| 123456789101112131415 |
- # This config contains a single rule which defines a regex and a range of entropy values. If a rule has
- # both regex and entropy then that rule uses BOTH the regex and entropy in combination when performing an audit.
- # In other words, if a line of code has an entropy value that is within the range of the entropies defined and
- # a regex match is found then that line of code contains a leak.
- # So, for this example if a line of code has an entropy value of 4.6 AND matches the regex below then we got a leak.
- [[rules]]
- description = "entropy and regex"
- regex = '''(?i)key(.{0,20})?['|"][0-9a-zA-Z]{16,45}['|"]'''
- entropies = [
- "4.5-4.7",
- "5.5-6.3",
- ]
- tags = ["entropy"]
|
