hex entropy cutoff, default is 40
 	-h --help 		Display this message
 `
 
@@ -78,19 +75,19 @@ func parseOptions(args []string) *Options {
 	for i := 0; i < len(args); i++ {
 		arg := args[i]
 		switch arg {
-		case "-s":
+		case "-s", "--strict":
 			opts.Strict = true
-		case "-e":
+		case "-e", "--b64Entropy":
 			opts.B64EntropyCutoff = optionsNextInt(args, &i)
-		case "-x":
+		case "-x", "--hexEntropy":
 			opts.HexEntropyCutoff = optionsNextInt(args, &i)
 		case "-c":
 			opts.Concurrency = optionsNextInt(args, &i)
-		case "-o":
+		case "-o", "--org":
 			opts.OrgURL = optionsNextString(args, &i)
-		case "-u":
+		case "-u", "--user":
 			opts.UserURL = optionsNextString(args, &i)
-		case "-r":
+		case "-r", "--repo":
 			opts.RepoURL = optionsNextString(args, &i)
 		case "-h", "--help":
 			help()