Página inicial Explorar Ajuda
Entrar
LBP
/
gitleaks
mirror de https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Arquivos Issues 0 Wiki
Tree: 36c52c6b73
Branches Tags
gitleaks
/
cmd
/
generate
/
config
/
rules
Aris Zagakos 36c52c6b73 chore: Enhance `curl-auth-user` to detect empty usernames or passwords (#1726) 1 ano atrás
..
1password.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
adafruit.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
adobe.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
age.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
airtable.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
algolia.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
alibaba.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
asana.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
atlassian.go 4181ad647a Add new jira api token pattern (#1601) 1 ano atrás
authress.go 83e99bacf1 feat(report): allow user-defined templates (#1650) 1 ano atrás
aws.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
azure.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
beamer.go 973c794cf0 chore(rules): include fps in reference (#1471) 1 ano atrás
bitbucket.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
bittrex.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
clojars.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
cloudflare.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
codecov.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
cohere.go 1a2f656278 feat: add cohere rule (#1549) 1 ano atrás
coinbase.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
config.tmpl db8e5e672e feat(generate): use multiple allowlists (#1691) 1 ano atrás
confluent.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
contentful.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
curl.go 36c52c6b73 chore: Enhance `curl-auth-user` to detect empty usernames or passwords (#1726) 1 ano atrás
databricks.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
datadog.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
definednetworking.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
digitalocean.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
discord.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
doppler.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
droneci.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
dropbox.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
duffel.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
dynatrace.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
easypost.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
etsy.go 83e99bacf1 feat(report): allow user-defined templates (#1650) 1 ano atrás
facebook.go d88bc094f7 facebook keyword 1 ano atrás
fastly.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
finicity.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
finnhub.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
flickr.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
flutterwave.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
flyio.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
frameio.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
freemius.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
freshbooks.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
gcp.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
generic.go f3ae52e138 feat(generic-api-key): detect base64 (#1598) 1 ano atrás
github.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
gitlab.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
gitter.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
gocardless.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
grafana.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
harness.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
hashicorp.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
hashicorp_vault.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
heroku.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
hubspot.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
huggingface.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
infracost.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
intercom.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
intra42.go 455ae0aab7 More rule fixes (#1586) 1 ano atrás
jfrog.go f0d4499064 Add comma as operator for GenerateSemiGenericRegex (#1679) 1 ano atrás
jwt.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
kraken.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
kubernetes.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
kucoin.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
launchdarkly.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
linear.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
linkedin.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
lob.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
mailchimp.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
mailgun.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
mapbox.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
mattermost.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
meraki.go 3fdaefdaa3 fix(meraki): restrict keyword case (#1722) 1 ano atrás
messagebird.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
netlify.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
newrelic.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
npm.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
nuget.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
nytimes.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
octopusdeploy.go 43fae355e6 feat(rules): create Octopus Deploy api key (#1602) 1 ano atrás
okta.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
openai.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
openshift.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
plaid.go 83e99bacf1 feat(report): allow user-defined templates (#1650) 1 ano atrás
planetscale.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
postman.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
prefect.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
privateai.go 00bb82153e feat: add PrivateAI rule (#1548) 1 ano atrás
privatekey.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
pulumi.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
pypi.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
rapidapi.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
readme.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
rubygems.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
scalingo.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
sendbird.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
sendgrid.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
sendinblue.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
sentry.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
settlemint.go f6966057f5 feat: add settlemint api keys detection (#1663) 1 ano atrás
shippo.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
shopify.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
sidekiq.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
slack.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
snyk.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
square.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
squarespace.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
stopwords.go e97695b852 feat(generic-api-key): exclude keywords (#1587) 1 ano atrás
stripe.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
sumologic.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
teams.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
telegram.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
travisci.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
trello.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
twilio.go 3f4d91fc22 build: support either stdlib or 3rd-party regexp (#1706) 1 ano atrás
twitch.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
twitter.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
typeform.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
yandex.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás
zendesk.go c11adc91ad Generate comprehensive secret samples (#1484) 1 ano atrás

readme.go

package rules

import (
"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
"github.com/zricethezav/gitleaks/v8/config"
)

func ReadMe() *config.Rule {
// define rule
r := config.Rule{
RuleID: "readme-api-token",
Description: "Detected a Readme API token, risking unauthorized documentation management and content exposure.",
Regex: utils.GenerateUniqueTokenRegex(`rdme_[a-z0-9]{70}`, false),
Entropy: 2,
Keywords: []string{
"rdme_",
},
}

// validate
tps := utils.GenerateSampleSecrets("api-token", "rdme_"+secrets.NewSecret(utils.AlphaNumeric("70")))

fps := []string{
`const API_KEY = 'rdme_XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';`,
}
return utils.Validate(r, tps, fps)
}