├── Keys ├── .gitkeep ├── Google-api.yaml ├── Mailgun-api.yaml ├── Slack-api.yaml ├── Pictatic-API-key.yaml ├── Twilio-api.yaml ├── Mailchimp-api.yaml ├── Shopify-token.yaml ├── Sendgrid-api.yaml ├── Shopify-shared-secret.yaml ├── Square-access-token.yaml ├── Square-oauth-secret.yaml ├── Twitter-secret.yaml ├── Linkedin-id.yaml ├── Stripe-api-key.yaml ├── GCP-service-account.yaml ├── Shopify-custom-token.yaml ├── Shopify-private-token.yaml ├── Dynatrace-token.yaml ├── Facebook-client-id.yaml ├── Facebook-secret.yaml ├── aws-access-id.yaml ├── cloudinary.yaml ├── credentials.yaml ├── Paypal-braintree-token.yaml ├── Slack-webhook.yaml ├── firebase-database.yaml ├── Amazon-mws-auth-token.yaml ├── s3-bucket.yaml ├── private-key.yaml └── aws-cognito.yaml ├── Android ├── .gitkeep ├── file-scheme.yaml ├── content-scheme.yaml ├── adb-backup-enabled.yaml ├── debug-enabled.yaml ├── webview-load-url.yaml ├── webview-javascript.yaml ├── certificate-validation.yaml ├── Biometric-detect.yaml ├── webview-universal-access.yaml ├── webview-addjavascript-interface.yaml ├── dynamic-broadcast-receiver.yaml └── provider-path.yaml ├── nuclei-insecureshop.png ├── README.md └── LICENSE /Keys/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Android/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /nuclei-insecureshop.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/e1abrador/mobile-nuclei-templates/main/nuclei-insecureshop.png -------------------------------------------------------------------------------- /Keys/Google-api.yaml: -------------------------------------------------------------------------------- 1 | id: google-api-key 2 | 3 | info: 4 | name: Google API key 5 | author: gaurang 6 | severity: low 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "AIza[0-9A-Za-z\\-_]{35}" -------------------------------------------------------------------------------- /Keys/Mailgun-api.yaml: -------------------------------------------------------------------------------- 1 | id: mailgun-api-key 2 | 3 | info: 4 | name: Mailgun API Key 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "key-[0-9a-zA-Z]{32}" -------------------------------------------------------------------------------- /Android/file-scheme.yaml: -------------------------------------------------------------------------------- 1 | id: file-scheme 2 | 3 | info: 4 | name: File Scheme Enabled 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - xml 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "android:scheme=\"file\"" -------------------------------------------------------------------------------- /Keys/Slack-api.yaml: -------------------------------------------------------------------------------- 1 | id: slack-api 2 | 3 | info: 4 | name: Slack API Key 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "xox[baprs]-([0-9a-zA-Z]{10,48})?" -------------------------------------------------------------------------------- /Keys/Pictatic-API-key.yaml: -------------------------------------------------------------------------------- 1 | id: pictatic-api-key 2 | 3 | info: 4 | name: Pictatic API Key 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "sk_live_[0-9a-z]{32}" -------------------------------------------------------------------------------- /Keys/Twilio-api.yaml: -------------------------------------------------------------------------------- 1 | id: twilio-api 2 | 3 | info: 4 | name: Twilio API Key 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" -------------------------------------------------------------------------------- /Keys/Mailchimp-api.yaml: -------------------------------------------------------------------------------- 1 | id: mailchimp-api-key 2 | 3 | info: 4 | name: Mailchimp API Key 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "[0-9a-f]{32}-us[0-9]{1,2}" -------------------------------------------------------------------------------- /Keys/Shopify-token.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-access-token 2 | 3 | info: 4 | name: Shopify Access Token 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shpat_[a-fA-F0-9]{32}" -------------------------------------------------------------------------------- /Android/content-scheme.yaml: -------------------------------------------------------------------------------- 1 | id: content-scheme 2 | 3 | info: 4 | name: Content Scheme Enabled 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - xml 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "android:scheme=\"content\"" -------------------------------------------------------------------------------- /Android/adb-backup-enabled.yaml: -------------------------------------------------------------------------------- 1 | id: adb-backup-enabled 2 | 3 | info: 4 | name: ADB Backup Enabled 5 | author: gaurang 6 | severity: low 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "android:allowBackup=\"true\"" -------------------------------------------------------------------------------- /Android/debug-enabled.yaml: -------------------------------------------------------------------------------- 1 | id: android-debug-enabled 2 | 3 | info: 4 | name: Android Debug Enabled 5 | author: gaurang 6 | severity: low 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: regex 14 | regex: 15 | - "android:debuggable=\"true\"" -------------------------------------------------------------------------------- /Keys/Sendgrid-api.yaml: -------------------------------------------------------------------------------- 1 | id: sendgrid-api-key 2 | 3 | info: 4 | name: Sendgrid API Key 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "SG\\.[a-zA-Z0-9]{22}\\.[a-zA-Z0-9]{43}" -------------------------------------------------------------------------------- /Keys/Shopify-shared-secret.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-shared-secret 2 | 3 | info: 4 | name: Shopify Shared Secret 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shpss_[a-fA-F0-9]{32}" -------------------------------------------------------------------------------- /Keys/Square-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: square-access-token 2 | 3 | info: 4 | name: Square Accesss Token 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "sq0atp-[0-9A-Za-z\\-_]{22}" -------------------------------------------------------------------------------- /Keys/Square-oauth-secret.yaml: -------------------------------------------------------------------------------- 1 | id: square-oauth-secret 2 | 3 | info: 4 | name: Square OAuth Secret 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "sq0csp-[0-9A-Za-z\\-_]{43}" -------------------------------------------------------------------------------- /Keys/Twitter-secret.yaml: -------------------------------------------------------------------------------- 1 | id: twitter-secret 2 | 3 | info: 4 | name: Twitter Secret 5 | author: gaurang 6 | severity: medium 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)twitter(.{0,20})?[0-9a-z]{35,44}" -------------------------------------------------------------------------------- /Keys/Linkedin-id.yaml: -------------------------------------------------------------------------------- 1 | id: linkedin-client-id 2 | 3 | info: 4 | name: Linkedin Client ID 5 | author: gaurang 6 | severity: low 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)linkedin(.{0,20})?(?-i)[0-9a-z]{12}" -------------------------------------------------------------------------------- /Keys/Stripe-api-key.yaml: -------------------------------------------------------------------------------- 1 | id: stripe-api-key 2 | 3 | info: 4 | name: Stripe API Key 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)stripe(.{0,20})?[sr]k_live_[0-9a-zA-Z]{24}" -------------------------------------------------------------------------------- /Keys/GCP-service-account.yaml: -------------------------------------------------------------------------------- 1 | id: gcp-service-account 2 | 3 | info: 4 | name: Google (GCP) Service-account 5 | author: gaurang 6 | severity: low 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "\"type\": \"service_account\"" -------------------------------------------------------------------------------- /Keys/Shopify-custom-token.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-custom-token 2 | 3 | info: 4 | name: Shopify Custom App Access Token 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shpca_[a-fA-F0-9]{32}" -------------------------------------------------------------------------------- /Keys/Shopify-private-token.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-private-token 2 | 3 | info: 4 | name: Shopify Private App Access Token 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shppa_[a-fA-F0-9]{32}" -------------------------------------------------------------------------------- /Keys/Dynatrace-token.yaml: -------------------------------------------------------------------------------- 1 | id: dynatrace-token 2 | 3 | info: 4 | name: Dynatrace Token 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}" -------------------------------------------------------------------------------- /Keys/Facebook-client-id.yaml: -------------------------------------------------------------------------------- 1 | id: facebook-client-id 2 | 3 | info: 4 | name: Facebook Client ID 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]" -------------------------------------------------------------------------------- /Android/webview-load-url.yaml: -------------------------------------------------------------------------------- 1 | id: webview-load-url 2 | 3 | info: 4 | name: Webview loadUrl usage 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "Landroid/webkit/WebView;->loadUrl(Ljava/lang/String;)V" -------------------------------------------------------------------------------- /Keys/Facebook-secret.yaml: -------------------------------------------------------------------------------- 1 | id: facebook-secret-key 2 | 3 | info: 4 | name: Facebook Secret Key 5 | author: gaurang 6 | severity: low 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]" -------------------------------------------------------------------------------- /Keys/aws-access-id.yaml: -------------------------------------------------------------------------------- 1 | id: aws-access-key 2 | 3 | info: 4 | name: AWS Access Key ID 5 | author: gaurang 6 | severity: low 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" 16 | -------------------------------------------------------------------------------- /Keys/cloudinary.yaml: -------------------------------------------------------------------------------- 1 | id: cloudinary-basic-auth 2 | 3 | info: 4 | name: Cloudinary Basic Auth 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+" -------------------------------------------------------------------------------- /Keys/credentials.yaml: -------------------------------------------------------------------------------- 1 | id: basic-auth-creds 2 | 3 | info: 4 | name: Basic Auth Credentials 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\"'\\s]" -------------------------------------------------------------------------------- /Android/webview-javascript.yaml: -------------------------------------------------------------------------------- 1 | id: webview-javascript-enabled 2 | 3 | info: 4 | name: Webview JavaScript enabled 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "Landroid/webkit/WebSettings;->setJavaScriptEnabled(Z)V" -------------------------------------------------------------------------------- /Android/certificate-validation.yaml: -------------------------------------------------------------------------------- 1 | id: improper-certificate-validation 2 | 3 | info: 4 | name: Improper Certificate Validation 5 | author: gaurang 6 | severity: medium 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "Landroid/webkit/SslErrorHandler;->proceed()V" -------------------------------------------------------------------------------- /Keys/Paypal-braintree-token.yaml: -------------------------------------------------------------------------------- 1 | id: paypal-braintree-token 2 | 3 | info: 4 | name: Paypal Braintree Access Token 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}" -------------------------------------------------------------------------------- /Keys/Slack-webhook.yaml: -------------------------------------------------------------------------------- 1 | id: slack-webhook 2 | 3 | info: 4 | name: Slack Webhook 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "https://hooks.slack.com/services/T[0-9A-Za-z\\-_]{10}/B[0-9A-Za-z\\-_]{10}/[0-9A-Za-z\\-_]{23}" -------------------------------------------------------------------------------- /Keys/firebase-database.yaml: -------------------------------------------------------------------------------- 1 | id: firebase-database 2 | 3 | info: 4 | name: Firebase Database Detect 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "[a-z0-9.-]+\\.firebaseio\\.com" 16 | - "[a-z0-9.-]+\\.firebaseapp\\.com" -------------------------------------------------------------------------------- /Keys/Amazon-mws-auth-token.yaml: -------------------------------------------------------------------------------- 1 | id: amazon-mws-auth-token-value 2 | 3 | info: 4 | name: Amazon MWS Auth Token 5 | author: gaurang 6 | severity: medium 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" -------------------------------------------------------------------------------- /Android/Biometric-detect.yaml: -------------------------------------------------------------------------------- 1 | id: biometric-detect 2 | 3 | info: 4 | name: Biometric or Fingerprint detect 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "android.permission.USE_FINGERPRINT" 16 | - "android.permission.USE_BIOMETRIC" -------------------------------------------------------------------------------- /Android/webview-universal-access.yaml: -------------------------------------------------------------------------------- 1 | id: webview-universal-access 2 | 3 | info: 4 | name: Webview Universal Access enabled 5 | author: gaurang 6 | severity: medium 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - "Landroid/webkit/WebSettings;->setAllowUniversalAccessFromFileURLs(Z)V" -------------------------------------------------------------------------------- /Android/webview-addjavascript-interface.yaml: -------------------------------------------------------------------------------- 1 | id: webview-addjavascript-interface 2 | 3 | info: 4 | name: Webview addJavascript Interface Usage 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - ";->addJavascriptInterface(Ljava/lang/Object;Ljava/lang/String;)V" -------------------------------------------------------------------------------- /Android/dynamic-broadcast-receiver.yaml: -------------------------------------------------------------------------------- 1 | id: dynamic-registered-broadcast-receiver 2 | 3 | info: 4 | name: Dynamic Registered Broadcast Receiver 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: word 14 | words: 15 | - ";->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;)" -------------------------------------------------------------------------------- /Android/provider-path.yaml: -------------------------------------------------------------------------------- 1 | id: insecure-provider-path 2 | 3 | info: 4 | name: Insecure Provider Path 5 | author: gaurang 6 | severity: medium 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | matchers: 13 | - type: regex 14 | regex: 15 | - "root-path name=\"[0-9A-Za-z\\-_]{1,10}\" path=\".\"" 16 | - "root-path name=\"[0-9A-Za-z\\-_]{1,10}\" path=\"\"" 17 | -------------------------------------------------------------------------------- /Keys/s3-bucket.yaml: -------------------------------------------------------------------------------- 1 | id: s3-bucket 2 | 3 | info: 4 | name: S3 Bucket Detect 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "[a-z0-9.-]+\\.s3\\.amazonaws\\.com" 16 | - "[a-z0-9.-]+\\.s3-[a-z0-9-]\\.amazonaws\\.com" 17 | - "[a-z0-9.-]+\\.s3-website[.-](eu|ap|us|ca|sa|cn)" 18 | - "//s3\\.amazonaws\\.com/[a-z0-9._-]+" 19 | - "//s3-[a-z0-9-]+\\.amazonaws\\.com/[a-z0-9._-]+" -------------------------------------------------------------------------------- /Keys/private-key.yaml: -------------------------------------------------------------------------------- 1 | id: private-key 2 | 3 | info: 4 | name: Private Key Detect 5 | author: gaurang 6 | severity: high 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "\"BEGIN OPENSSH PRIVATE KEY\"" 16 | - "\"BEGIN PRIVATE KEY\"" 17 | - "\"BEGIN RSA PRIVATE KEY\"" 18 | - "\"BEGIN DSA PRIVATE KEY\"" 19 | - "\"BEGIN EC PRIVATE KEY\"" 20 | - "\"BEGIN PGP PRIVATE KEY BLOCK\"" 21 | - "\"ssh-rsa\"" -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Mobile Nuclei Templates 2 | 3 | These Nuclei Templates are created to aid mobile security assessments. 4 | 5 | Note, the `Keys` folder contain templates to identify API keys based on the regex pattern. So you can run the `Keys` template on a decompiled android app, any local code repository or either 'unzipped' IPA file. 6 | 7 | The `Android` folder contain templates specific to Android app. These templates should only run on decompiled Android app as most of the templates are created to perform `smali` checks. 8 | 9 | ![alt text](https://raw.githubusercontent.com/optiv/mobile-nuclei-templates/main/nuclei-insecureshop.png) 10 | 11 | 12 | # How to use? 13 | 14 | Make sure to install **Nuclei** from their [Github repo](https://github.com/projectdiscovery/nuclei). 15 | 16 | You can now use these templates as follows: 17 | 18 | ``` 19 | echo /output_apktool/ | nuclei -t Keys/xxxxx.yaml 20 | ``` 21 | 22 | If you want to run all the templates at once: 23 | 24 | ``` 25 | echo /output_apktool/ | nuclei -t Keys/ 26 | ``` 27 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Optiv Security 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Keys/aws-cognito.yaml: -------------------------------------------------------------------------------- 1 | id: aws-cognito-pool 2 | 3 | info: 4 | name: AWS Cognito Pool ID 5 | author: gaurang 6 | severity: info 7 | 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "ap-northeast-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 16 | - "ap-northeast-3:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 17 | - "ap-southeast-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 18 | - "ap-southeast-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 19 | - "ap-south-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 20 | - "ca-central-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 21 | - "ca-central-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 22 | - "eu-west-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 23 | - "eu-west-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 24 | - "eu-west-3:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 25 | - "eu-west-3:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 26 | - "eu-north-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 27 | - "us-east-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 28 | - "us-east-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 29 | - "us-west-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 30 | - "us-west-2:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" 31 | - "sa-east-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}" --------------------------------------------------------------------------------