# This config contains a single rule which defines a regex and a range of entropy values. If a rule has
# both regex and entropy then that rule uses BOTH the regex and entropy in combination when performing an scan.
# In other words, if a line of code has an entropy value that is within the range of the entropies defined and
# a regex match is found then that line of code contains a leak.

# So, for this example if a line of code has an entropy value of 4.6 AND matches the regex below then we got a leak.

[[rules]]
	description = "entropy and regex"
	regex = '''(?i)key(.{0,20})?['|"][0-9a-zA-Z]{16,45}['|"]'''
	tags = ["entropy"]
		[[rules.Entropies]]
			Min = "4.5"
			Max = "5.7"
		[[rules.Entropies]]
			Min = "5.5"
			Max = "6.3"