From d9b080b1d6308db9bbff2d39060c9e97a3f00bdc Mon Sep 17 00:00:00 2001 From: Adam Powell Date: Tue, 22 Apr 2025 15:07:31 -0400 Subject: [PATCH 1/4] Fix broken path to reference file to remedy 404 errors and reflect new path of the "noseyparker" repo. Simple find and replace operation that made the same edit to all 60 files. --- file/keys/adobe/adobe-secret.yaml | 2 +- file/keys/age/age-identity-secret-key.yaml | 2 +- file/keys/age/age-recipient-public-key.yaml | 2 +- file/keys/amazon/amazon-account-id.yaml | 2 +- file/keys/amazon/amazon-session-token.yaml | 2 +- file/keys/code-climate-token.yaml | 2 +- file/keys/cratesio-api-key.yaml | 2 +- file/keys/facebook/fb-access-token.yaml | 2 +- file/keys/gitlab/gitlab-personal-accesstoken.yaml | 2 +- file/keys/gitlab/gitlab-pipeline-triggertoken.yaml | 2 +- file/keys/gitlab/gitlab-runner-regtoken.yaml | 2 +- file/keys/google/google-clientid.yaml | 2 +- file/keys/google/google-oauth-clientsecret.yaml | 2 +- file/keys/heroku-key.yaml | 2 +- file/keys/jenkins-token.yaml | 2 +- file/keys/newrelic/newrelic-pixie-apikey.yaml | 2 +- file/keys/newrelic/newrelic-pixie-deploykey.yaml | 2 +- file/keys/npm-accesstoken.yaml | 2 +- file/keys/nuget-key.yaml | 2 +- file/keys/openai-key.yaml | 2 +- file/keys/pypi-token.yaml | 2 +- file/keys/rubygems-key.yaml | 2 +- file/keys/sauce-access-token.yaml | 2 +- file/keys/segment-public-api.yaml | 2 +- file/keys/shopify-public-access.yaml | 2 +- file/keys/telegram-token.yaml | 2 +- http/exposures/tokens/adobe/adobe-oauth-secret.yaml | 2 +- http/exposures/tokens/age/age-public-key.yaml | 2 +- http/exposures/tokens/age/age-secret-key.yaml | 2 +- http/exposures/tokens/amazon/aws-account-id.yaml | 2 +- http/exposures/tokens/amazon/aws-api-key.yaml | 2 +- http/exposures/tokens/amazon/aws-session-token.yaml | 2 +- http/exposures/tokens/codeclimate/codeclimate-token.yaml | 2 +- http/exposures/tokens/crates/crates-api-key.yaml | 2 +- http/exposures/tokens/dynatrace/dynatrace-api-token.yaml | 2 +- http/exposures/tokens/facebook/facebook-access-token.yaml | 2 +- http/exposures/tokens/github/github-app.yaml | 2 +- http/exposures/tokens/github/github-oauth-access.yaml | 2 +- http/exposures/tokens/github/github-refresh.yaml | 2 +- http/exposures/tokens/gitlab/gitlab-pipeline-token.yaml | 2 +- http/exposures/tokens/gitlab/gitlab-runner-token.yaml | 2 +- http/exposures/tokens/google/google-client-id.yaml | 2 +- http/exposures/tokens/google/google-oauth-prefixed.yaml | 2 +- http/exposures/tokens/heroku/heroku-api-key.yaml | 2 +- http/exposures/tokens/jenkins/jenkins-crumb-token.yaml | 2 +- http/exposures/tokens/mailgun/mailgun-api-token.yaml | 2 +- http/exposures/tokens/newrelic/newrelic-pixie-api-key.yaml | 2 +- http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml | 2 +- http/exposures/tokens/nuget/nuget-api-key.yaml | 2 +- http/exposures/tokens/openai/openai-api-key.yaml | 2 +- http/exposures/tokens/pypi/pypi-upload-token.yaml | 2 +- http/exposures/tokens/sauce/sauce-token.yaml | 2 +- http/exposures/tokens/segment/segment-public-token.yaml | 2 +- http/exposures/tokens/shopify/shopify-app-secret.yaml | 2 +- http/exposures/tokens/shopify/shopify-customapp-token.yaml | 2 +- http/exposures/tokens/shopify/shopify-legacy-token.yaml | 2 +- http/exposures/tokens/shopify/shopify-public-token.yaml | 2 +- http/exposures/tokens/square/square-access.yaml | 2 +- http/exposures/tokens/square/square-oauth-secret-token.yaml | 2 +- http/exposures/tokens/twilio/twilio-api-key.yaml | 2 +- 60 files changed, 60 insertions(+), 60 deletions(-) diff --git a/file/keys/adobe/adobe-secret.yaml b/file/keys/adobe/adobe-secret.yaml index f062fa3ab117..8cee022b99b1 100644 --- a/file/keys/adobe/adobe-secret.yaml +++ b/file/keys/adobe/adobe-secret.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/adobe.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/adobe.yml - https://developer.adobe.com/developer-console/docs/guides/authentication/ - https://developer.adobe.com/developer-console/docs/guides/authentication/OAuthIntegration/ - https://developer.adobe.com/developer-console/docs/guides/authentication/OAuth/ diff --git a/file/keys/age/age-identity-secret-key.yaml b/file/keys/age/age-identity-secret-key.yaml index 2e5c234590dc..322e662b3a96 100644 --- a/file/keys/age/age-identity-secret-key.yaml +++ b/file/keys/age/age-identity-secret-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/age.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/age.yml - https://github.com/FiloSottile/age/blob/main/doc/age.1.html - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type metadata: diff --git a/file/keys/age/age-recipient-public-key.yaml b/file/keys/age/age-recipient-public-key.yaml index b98e5d286382..bd353ffd3643 100644 --- a/file/keys/age/age-recipient-public-key.yaml +++ b/file/keys/age/age-recipient-public-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/age.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/age.yml - https://github.com/FiloSottile/age/blob/main/doc/age.1.html - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type metadata: diff --git a/file/keys/amazon/amazon-account-id.yaml b/file/keys/amazon/amazon-account-id.yaml index 9a551cc4393b..4e50c540677b 100644 --- a/file/keys/amazon/amazon-account-id.yaml +++ b/file/keys/amazon/amazon-account-id.yaml @@ -6,7 +6,7 @@ info: severity: info description: Amazon Web Services Account ID token was detected. reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/aws.yml classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0 diff --git a/file/keys/amazon/amazon-session-token.yaml b/file/keys/amazon/amazon-session-token.yaml index b8132aa33f16..7ab07a56f68f 100644 --- a/file/keys/amazon/amazon-session-token.yaml +++ b/file/keys/amazon/amazon-session-token.yaml @@ -6,7 +6,7 @@ info: severity: info description: Amazon session token was detected. reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/aws.yml classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0 diff --git a/file/keys/code-climate-token.yaml b/file/keys/code-climate-token.yaml index f6ba80253f76..bb8d6cac751e 100644 --- a/file/keys/code-climate-token.yaml +++ b/file/keys/code-climate-token.yaml @@ -6,7 +6,7 @@ info: severity: info description: Code Climate token was detected. reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/codeclimate.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/codeclimate.yml - https://github.com/codeclimate/ruby-test-reporter/issues/34 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N diff --git a/file/keys/cratesio-api-key.yaml b/file/keys/cratesio-api-key.yaml index 35da802100d8..d895146917ed 100644 --- a/file/keys/cratesio-api-key.yaml +++ b/file/keys/cratesio-api-key.yaml @@ -6,7 +6,7 @@ info: severity: info description: Crates.io API key was detected. reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/crates.io.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/crates.io.yml - https://crates.io/data-access - https://github.com/rust-lang/crates.io/blob/master/src/util/token.rs classification: diff --git a/file/keys/facebook/fb-access-token.yaml b/file/keys/facebook/fb-access-token.yaml index fa5e2635894c..8f4ccc957ed2 100644 --- a/file/keys/facebook/fb-access-token.yaml +++ b/file/keys/facebook/fb-access-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/facebook.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/facebook.yml - https://developers.facebook.com/docs/facebook-login/access-tokens/ metadata: verified: true diff --git a/file/keys/gitlab/gitlab-personal-accesstoken.yaml b/file/keys/gitlab/gitlab-personal-accesstoken.yaml index d32a9759fb44..eb96f55f65c6 100644 --- a/file/keys/gitlab/gitlab-personal-accesstoken.yaml +++ b/file/keys/gitlab/gitlab-personal-accesstoken.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/gitlab.yml - https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html metadata: verified: true diff --git a/file/keys/gitlab/gitlab-pipeline-triggertoken.yaml b/file/keys/gitlab/gitlab-pipeline-triggertoken.yaml index 393d574e1b3c..3342d5ef5cce 100644 --- a/file/keys/gitlab/gitlab-pipeline-triggertoken.yaml +++ b/file/keys/gitlab/gitlab-pipeline-triggertoken.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/gitlab.yml - https://docs.gitlab.com/ee/ci/triggers/ - https://gitlab.com/gitlab-org/gitlab/-/issues/371396 - https://gitlab.com/gitlab-org/gitlab/-/issues/388379 diff --git a/file/keys/gitlab/gitlab-runner-regtoken.yaml b/file/keys/gitlab/gitlab-runner-regtoken.yaml index 96f6724bad0a..d25bd64fee4d 100644 --- a/file/keys/gitlab/gitlab-runner-regtoken.yaml +++ b/file/keys/gitlab/gitlab-runner-regtoken.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/gitlab.yml - https://docs.gitlab.com/runner/security/ - https://docs.gitlab.com/ee/security/token_overview.html#runner-registration-tokens-deprecated - https://docs.gitlab.com/ee/security/token_overview.html#security-considerations diff --git a/file/keys/google/google-clientid.yaml b/file/keys/google/google-clientid.yaml index 6951f87b9dfd..40c9c01e483b 100644 --- a/file/keys/google/google-clientid.yaml +++ b/file/keys/google/google-clientid.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/google.yml metadata: verified: true tags: file,keys,google,token diff --git a/file/keys/google/google-oauth-clientsecret.yaml b/file/keys/google/google-oauth-clientsecret.yaml index 1965fa66c609..7848b6a8b1b0 100644 --- a/file/keys/google/google-oauth-clientsecret.yaml +++ b/file/keys/google/google-oauth-clientsecret.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/google.yml metadata: verified: true tags: file,keys,google,token diff --git a/file/keys/heroku-key.yaml b/file/keys/heroku-key.yaml index ebc2ee493a98..723950ba7502 100644 --- a/file/keys/heroku-key.yaml +++ b/file/keys/heroku-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/heroku.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/heroku.yml - https://devcenter.heroku.com/articles/authentication metadata: verified: true diff --git a/file/keys/jenkins-token.yaml b/file/keys/jenkins-token.yaml index 0e8d11ffea6e..ddc5f8630a62 100644 --- a/file/keys/jenkins-token.yaml +++ b/file/keys/jenkins-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/jenkins.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/jenkins.yml - https://www.jenkins.io/blog/2018/07/02/new-api-token-system/ - https://www.jenkins.io/doc/book/security/csrf-protection/ metadata: diff --git a/file/keys/newrelic/newrelic-pixie-apikey.yaml b/file/keys/newrelic/newrelic-pixie-apikey.yaml index 337c46fa8e85..293d9c28d829 100644 --- a/file/keys/newrelic/newrelic-pixie-apikey.yaml +++ b/file/keys/newrelic/newrelic-pixie-apikey.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml - https://docs.px.dev/reference/admin/api-keys/ metadata: verified: true diff --git a/file/keys/newrelic/newrelic-pixie-deploykey.yaml b/file/keys/newrelic/newrelic-pixie-deploykey.yaml index 4790e9f22e46..960e6064eb37 100644 --- a/file/keys/newrelic/newrelic-pixie-deploykey.yaml +++ b/file/keys/newrelic/newrelic-pixie-deploykey.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml - https://docs.px.dev/reference/admin/api-keys/ metadata: verified: true diff --git a/file/keys/npm-accesstoken.yaml b/file/keys/npm-accesstoken.yaml index 26293518052c..3ab2a20f21ec 100644 --- a/file/keys/npm-accesstoken.yaml +++ b/file/keys/npm-accesstoken.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/npm.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/npm.yml - https://docs.npmjs.com/about-access-tokens - https://github.com/github/roadmap/issues/557 - https://github.blog/changelog/2022-12-06-limit-scope-of-npm-tokens-with-the-new-granular-access-tokens/ diff --git a/file/keys/nuget-key.yaml b/file/keys/nuget-key.yaml index 792536ac1e6e..bd5ada434a5f 100644 --- a/file/keys/nuget-key.yaml +++ b/file/keys/nuget-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/nuget.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/nuget.yml - https://docs.microsoft.com/en-us/nuget/nuget-org/publish-a-package#create-api-keys metadata: verified: true diff --git a/file/keys/openai-key.yaml b/file/keys/openai-key.yaml index 40b5d8597f69..07212c6a2656 100644 --- a/file/keys/openai-key.yaml +++ b/file/keys/openai-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/openai.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/openai.yml - https://platform.openai.com/docs/api-reference - https://platform.openai.com/docs/api-reference/authentication metadata: diff --git a/file/keys/pypi-token.yaml b/file/keys/pypi-token.yaml index 5d8bdd8d0dfd..3beb5d118183 100644 --- a/file/keys/pypi-token.yaml +++ b/file/keys/pypi-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/pypi.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/pypi.yml - https://github.com/pypa/warehouse/issues/6051 - https://pypi.org/project/pypitoken/ metadata: diff --git a/file/keys/rubygems-key.yaml b/file/keys/rubygems-key.yaml index 6e52e72b0a08..f981478c80c0 100644 --- a/file/keys/rubygems-key.yaml +++ b/file/keys/rubygems-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/rubygems.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/rubygems.yml - https://guides.rubygems.org/rubygems-org-api/ - https://guides.rubygems.org/api-key-scopes/ metadata: diff --git a/file/keys/sauce-access-token.yaml b/file/keys/sauce-access-token.yaml index a2fd135b80b4..427380d461ef 100644 --- a/file/keys/sauce-access-token.yaml +++ b/file/keys/sauce-access-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/sauce.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/sauce.yml metadata: verified: true tags: file,keys,sauce,token diff --git a/file/keys/segment-public-api.yaml b/file/keys/segment-public-api.yaml index 46e4d9c3899d..9549463bcaf8 100644 --- a/file/keys/segment-public-api.yaml +++ b/file/keys/segment-public-api.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/segment.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/segment.yml - https://segment.com/docs/api/public-api/ - https://segment.com/blog/how-segment-proactively-protects-customer-api-tokens/ metadata: diff --git a/file/keys/shopify-public-access.yaml b/file/keys/shopify-public-access.yaml index 2239e0a9c077..85f4e38e2088 100644 --- a/file/keys/shopify-public-access.yaml +++ b/file/keys/shopify-public-access.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/shopify.yml - https://shopify.dev/apps/auth - https://shopify.dev/changelog/app-secret-key-length-has-increased metadata: diff --git a/file/keys/telegram-token.yaml b/file/keys/telegram-token.yaml index 854318cb0c59..62191777ff34 100644 --- a/file/keys/telegram-token.yaml +++ b/file/keys/telegram-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/telegram.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/telegram.yml - https://core.telegram.org/bots/api - https://core.telegram.org/bots/features#botfather metadata: diff --git a/http/exposures/tokens/adobe/adobe-oauth-secret.yaml b/http/exposures/tokens/adobe/adobe-oauth-secret.yaml index d113071fa272..32f3ae62df68 100644 --- a/http/exposures/tokens/adobe/adobe-oauth-secret.yaml +++ b/http/exposures/tokens/adobe/adobe-oauth-secret.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/adobe.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/adobe.yml - https://developer.adobe.com/developer-console/docs/guides/authentication/ - https://developer.adobe.com/developer-console/docs/guides/authentication/OAuthIntegration/ - https://developer.adobe.com/developer-console/docs/guides/authentication/OAuth/ diff --git a/http/exposures/tokens/age/age-public-key.yaml b/http/exposures/tokens/age/age-public-key.yaml index 7a1ca051294f..5ec28c36249c 100644 --- a/http/exposures/tokens/age/age-public-key.yaml +++ b/http/exposures/tokens/age/age-public-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/age.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/age.yml - https://github.com/FiloSottile/age/blob/main/doc/age.1.html - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type metadata: diff --git a/http/exposures/tokens/age/age-secret-key.yaml b/http/exposures/tokens/age/age-secret-key.yaml index 172f3abea5be..0825dd548367 100644 --- a/http/exposures/tokens/age/age-secret-key.yaml +++ b/http/exposures/tokens/age/age-secret-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/age.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/age.yml - https://github.com/FiloSottile/age/blob/main/doc/age.1.html - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type metadata: diff --git a/http/exposures/tokens/amazon/aws-account-id.yaml b/http/exposures/tokens/amazon/aws-account-id.yaml index 5f5a9a2ef064..4209d5aed2e1 100644 --- a/http/exposures/tokens/amazon/aws-account-id.yaml +++ b/http/exposures/tokens/amazon/aws-account-id.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/aws.yml metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/amazon/aws-api-key.yaml b/http/exposures/tokens/amazon/aws-api-key.yaml index d630db2074ee..5558504347dd 100644 --- a/http/exposures/tokens/amazon/aws-api-key.yaml +++ b/http/exposures/tokens/amazon/aws-api-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/aws.yml - https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html - https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html diff --git a/http/exposures/tokens/amazon/aws-session-token.yaml b/http/exposures/tokens/amazon/aws-session-token.yaml index 69ff0bb3c42f..39d0310527cd 100644 --- a/http/exposures/tokens/amazon/aws-session-token.yaml +++ b/http/exposures/tokens/amazon/aws-session-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/aws.yml metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/codeclimate/codeclimate-token.yaml b/http/exposures/tokens/codeclimate/codeclimate-token.yaml index 68acd3d637d0..2d47af962113 100644 --- a/http/exposures/tokens/codeclimate/codeclimate-token.yaml +++ b/http/exposures/tokens/codeclimate/codeclimate-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/codeclimate.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/codeclimate.yml - https://github.com/codeclimate/ruby-test-reporter/issues/34 metadata: verified: true diff --git a/http/exposures/tokens/crates/crates-api-key.yaml b/http/exposures/tokens/crates/crates-api-key.yaml index 0a5061f611a8..e462e4251ea7 100644 --- a/http/exposures/tokens/crates/crates-api-key.yaml +++ b/http/exposures/tokens/crates/crates-api-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/crates.io.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/crates.io.yml - https://crates.io/data-access - https://github.com/rust-lang/crates.io/blob/master/src/util/token.rs metadata: diff --git a/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml b/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml index 3832aefe618c..27bf23d1f4d0 100644 --- a/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml +++ b/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/dynatrace.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dynatrace.yml metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/facebook/facebook-access-token.yaml b/http/exposures/tokens/facebook/facebook-access-token.yaml index 1453c073a28b..5265098758dd 100644 --- a/http/exposures/tokens/facebook/facebook-access-token.yaml +++ b/http/exposures/tokens/facebook/facebook-access-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/facebook.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/facebook.yml - https://developers.facebook.com/docs/facebook-login/access-tokens/ metadata: verified: true diff --git a/http/exposures/tokens/github/github-app.yaml b/http/exposures/tokens/github/github-app.yaml index edec4c6f6921..cf18c988d1a6 100644 --- a/http/exposures/tokens/github/github-app.yaml +++ b/http/exposures/tokens/github/github-app.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/github.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/github.yml - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps - https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ diff --git a/http/exposures/tokens/github/github-oauth-access.yaml b/http/exposures/tokens/github/github-oauth-access.yaml index 7b7f67b41ed4..633cb47cad44 100644 --- a/http/exposures/tokens/github/github-oauth-access.yaml +++ b/http/exposures/tokens/github/github-oauth-access.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/github.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/github.yml - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps - https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ diff --git a/http/exposures/tokens/github/github-refresh.yaml b/http/exposures/tokens/github/github-refresh.yaml index 718537975d1b..622609467c69 100644 --- a/http/exposures/tokens/github/github-refresh.yaml +++ b/http/exposures/tokens/github/github-refresh.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/github.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/github.yml - https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/about-authentication-to-github - https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps - https://github.blog/2021-04-05-behind-githubs-new-authentication-token-formats/ diff --git a/http/exposures/tokens/gitlab/gitlab-pipeline-token.yaml b/http/exposures/tokens/gitlab/gitlab-pipeline-token.yaml index d7f85fe3cf02..0a50969234c0 100644 --- a/http/exposures/tokens/gitlab/gitlab-pipeline-token.yaml +++ b/http/exposures/tokens/gitlab/gitlab-pipeline-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/gitlab.yml - https://docs.gitlab.com/ee/ci/triggers/ - https://gitlab.com/gitlab-org/gitlab/-/issues/371396 - https://gitlab.com/gitlab-org/gitlab/-/issues/388379 diff --git a/http/exposures/tokens/gitlab/gitlab-runner-token.yaml b/http/exposures/tokens/gitlab/gitlab-runner-token.yaml index 40dda51a992f..bf325e25b09e 100644 --- a/http/exposures/tokens/gitlab/gitlab-runner-token.yaml +++ b/http/exposures/tokens/gitlab/gitlab-runner-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/gitlab.yml - https://docs.gitlab.com/runner/security/ - https://docs.gitlab.com/ee/security/token_overview.html#runner-registration-tokens-deprecated - https://docs.gitlab.com/ee/security/token_overview.html#security-considerations diff --git a/http/exposures/tokens/google/google-client-id.yaml b/http/exposures/tokens/google/google-client-id.yaml index f60d8c7fccba..602c5530b8f3 100644 --- a/http/exposures/tokens/google/google-client-id.yaml +++ b/http/exposures/tokens/google/google-client-id.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/google.yml metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/google/google-oauth-prefixed.yaml b/http/exposures/tokens/google/google-oauth-prefixed.yaml index 4364ac4e7edf..39723d64b790 100644 --- a/http/exposures/tokens/google/google-oauth-prefixed.yaml +++ b/http/exposures/tokens/google/google-oauth-prefixed.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/google.yml metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/heroku/heroku-api-key.yaml b/http/exposures/tokens/heroku/heroku-api-key.yaml index 18048034c11e..2b091d19e227 100644 --- a/http/exposures/tokens/heroku/heroku-api-key.yaml +++ b/http/exposures/tokens/heroku/heroku-api-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/heroku.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/heroku.yml - https://devcenter.heroku.com/articles/authentication metadata: verified: true diff --git a/http/exposures/tokens/jenkins/jenkins-crumb-token.yaml b/http/exposures/tokens/jenkins/jenkins-crumb-token.yaml index f240990014af..392d1f5f25e4 100644 --- a/http/exposures/tokens/jenkins/jenkins-crumb-token.yaml +++ b/http/exposures/tokens/jenkins/jenkins-crumb-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/jenkins.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/jenkins.yml - https://www.jenkins.io/blog/2018/07/02/new-api-token-system/ - https://www.jenkins.io/doc/book/security/csrf-protection/ metadata: diff --git a/http/exposures/tokens/mailgun/mailgun-api-token.yaml b/http/exposures/tokens/mailgun/mailgun-api-token.yaml index a5f16763cd9c..2baf5b0ebcbd 100644 --- a/http/exposures/tokens/mailgun/mailgun-api-token.yaml +++ b/http/exposures/tokens/mailgun/mailgun-api-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/mailgun.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/mailgun.yml - https://documentation.mailgun.com/en/latest/api-intro.html#authentication-1 metadata: verified: true diff --git a/http/exposures/tokens/newrelic/newrelic-pixie-api-key.yaml b/http/exposures/tokens/newrelic/newrelic-pixie-api-key.yaml index c9bd4f31e185..acb1daeee486 100644 --- a/http/exposures/tokens/newrelic/newrelic-pixie-api-key.yaml +++ b/http/exposures/tokens/newrelic/newrelic-pixie-api-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml - https://docs.px.dev/reference/admin/api-keys/ metadata: verified: true diff --git a/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml b/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml index 461b315ae74c..b929ebfc6142 100644 --- a/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml +++ b/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml - https://docs.px.dev/reference/admin/api-keys/ metadata: verified: true diff --git a/http/exposures/tokens/nuget/nuget-api-key.yaml b/http/exposures/tokens/nuget/nuget-api-key.yaml index b05633ad9901..4fb33aca1ea3 100644 --- a/http/exposures/tokens/nuget/nuget-api-key.yaml +++ b/http/exposures/tokens/nuget/nuget-api-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/nuget.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/nuget.yml - https://docs.microsoft.com/en-us/nuget/nuget-org/publish-a-package#create-api-keys metadata: verified: true diff --git a/http/exposures/tokens/openai/openai-api-key.yaml b/http/exposures/tokens/openai/openai-api-key.yaml index 44ce511b7fbb..511ae839d0f3 100644 --- a/http/exposures/tokens/openai/openai-api-key.yaml +++ b/http/exposures/tokens/openai/openai-api-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/openai.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/openai.yml - https://platform.openai.com/docs/api-reference - https://platform.openai.com/docs/api-reference/authentication metadata: diff --git a/http/exposures/tokens/pypi/pypi-upload-token.yaml b/http/exposures/tokens/pypi/pypi-upload-token.yaml index 95b289140fa2..ee40c19c9197 100644 --- a/http/exposures/tokens/pypi/pypi-upload-token.yaml +++ b/http/exposures/tokens/pypi/pypi-upload-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/pypi.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/pypi.yml - https://github.com/pypa/warehouse/issues/6051 - https://pypi.org/project/pypitoken/ metadata: diff --git a/http/exposures/tokens/sauce/sauce-token.yaml b/http/exposures/tokens/sauce/sauce-token.yaml index 2b1ee6b47ba0..b2ef41f36228 100644 --- a/http/exposures/tokens/sauce/sauce-token.yaml +++ b/http/exposures/tokens/sauce/sauce-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/sauce.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/sauce.yml metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/segment/segment-public-token.yaml b/http/exposures/tokens/segment/segment-public-token.yaml index 304c90621c2e..939b17d69106 100644 --- a/http/exposures/tokens/segment/segment-public-token.yaml +++ b/http/exposures/tokens/segment/segment-public-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/segment.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/segment.yml - https://segment.com/docs/api/public-api/ - https://segment.com/blog/how-segment-proactively-protects-customer-api-tokens/ metadata: diff --git a/http/exposures/tokens/shopify/shopify-app-secret.yaml b/http/exposures/tokens/shopify/shopify-app-secret.yaml index 4b2177feb821..7685657db02b 100644 --- a/http/exposures/tokens/shopify/shopify-app-secret.yaml +++ b/http/exposures/tokens/shopify/shopify-app-secret.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/shopify.yml - https://shopify.dev/apps/auth - https://shopify.dev/changelog/app-secret-key-length-has-increased metadata: diff --git a/http/exposures/tokens/shopify/shopify-customapp-token.yaml b/http/exposures/tokens/shopify/shopify-customapp-token.yaml index a38471d362ab..34eb89dcb04d 100644 --- a/http/exposures/tokens/shopify/shopify-customapp-token.yaml +++ b/http/exposures/tokens/shopify/shopify-customapp-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/shopify.yml - https://shopify.dev/apps/auth - https://shopify.dev/changelog/app-secret-key-length-has-increased metadata: diff --git a/http/exposures/tokens/shopify/shopify-legacy-token.yaml b/http/exposures/tokens/shopify/shopify-legacy-token.yaml index 0257802dba78..79b06e6afdfd 100644 --- a/http/exposures/tokens/shopify/shopify-legacy-token.yaml +++ b/http/exposures/tokens/shopify/shopify-legacy-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/shopify.yml - https://shopify.dev/apps/auth - https://shopify.dev/changelog/app-secret-key-length-has-increased metadata: diff --git a/http/exposures/tokens/shopify/shopify-public-token.yaml b/http/exposures/tokens/shopify/shopify-public-token.yaml index 9c833ecdf201..07c48c473ce4 100644 --- a/http/exposures/tokens/shopify/shopify-public-token.yaml +++ b/http/exposures/tokens/shopify/shopify-public-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/shopify.yml - https://shopify.dev/apps/auth - https://shopify.dev/changelog/app-secret-key-length-has-increased metadata: diff --git a/http/exposures/tokens/square/square-access.yaml b/http/exposures/tokens/square/square-access.yaml index e0d2d3ed9255..672a57a38c91 100644 --- a/http/exposures/tokens/square/square-access.yaml +++ b/http/exposures/tokens/square/square-access.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://developer.squareup.com/docs/build-basics/access-tokens - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/square.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/square.yml - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/square-access-token.yaml metadata: verified: true diff --git a/http/exposures/tokens/square/square-oauth-secret-token.yaml b/http/exposures/tokens/square/square-oauth-secret-token.yaml index 039d93c9d09b..ec0096858df8 100644 --- a/http/exposures/tokens/square/square-oauth-secret-token.yaml +++ b/http/exposures/tokens/square/square-oauth-secret-token.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/square.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/square.yml metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index 2838020e1f61..bb25340ec764 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info reference: - - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/twilio.yml + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twilio.yml metadata: verified: true max-request: 1 From 85839b8b9c8639414e2aebb3862360fb634bad62 Mon Sep 17 00:00:00 2001 From: Adam Powell Date: Tue, 22 Apr 2025 15:46:46 -0400 Subject: [PATCH 2/4] Add reference to Sauce Labs documentation taken directly from "noseyparker" (after verifying that the URL is valid) --- http/exposures/tokens/sauce/sauce-token.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/http/exposures/tokens/sauce/sauce-token.yaml b/http/exposures/tokens/sauce/sauce-token.yaml index b2ef41f36228..b98db11643f8 100644 --- a/http/exposures/tokens/sauce/sauce-token.yaml +++ b/http/exposures/tokens/sauce/sauce-token.yaml @@ -6,6 +6,7 @@ info: severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/sauce.yml + - https://docs.saucelabs.com/dev/api/ metadata: verified: true max-request: 1 From 0d4a1455eb2dcf61f3ff2e55ae2a6da3e87845c2 Mon Sep 17 00:00:00 2001 From: Adam Powell Date: Tue, 22 Apr 2025 16:54:58 -0400 Subject: [PATCH 3/4] Add references to documentation taken directly from "noseyparker" repo. --- http/exposures/tokens/adafruit/adafruit-api-key.yaml | 1 + http/exposures/tokens/age/age-public-key.yaml | 1 + http/exposures/tokens/age/age-secret-key.yaml | 1 + .../exposures/tokens/artifactory/artifactory-api-password.yaml | 2 ++ http/exposures/tokens/artifactory/artifactory-api-token.yaml | 2 ++ http/exposures/tokens/codeclimate/codeclimate-token.yaml | 1 + http/exposures/tokens/databricks/databricks-token.yaml | 1 + http/exposures/tokens/dynatrace/dynatrace-api-token.yaml | 2 ++ http/exposures/tokens/figma/figma-personal-token.yaml | 1 + http/exposures/tokens/google/google-api-key.yaml | 3 +++ http/exposures/tokens/grafana/grafana-cloud-token.yaml | 1 + http/exposures/tokens/grafana/grafana-key.yaml | 1 + .../exposures/tokens/grafana/grafana-serviceaccount-token.yaml | 1 + http/exposures/tokens/hashicorp/hashicorp-token.yaml | 1 + http/exposures/tokens/mailchimp/mailchimp-api-key.yaml | 2 ++ http/exposures/tokens/mapbox/mapbox-token-disclosure.yaml | 2 ++ http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml | 2 ++ http/exposures/tokens/newrelic/newrelic-admin-api-key.yaml | 2 ++ http/exposures/tokens/newrelic/newrelic-insights-key.yaml | 2 ++ http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml | 2 +- http/exposures/tokens/newrelic/newrelic-rest-api-key.yaml | 2 ++ http/exposures/tokens/odbc/odbc-connection-string.yaml | 2 ++ http/exposures/tokens/postman/postman-key.yaml | 1 + http/exposures/tokens/salesforce/salesforce-access-token.yaml | 2 ++ http/exposures/tokens/sendgrid/sendgrid-api-key.yaml | 1 + .../tokens/shopify/shopify-private-app-access-token.yaml | 2 ++ http/exposures/tokens/shopify/shopify-shared-secret.yaml | 1 + http/exposures/tokens/slack/slack-app-token.yaml | 2 ++ http/exposures/tokens/slack/slack-config-access-token.yaml | 1 + http/exposures/tokens/slack/slack-config-refresh-token.yaml | 1 + http/exposures/tokens/slack/slack-user-token.yaml | 1 + http/exposures/tokens/slack/slack-webhook-token.yaml | 1 + http/exposures/tokens/sonarqube/sonarqube-token.yaml | 2 ++ http/exposures/tokens/stackhawk/stackhawk-api.yaml | 1 + http/exposures/tokens/stripe/stripe-access-token.yaml | 1 + http/exposures/tokens/stripe/stripe-restricted-key.yaml | 2 ++ http/exposures/tokens/stripe/stripe-secret-key.yaml | 2 ++ .../exposures/tokens/thingsboard/thingsboard-access-token.yaml | 1 + http/exposures/tokens/twilio/twilio-api-key.yaml | 1 + http/exposures/tokens/twitter/twitter-api-key.yaml | 1 + http/exposures/tokens/twitter/twitter-api-secret.yaml | 1 + http/exposures/tokens/twitter/twitter-bearer-token.yaml | 1 + 42 files changed, 60 insertions(+), 1 deletion(-) diff --git a/http/exposures/tokens/adafruit/adafruit-api-key.yaml b/http/exposures/tokens/adafruit/adafruit-api-key.yaml index 6141b2a35219..a6da552dd794 100644 --- a/http/exposures/tokens/adafruit/adafruit-api-key.yaml +++ b/http/exposures/tokens/adafruit/adafruit-api-key.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adafruit-api-key.yaml - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adafruit-api-key.go + - https://io.adafruit.com/api/docs metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/age/age-public-key.yaml b/http/exposures/tokens/age/age-public-key.yaml index 5ec28c36249c..0a4e1d08e995 100644 --- a/http/exposures/tokens/age/age-public-key.yaml +++ b/http/exposures/tokens/age/age-public-key.yaml @@ -8,6 +8,7 @@ info: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/age.yml - https://github.com/FiloSottile/age/blob/main/doc/age.1.html - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type + - https://age-encryption.org metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/age/age-secret-key.yaml b/http/exposures/tokens/age/age-secret-key.yaml index 0825dd548367..a26ad640b460 100644 --- a/http/exposures/tokens/age/age-secret-key.yaml +++ b/http/exposures/tokens/age/age-secret-key.yaml @@ -8,6 +8,7 @@ info: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/age.yml - https://github.com/FiloSottile/age/blob/main/doc/age.1.html - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type + - https://age-encryption.org metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/artifactory/artifactory-api-password.yaml b/http/exposures/tokens/artifactory/artifactory-api-password.yaml index 2e5e1fff8c06..4290d6a1ac93 100755 --- a/http/exposures/tokens/artifactory/artifactory-api-password.yaml +++ b/http/exposures/tokens/artifactory/artifactory-api-password.yaml @@ -4,6 +4,8 @@ info: name: Artifactory Password Disclosure author: Ice3man severity: info + reference: + - - https://jfrog.com/help/r/jfrog-rest-apis/introduction-to-the-artifactory-rest-apis metadata: max-request: 1 tags: exposure,token,artifactory diff --git a/http/exposures/tokens/artifactory/artifactory-api-token.yaml b/http/exposures/tokens/artifactory/artifactory-api-token.yaml index f493cfdc0691..ecdabd6b9196 100755 --- a/http/exposures/tokens/artifactory/artifactory-api-token.yaml +++ b/http/exposures/tokens/artifactory/artifactory-api-token.yaml @@ -4,6 +4,8 @@ info: name: Artifactory API Token Disclosure author: Ice3man severity: info + reference: + - https://jfrog.com/help/r/jfrog-rest-apis/introduction-to-the-artifactory-rest-apis metadata: max-request: 1 tags: exposure,token,artifactory diff --git a/http/exposures/tokens/codeclimate/codeclimate-token.yaml b/http/exposures/tokens/codeclimate/codeclimate-token.yaml index 2d47af962113..081a3b8d2165 100644 --- a/http/exposures/tokens/codeclimate/codeclimate-token.yaml +++ b/http/exposures/tokens/codeclimate/codeclimate-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/codeclimate.yml - https://github.com/codeclimate/ruby-test-reporter/issues/34 + - https://docs.codeclimate.com/docs/finding-your-test-coverage-token#should-i-keep-my-test-reporter-id-secret metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/databricks/databricks-token.yaml b/http/exposures/tokens/databricks/databricks-token.yaml index 39362f25d8eb..c2ecef3d7d83 100644 --- a/http/exposures/tokens/databricks/databricks-token.yaml +++ b/http/exposures/tokens/databricks/databricks-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.yaml - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.go + - https://docs.databricks.com/en/dev-tools/auth/pat.html metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml b/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml index 27bf23d1f4d0..9706337fe3c3 100644 --- a/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml +++ b/http/exposures/tokens/dynatrace/dynatrace-api-token.yaml @@ -6,6 +6,8 @@ info: severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dynatrace.yml + - https://www.dynatrace.com/support/help/dynatrace-api + - https://www.dynatrace.com/support/help/dynatrace-api/basics/dynatrace-api-authentication metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/figma/figma-personal-token.yaml b/http/exposures/tokens/figma/figma-personal-token.yaml index 153843e0b07e..aada6aa6f89a 100644 --- a/http/exposures/tokens/figma/figma-personal-token.yaml +++ b/http/exposures/tokens/figma/figma-personal-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/figma.yml - https://www.figma.com/developers/api + - https://www.figma.com/developers/api#access-tokens metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/google/google-api-key.yaml b/http/exposures/tokens/google/google-api-key.yaml index b4b2ec6a1729..82844e1735e2 100644 --- a/http/exposures/tokens/google/google-api-key.yaml +++ b/http/exposures/tokens/google/google-api-key.yaml @@ -4,6 +4,9 @@ info: name: Google API Key author: Swissky severity: info + reference: + - https://cloud.google.com/docs/authentication/api-keys#securing + - https://support.google.com/googleapi/answer/6310037 metadata: max-request: 2 tags: exposure,token,google diff --git a/http/exposures/tokens/grafana/grafana-cloud-token.yaml b/http/exposures/tokens/grafana/grafana-cloud-token.yaml index 80ec026902f6..b5488500cfe8 100644 --- a/http/exposures/tokens/grafana/grafana-cloud-token.yaml +++ b/http/exposures/tokens/grafana/grafana-cloud-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.yaml - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.go + - https://grafana.com/docs/grafana-cloud/api-reference/cloud-api/ metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/grafana/grafana-key.yaml b/http/exposures/tokens/grafana/grafana-key.yaml index 202fa5e3968e..9379af7b7579 100644 --- a/http/exposures/tokens/grafana/grafana-key.yaml +++ b/http/exposures/tokens/grafana/grafana-key.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.yaml - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.go + - https://grafana.com/docs/grafana/latest/developers/http_api/auth/ metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml b/http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml index 1a22725d2c8a..afbc056f747d 100644 --- a/http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml +++ b/http/exposures/tokens/grafana/grafana-serviceaccount-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.yaml - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.go + - https://grafana.com/docs/grafana/latest/administration/service-accounts/ metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/hashicorp/hashicorp-token.yaml b/http/exposures/tokens/hashicorp/hashicorp-token.yaml index 0b310ecfd0eb..51dc9ba495c9 100644 --- a/http/exposures/tokens/hashicorp/hashicorp-token.yaml +++ b/http/exposures/tokens/hashicorp/hashicorp-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.go - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.yaml + - https://developer.hashicorp.com/vault/docs/concepts/tokens metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/mailchimp/mailchimp-api-key.yaml b/http/exposures/tokens/mailchimp/mailchimp-api-key.yaml index b46b8aa3160c..db272b449afc 100644 --- a/http/exposures/tokens/mailchimp/mailchimp-api-key.yaml +++ b/http/exposures/tokens/mailchimp/mailchimp-api-key.yaml @@ -4,6 +4,8 @@ info: name: Mailchimp API Value author: puzzlepeaches severity: info + reference: + - https://mailchimp.com/help/about-api-keys/ metadata: max-request: 1 tags: exposure,token,mailchimp diff --git a/http/exposures/tokens/mapbox/mapbox-token-disclosure.yaml b/http/exposures/tokens/mapbox/mapbox-token-disclosure.yaml index f83263d578be..c2f17a1a47ed 100644 --- a/http/exposures/tokens/mapbox/mapbox-token-disclosure.yaml +++ b/http/exposures/tokens/mapbox/mapbox-token-disclosure.yaml @@ -8,6 +8,8 @@ info: reference: - https://docs.gitguardian.com/secrets-detection/detectors/specifics/mapbox_token - https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/mapbox.go + - https://docs.mapbox.com/api/accounts/tokens/#token-format + - https://docs.mapbox.com/help/getting-started/access-tokens/ metadata: verified: true max-request: 2 diff --git a/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml b/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml index 8450f6c4068e..ed0209efa6c9 100755 --- a/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml +++ b/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml @@ -4,6 +4,8 @@ info: name: Microsoft Teams Webhook Disclosure author: Ice3man severity: info + reference: + - https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/what-are-webhooks-and-connectors metadata: max-request: 1 tags: exposure,token,microsoft diff --git a/http/exposures/tokens/newrelic/newrelic-admin-api-key.yaml b/http/exposures/tokens/newrelic/newrelic-admin-api-key.yaml index b33f906ca2ca..e3033ec83eba 100644 --- a/http/exposures/tokens/newrelic/newrelic-admin-api-key.yaml +++ b/http/exposures/tokens/newrelic/newrelic-admin-api-key.yaml @@ -4,6 +4,8 @@ info: name: Admin API Key Disclosure author: Ice3man severity: info + reference: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#admin-keys metadata: max-request: 1 tags: exposure,token diff --git a/http/exposures/tokens/newrelic/newrelic-insights-key.yaml b/http/exposures/tokens/newrelic/newrelic-insights-key.yaml index 7def3cdc5ac5..5ebc1b91301e 100644 --- a/http/exposures/tokens/newrelic/newrelic-insights-key.yaml +++ b/http/exposures/tokens/newrelic/newrelic-insights-key.yaml @@ -4,6 +4,8 @@ info: name: Insights Keys Disclosure author: Ice3man severity: info + reference: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#insights-insert-key metadata: max-request: 1 tags: exposure,token diff --git a/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml b/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml index b929ebfc6142..12087c475123 100644 --- a/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml +++ b/http/exposures/tokens/newrelic/newrelic-pixie-deploy-key.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml - - https://docs.px.dev/reference/admin/api-keys/ + - https://docs.px.dev/reference/admin/deploy-keys/ metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/newrelic/newrelic-rest-api-key.yaml b/http/exposures/tokens/newrelic/newrelic-rest-api-key.yaml index e69ebbe17e88..40220a6674b1 100644 --- a/http/exposures/tokens/newrelic/newrelic-rest-api-key.yaml +++ b/http/exposures/tokens/newrelic/newrelic-rest-api-key.yaml @@ -4,6 +4,8 @@ info: name: REST API Key Disclosure author: Ice3man severity: info + reference: + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#rest-api-key metadata: max-request: 1 tags: exposure,token diff --git a/http/exposures/tokens/odbc/odbc-connection-string.yaml b/http/exposures/tokens/odbc/odbc-connection-string.yaml index 52efcf2c2692..259e9a8af707 100644 --- a/http/exposures/tokens/odbc/odbc-connection-string.yaml +++ b/http/exposures/tokens/odbc/odbc-connection-string.yaml @@ -6,6 +6,8 @@ info: severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/odbc.yml + - https://docs.aws.amazon.com/redshift/latest/mgmt/configure-odbc-connection.html + - https://docs.microsoft.com/en-us/azure/data-explorer/kusto/api/connection-strings/kusto metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/postman/postman-key.yaml b/http/exposures/tokens/postman/postman-key.yaml index cb9666ee1e56..53930e288663 100644 --- a/http/exposures/tokens/postman/postman-key.yaml +++ b/http/exposures/tokens/postman/postman-key.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/postman.yml - https://learning.postman.com/docs/developer/intro-api/ + - https://learning.postman.com/docs/developer/postman-api/authentication/ metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/salesforce/salesforce-access-token.yaml b/http/exposures/tokens/salesforce/salesforce-access-token.yaml index 6659c2902c99..801a5dabf022 100644 --- a/http/exposures/tokens/salesforce/salesforce-access-token.yaml +++ b/http/exposures/tokens/salesforce/salesforce-access-token.yaml @@ -6,6 +6,8 @@ info: severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/salesforce.yml + - https://help.salesforce.com/s/articleView?id=sf.remoteaccess_access_tokens.htm&type=5 + - https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/quickstart_oauth.htm metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/sendgrid/sendgrid-api-key.yaml b/http/exposures/tokens/sendgrid/sendgrid-api-key.yaml index 887af0d65a3c..45003333c515 100644 --- a/http/exposures/tokens/sendgrid/sendgrid-api-key.yaml +++ b/http/exposures/tokens/sendgrid/sendgrid-api-key.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/sendgrid-api-token.go - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/sendgrid-api-token.yaml + - https://docs.sendgrid.com/ui/account-and-settings/api-keys metadata: max-request: 1 tags: exposure,token,sendgrid diff --git a/http/exposures/tokens/shopify/shopify-private-app-access-token.yaml b/http/exposures/tokens/shopify/shopify-private-app-access-token.yaml index a5bead3a30ad..5ab1af66ce80 100644 --- a/http/exposures/tokens/shopify/shopify-private-app-access-token.yaml +++ b/http/exposures/tokens/shopify/shopify-private-app-access-token.yaml @@ -7,6 +7,8 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/shopify-private-app-access-token.yaml - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/shopify-private-app-access-token.go + - https://shopify.dev/apps/auth + - https://shopify.dev/changelog/length-of-the-shopify-access-token-is-increasing metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/shopify/shopify-shared-secret.yaml b/http/exposures/tokens/shopify/shopify-shared-secret.yaml index 7cd25827d2a1..5693dfbc0ac7 100644 --- a/http/exposures/tokens/shopify/shopify-shared-secret.yaml +++ b/http/exposures/tokens/shopify/shopify-shared-secret.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/shopify-shared-secret.yaml - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/shopify-shared-secret.go + - https://shopify.dev/apps/auth metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/slack/slack-app-token.yaml b/http/exposures/tokens/slack/slack-app-token.yaml index 9910c0d76608..11688b6430d7 100644 --- a/http/exposures/tokens/slack/slack-app-token.yaml +++ b/http/exposures/tokens/slack/slack-app-token.yaml @@ -7,6 +7,8 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-app-token.txt - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-app-token.yaml + - https://api.slack.com/authentication + - https://api.slack.com/authentication/best-practices metadata: max-request: 1 tags: exposure,token,slack diff --git a/http/exposures/tokens/slack/slack-config-access-token.yaml b/http/exposures/tokens/slack/slack-config-access-token.yaml index 610641d71e8a..ad83fb3d0d81 100644 --- a/http/exposures/tokens/slack/slack-config-access-token.yaml +++ b/http/exposures/tokens/slack/slack-config-access-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-config-access-token.txt - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-config-access-token.yaml + - https://api.slack.com/authentication metadata: max-request: 1 tags: exposure,token,slack diff --git a/http/exposures/tokens/slack/slack-config-refresh-token.yaml b/http/exposures/tokens/slack/slack-config-refresh-token.yaml index 8b610c062f7f..8839658f4683 100644 --- a/http/exposures/tokens/slack/slack-config-refresh-token.yaml +++ b/http/exposures/tokens/slack/slack-config-refresh-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-config-refresh-token.txt - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-config-refresh-token.yaml + - https://api.slack.com/authentication metadata: max-request: 1 tags: exposure,token,slack diff --git a/http/exposures/tokens/slack/slack-user-token.yaml b/http/exposures/tokens/slack/slack-user-token.yaml index 4ea7209bbf6d..bfcafb6de19e 100644 --- a/http/exposures/tokens/slack/slack-user-token.yaml +++ b/http/exposures/tokens/slack/slack-user-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/slack.yml - https://api.slack.com/methods/users.list/test + - https://api.slack.com/authentication - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-user-token.yaml - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-user-token.txt metadata: diff --git a/http/exposures/tokens/slack/slack-webhook-token.yaml b/http/exposures/tokens/slack/slack-webhook-token.yaml index 7628f580a537..742e9178ba1a 100755 --- a/http/exposures/tokens/slack/slack-webhook-token.yaml +++ b/http/exposures/tokens/slack/slack-webhook-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-webhook-url.go - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/slack-webhook-url.yaml + - https://api.slack.com/messaging/webhooks metadata: max-request: 1 tags: exposure,token,slack diff --git a/http/exposures/tokens/sonarqube/sonarqube-token.yaml b/http/exposures/tokens/sonarqube/sonarqube-token.yaml index 5d1b5f16ec05..46dc24fa4dfc 100755 --- a/http/exposures/tokens/sonarqube/sonarqube-token.yaml +++ b/http/exposures/tokens/sonarqube/sonarqube-token.yaml @@ -4,6 +4,8 @@ info: name: SonarQube Token Disclosure author: Ice3man severity: info + reference: + - https://docs.sonarqube.org/latest/user-guide/user-token/ metadata: max-request: 1 tags: exposure,token,sonarqube diff --git a/http/exposures/tokens/stackhawk/stackhawk-api.yaml b/http/exposures/tokens/stackhawk/stackhawk-api.yaml index f622635365c3..117a17c5eac0 100644 --- a/http/exposures/tokens/stackhawk/stackhawk-api.yaml +++ b/http/exposures/tokens/stackhawk/stackhawk-api.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/stackhawk.yml - https://apidocs.stackhawk.com/reference/login + - https://docs.stackhawk.com/web-app/ metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/stripe/stripe-access-token.yaml b/http/exposures/tokens/stripe/stripe-access-token.yaml index ed2db7b4c4d5..9eebe0c98ff2 100644 --- a/http/exposures/tokens/stripe/stripe-access-token.yaml +++ b/http/exposures/tokens/stripe/stripe-access-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/stripe-access-token.go - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/stripe-access-token.yaml + - https://stripe.com/docs/keys metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/stripe/stripe-restricted-key.yaml b/http/exposures/tokens/stripe/stripe-restricted-key.yaml index 8b32d4f7fee9..187a6abc9beb 100755 --- a/http/exposures/tokens/stripe/stripe-restricted-key.yaml +++ b/http/exposures/tokens/stripe/stripe-restricted-key.yaml @@ -4,6 +4,8 @@ info: name: Stripe Restricted Key Disclosure author: Ice3man severity: info + reference: + - https://stripe.com/docs/keys metadata: max-request: 1 tags: exposure,token,stripe diff --git a/http/exposures/tokens/stripe/stripe-secret-key.yaml b/http/exposures/tokens/stripe/stripe-secret-key.yaml index d87519c13ba6..c0c898fd94b2 100755 --- a/http/exposures/tokens/stripe/stripe-secret-key.yaml +++ b/http/exposures/tokens/stripe/stripe-secret-key.yaml @@ -4,6 +4,8 @@ info: name: Stripe Secret Key Disclosure author: Ice3man severity: high + reference: + - https://stripe.com/docs/keys metadata: max-request: 2 verified: true diff --git a/http/exposures/tokens/thingsboard/thingsboard-access-token.yaml b/http/exposures/tokens/thingsboard/thingsboard-access-token.yaml index 8eab34b231e0..4a00967193e3 100644 --- a/http/exposures/tokens/thingsboard/thingsboard-access-token.yaml +++ b/http/exposures/tokens/thingsboard/thingsboard-access-token.yaml @@ -8,6 +8,7 @@ info: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/thingsboard.yml - https://thingsboard.io/docs/paas/reference/http-api/ - https://thingsboard.io/docs/paas/reference/coap-api/ + - https://thingsboard.io/docs/paas/user-guide/device-provisioning/ metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/twilio/twilio-api-key.yaml b/http/exposures/tokens/twilio/twilio-api-key.yaml index bb25340ec764..6c1ac7687a74 100644 --- a/http/exposures/tokens/twilio/twilio-api-key.yaml +++ b/http/exposures/tokens/twilio/twilio-api-key.yaml @@ -6,6 +6,7 @@ info: severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twilio.yml + - https://www.twilio.com/docs/usage/api metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/twitter/twitter-api-key.yaml b/http/exposures/tokens/twitter/twitter-api-key.yaml index cdd993c711a4..098cc0308df9 100644 --- a/http/exposures/tokens/twitter/twitter-api-key.yaml +++ b/http/exposures/tokens/twitter/twitter-api-key.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/twitter-api-key.go - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/twitter-api-key.yaml + - https://developer.twitter.com/en/docs/authentication/overview metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/twitter/twitter-api-secret.yaml b/http/exposures/tokens/twitter/twitter-api-secret.yaml index bb18cb4993c6..0830b058b03d 100644 --- a/http/exposures/tokens/twitter/twitter-api-secret.yaml +++ b/http/exposures/tokens/twitter/twitter-api-secret.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/twitter-api-secret.go - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/twitter-api-secret.yaml + - https://developer.twitter.com/en/docs/authentication/overview metadata: verified: true max-request: 1 diff --git a/http/exposures/tokens/twitter/twitter-bearer-token.yaml b/http/exposures/tokens/twitter/twitter-bearer-token.yaml index 80400772a893..53dc6228b793 100644 --- a/http/exposures/tokens/twitter/twitter-bearer-token.yaml +++ b/http/exposures/tokens/twitter/twitter-bearer-token.yaml @@ -7,6 +7,7 @@ info: reference: - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/typeform-api-token.go - https://github.com/semgrep/semgrep-rules/blob/develop/generic/secrets/gitleaks/twitter-bearer-token.yaml + - https://developer.twitter.com/en/docs/authentication/overview metadata: verified: true max-request: 1 From dc2e41548c7a642ebb9d563249a92f223555ded8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 May 2025 17:36:28 +0530 Subject: [PATCH 4/4] fix-lint-error --- http/exposures/tokens/artifactory/artifactory-api-password.yaml | 2 +- http/exposures/tokens/artifactory/artifactory-api-token.yaml | 2 +- http/exposures/tokens/google/google-api-key.yaml | 2 +- http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/http/exposures/tokens/artifactory/artifactory-api-password.yaml b/http/exposures/tokens/artifactory/artifactory-api-password.yaml index 4290d6a1ac93..38ea0455f7a6 100755 --- a/http/exposures/tokens/artifactory/artifactory-api-password.yaml +++ b/http/exposures/tokens/artifactory/artifactory-api-password.yaml @@ -5,7 +5,7 @@ info: author: Ice3man severity: info reference: - - - https://jfrog.com/help/r/jfrog-rest-apis/introduction-to-the-artifactory-rest-apis + - https://jfrog.com/help/r/jfrog-rest-apis/introduction-to-the-artifactory-rest-apis metadata: max-request: 1 tags: exposure,token,artifactory diff --git a/http/exposures/tokens/artifactory/artifactory-api-token.yaml b/http/exposures/tokens/artifactory/artifactory-api-token.yaml index ecdabd6b9196..34996402e8ee 100755 --- a/http/exposures/tokens/artifactory/artifactory-api-token.yaml +++ b/http/exposures/tokens/artifactory/artifactory-api-token.yaml @@ -5,7 +5,7 @@ info: author: Ice3man severity: info reference: - - https://jfrog.com/help/r/jfrog-rest-apis/introduction-to-the-artifactory-rest-apis + - https://jfrog.com/help/r/jfrog-rest-apis/introduction-to-the-artifactory-rest-apis metadata: max-request: 1 tags: exposure,token,artifactory diff --git a/http/exposures/tokens/google/google-api-key.yaml b/http/exposures/tokens/google/google-api-key.yaml index 82844e1735e2..a97469de9588 100644 --- a/http/exposures/tokens/google/google-api-key.yaml +++ b/http/exposures/tokens/google/google-api-key.yaml @@ -4,7 +4,7 @@ info: name: Google API Key author: Swissky severity: info - reference: + reference: - https://cloud.google.com/docs/authentication/api-keys#securing - https://support.google.com/googleapi/answer/6310037 metadata: diff --git a/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml b/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml index ed0209efa6c9..ba47ff9a9c9e 100755 --- a/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml +++ b/http/exposures/tokens/microsoft/microsoft-teams-webhook.yaml @@ -4,7 +4,7 @@ info: name: Microsoft Teams Webhook Disclosure author: Ice3man severity: info - reference: + reference: - https://docs.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/what-are-webhooks-and-connectors metadata: max-request: 1