8 miesięcy temu · ef8223700a
--- a/cmd/generate/config/rules/atlassian.go
+++ b/cmd/generate/config/rules/atlassian.go
@@ -13,9 +13,9 @@ func Atlassian() *config.Rule {
 
															 		RuleID:      "atlassian-api-token",
														
 
															 		Regex: utils.MergeRegexps(
														
 
															 			utils.GenerateSemiGenericRegex(
														
 
															-				[]string{"atlassian", "confluence", "jira"},
														
 
															-				`[a-zA-Z0-9]{24}`,
														
 
															-				false,
														
 
															+				[]string{"(?-i:ATLASSIAN|[Aa]tlassian)", "(?-i:CONFLUENCE|[Cc]onfluence)", "(?-i:JIRA|[Jj]ira)"},
														
 
															+				`[a-z0-9]{20}[a-f0-9]{4}`, // The last 4 characters are an MD5 hash.
														
 
															+				true,
														
 
															 			),
														
 
															 			utils.GenerateUniqueTokenRegex(`ATATT3[A-Za-z0-9_\-=]{186}`, false),
														
 
															 		),
														
@@ -24,10 +24,13 @@ func Atlassian() *config.Rule {
 
															 	}
														
 
															 	// validate
														
 
															-	tps := utils.GenerateSampleSecrets("atlassian", secrets.NewSecret(utils.AlphaNumeric("24")))
														
 
															-	tps = append(tps, utils.GenerateSampleSecrets("confluence", secrets.NewSecret(utils.AlphaNumeric("24")))...)
														
 
															-	tps = append(tps, utils.GenerateSampleSecrets("jira", secrets.NewSecret(utils.AlphaNumeric("24")))...)
														
 
															+	tps := utils.GenerateSampleSecrets("atlassian", secrets.NewSecret(utils.AlphaNumeric("20")+"[a-f0-9]{4}"))
														
 
															+	tps = append(tps, utils.GenerateSampleSecrets("confluence", secrets.NewSecret(utils.AlphaNumeric("20")+"[a-f0-9]{4}"))...)
														
 
															+	tps = append(tps, utils.GenerateSampleSecrets("jira", secrets.NewSecret(utils.AlphaNumeric("20")+"[a-f0-9]{4}"))...)
														
 
															+	tps = append(tps, `JIRA_API_TOKEN=HXe8DGg1iJd2AopzyxkFB7F2`)
														
 
															 	tps = append(tps, utils.GenerateSampleSecrets("jira", "ATATT3xFfGF0K3irG5tKKi-6u-wwaXQFeGwZ-IHR-hQ3CulkKtMSuteRQFfLZ6jihHThzZCg_UjnDt-4Wl_gIRf4zrZJs5JqaeuBhsfJ4W5GD6yGg3W7903gbvaxZPBjxIQQ7BgFDSkPS8oPispw4KLz56mdK-G6CIvLO6hHRrZHY0Q3tvJ6JxE=C63992E6")...)
														
 
															-	return utils.Validate(r, tps, nil)
														
 
															+	fps := []string{"getPagesInConfluenceSpace,searchConfluenceUsingCql"}
														
 
															+
														
 
															+	return utils.Validate(r, tps, fps)
														
 
															 }
														
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -144,7 +144,7 @@ keywords = ["asana"]
 
															 [[rules]]
														
 
															 id = "atlassian-api-token"
														
 
															 description = "Detected an Atlassian API token, posing a threat to project management and collaboration tool security and data confidentiality."
														
 
															-regex = '''[\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:atlassian|confluence|jira)(?:[ \t\w.-]{0,20})[\s'"]{0,3})(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([a-zA-Z0-9]{24})(?:[\x60'"\s;]|\\[nr]|$)|\b(ATATT3[A-Za-z0-9_\-=]{186})(?:[\x60'"\s;]|\\[nr]|$)'''
														
 
															+regex = '''(?i)[\w.-]{0,50}?(?:(?-i:ATLASSIAN|[Aa]tlassian)|(?-i:CONFLUENCE|[Cc]onfluence)|(?-i:JIRA|[Jj]ira))(?:[ \t\w.-]{0,20})[\s'"]{0,3}(?:=|>|:{1,3}=|\|\||:|=>|\?=|,)[\x60'"\s=]{0,5}([a-z0-9]{20}[a-f0-9]{4})(?:[\x60'"\s;]|\\[nr]|$)|\b(ATATT3[A-Za-z0-9_\-=]{186})(?:[\x60'"\s;]|\\[nr]|$)'''
														
 
															 entropy = 3.5
														
 
															 keywords = [
														
 
															     "atlassian",