diff --git a/Cargo.toml b/Cargo.toml index 1a99bc4..37e6d19 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -267,10 +267,10 @@ version = "0.6" optional = true [features] -default = [] +default = ["use-mimalloc"] use-mimalloc = [] use-jemalloc = ["tikv-jemallocator"] -system-alloc = [] # forces System allocator +system-alloc = [] # Darwin-only: force the system allocator [dev-dependencies] pretty_assertions = "1.4" diff --git a/crates/kingfisher-rules/data/rules/agora.yml b/crates/kingfisher-rules/data/rules/agora.yml index fb04204..61e1edf 100644 --- a/crates/kingfisher-rules/data/rules/agora.yml +++ b/crates/kingfisher-rules/data/rules/agora.yml @@ -20,8 +20,8 @@ rules: confidence: low visible: false examples: - - AGORA_APP_ID=78b8de76d5678a6geb2605721c0aefbe - - 'agora_app_id = "cfg0de76d5430a6gbc2605721c0aefbe"' + - AGORA_APP_ID=78b8de76d5678a6feb2605721c0aefbe + - 'agora_app_id = "cf80de76d5430a6fbc2605721c0aefbe"' references: - https://docs.agora.io/en/rtc/restfulapi @@ -45,8 +45,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - AGORA_APP_CERTIFICATE=397a3af3db1950bdbd84f4e4ecg8ebef - - 'agora_app_secret = "127a3af3db1950b8dbd4fe44ecg8ebef"' + - "agora.app_certificate=397a3af3db1950bdbd84f4e4ec18ebef" + - "agora.app_secret = \"127a3af3db1950b8dbd4fe440c28ebef\"" references: - https://docs.agora.io/en/rtc/restfulapi - https://docs.agora.io/en/video-calling/reference/authentication-workflow diff --git a/crates/kingfisher-rules/data/rules/akamai.yml b/crates/kingfisher-rules/data/rules/akamai.yml index 8fb78fa..382b131 100644 --- a/crates/kingfisher-rules/data/rules/akamai.yml +++ b/crates/kingfisher-rules/data/rules/akamai.yml @@ -8,7 +8,7 @@ rules: \s*=\s* ( akab- - [A-Za-z0-9_-]{22,30} + [A-Za-z0-9_-]{18,28} ) \b pattern_requirements: @@ -17,20 +17,20 @@ rules: confidence: high visible: false examples: - - "client-token=akab-sXedJJBTOf0gdHl-27vVOdPvfujdPYyB" - - "access-token=akab-xcdseuUf7DY6xJg-YscoeWpIHnInHtV" + - "client-token=akab-sXedJBTOf0dHl27vVOd" + - "access-token=akab-xcsuUf7DY6xJgYscoe" references: - https://developer.akamai.com/api/getting-started - name: Akamai API Client Secret id: kingfisher.akamai.2 pattern: | - (?xi) + (?x) \b - (?:client[_-]?mysecret|client[_-]?secret) + (?i:client[_-]?mysecret|client[_-]?secret) \s*=\s* ( - [A-Za-z0-9+/]{20,30}[=]{0,2} + [A-Za-z0-9+/=-]{20,36} ) \b pattern_requirements: @@ -39,8 +39,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - "client-secret=431733QP/lP+-TgxBHB-nH6+alirfy" - - "client-mysecret=BcDeFgHi2345JKLM67no+pqRS/tuVW==" + - "client-secret=431733QPkO-TgxBHBnH6alirfy" + - "client-mysecret=BcDeFgHi2345JKLM67nopqRS" references: - https://developer.akamai.com/api/getting-started # No simple validation: Akamai API uses HMAC-SHA256 EdgeGrid signing diff --git a/crates/kingfisher-rules/data/rules/amazonmws.yml b/crates/kingfisher-rules/data/rules/amazonmws.yml index 5222f4f..ee87aa1 100644 --- a/crates/kingfisher-rules/data/rules/amazonmws.yml +++ b/crates/kingfisher-rules/data/rules/amazonmws.yml @@ -18,8 +18,8 @@ rules: min_entropy: 3.0 confidence: high examples: - - "MWSAuthToken => amzn.mws.59f4e074-c605-f328-4c6e-63gf34120fc6" - - "AMAZON_MWS_AUTH_TOKEN=amzn.mws.7b2df085-d716-g439-6c6f-75hg45231gd7" + - "MWSAuthToken => amzn.mws.59f4e074-c605-f328-4c6e-63af34120fc6" + - "AMAZON_MWS_AUTH_TOKEN=amzn.mws.7b2df085-d716-b439-6c6f-75ae45231bd7" references: - https://developer-docs.amazon.com/sp-api/docs # No public validation endpoint: Amazon MWS tokens are validated diff --git a/crates/kingfisher-rules/data/rules/bitfinex.yml b/crates/kingfisher-rules/data/rules/bitfinex.yml index 689823d..d78769f 100644 --- a/crates/kingfisher-rules/data/rules/bitfinex.yml +++ b/crates/kingfisher-rules/data/rules/bitfinex.yml @@ -21,7 +21,7 @@ rules: visible: false examples: - "bitfinex\nkey = 3d2c8965468f2a10a3797dafe46adcb34c1d1c294ca" - - "BITFINEX_KEY=1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2" + - "bitfinex\napi-key = 1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2" references: - https://docs.bitfinex.com/docs @@ -46,7 +46,7 @@ rules: confidence: medium examples: - "bitfinex\nsecret = 8d7c3965318b8d20f7648dbda96fbfa23f4d1c449aa" - - "BITFINEX_SECRET=1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2" + - "bitfinex\napi-secret = 1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1d2" references: - https://docs.bitfinex.com/docs - https://docs.bitfinex.com/docs/rest-auth diff --git a/crates/kingfisher-rules/data/rules/cloudant.yml b/crates/kingfisher-rules/data/rules/cloudant.yml index add4480..cc5b46f 100644 --- a/crates/kingfisher-rules/data/rules/cloudant.yml +++ b/crates/kingfisher-rules/data/rules/cloudant.yml @@ -18,7 +18,7 @@ rules: [a-z0-9\-]+ \.cloudantnosqldb\.appdomain\.cloud pattern_requirements: - min_digits: 20 + min_digits: 8 min_entropy: 3.5 confidence: high examples: diff --git a/crates/kingfisher-rules/data/rules/db2.yml b/crates/kingfisher-rules/data/rules/db2.yml index 1f9b287..c902d41 100644 --- a/crates/kingfisher-rules/data/rules/db2.yml +++ b/crates/kingfisher-rules/data/rules/db2.yml @@ -19,9 +19,9 @@ rules: min_entropy: 2.8 confidence: medium examples: - - "db.password=myStr0ngPass1" - - "DB2_PASSWORD=r4ndP@ssw0rd" - - "db.url=jdbc:db2://db.example.com/dev db.password=sup3rs3cr3t" + - "db2.password=mY5ecureP4ss\n" + - "db.url=jdbc:db2://db.example.com/dev\ndb.password=sup3rs3cr3t\n" + - "as400.pass=r4ndP@ssw0rd\n" references: - https://www.ibm.com/products/db2 # No public validation endpoint: DB2 is self-hosted; diff --git a/crates/kingfisher-rules/data/rules/docusign.yml b/crates/kingfisher-rules/data/rules/docusign.yml index 2b24db8..207bdc2 100644 --- a/crates/kingfisher-rules/data/rules/docusign.yml +++ b/crates/kingfisher-rules/data/rules/docusign.yml @@ -6,10 +6,10 @@ rules: \b docusign (?:.|[\n\r]){0,64}? - \b(?:secret[_-]?key|secret|ds[_-]?secret)\b + \b(?:secret[_-]?key|ds[_-]?secret|secret)\b (?:.|[\n\r]){0,16}? [=:"'\s] - \b + ['"]* ( [a-f0-9]{8}- [a-f0-9]{4}- @@ -23,8 +23,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - "docusign_secret_key = 7a39ce6d-94cf-4bf6-9e9e-9213373c15f4" - - "DS_SECRET = 3d2f18c9-2075-4e78-834b-64f57f8757d0" + - "docusign.secret_key = 7a39ce6d-94cf-4bf6-9e9e-9213373c15f4" + - "docusign\nds_secret = 3d2f18c9-2075-4e78-834b-64f57f8757d0" references: - https://developers.docusign.com/platform/build-integration/ # No public validation endpoint: DocuSign OAuth secret keys cannot be diff --git a/crates/kingfisher-rules/data/rules/duo.yml b/crates/kingfisher-rules/data/rules/duo.yml index e2d3438..d93ae15 100644 --- a/crates/kingfisher-rules/data/rules/duo.yml +++ b/crates/kingfisher-rules/data/rules/duo.yml @@ -21,8 +21,8 @@ rules: confidence: low visible: false examples: - - "integration_key=AMTRZFKBPWH3QNGLVWCY" - - "duo_ikey = 'BNUSGLLCQXI4RNHMWXDZ'" + - "duo\nintegration_key=AMTRZFKBPWH3QNGLVWCY" + - "duo\nikey = 'BNUSGLLCQXI4RNHMWXDZ'" references: - https://duo.com/docs/authapi @@ -48,8 +48,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "secret_key=Rfy1qffwffwpQfjcjfuipjDjpj3jfjuaqjffvuVi" - - "duo_skey = 'Lg4kCffwffjpQfjcjfuipjDjpj3jgjuaqjffwyCb'" + - "duo\nsecret_key=Rf14qf2wwf3pQfj4jfuipjDjpj3jfjuaqjff5uVi" + - "duo\nskey = 'Lg4k2ffwff3pQfj4jfuipjDjpj3jgju5qjffwyCb'" references: - https://duo.com/docs/authapi - https://duo.com/docs/adminapi diff --git a/crates/kingfisher-rules/data/rules/dwolla.yml b/crates/kingfisher-rules/data/rules/dwolla.yml index 7190cee..e1509e1 100644 --- a/crates/kingfisher-rules/data/rules/dwolla.yml +++ b/crates/kingfisher-rules/data/rules/dwolla.yml @@ -20,8 +20,8 @@ rules: confidence: medium visible: false examples: - - "dwolla id = 4d1d4076479b7c21h8751eceb57bcge34b5d2d356fbb265671" - - "DWOLLA_CLIENT_ID=7e4e5187580c7d32i9862fdfcg8dcgf45c6e3e467gcc376782" + - "dwolla id = 4d1d4076479b7c21a8751eceb57bc1e34b5d2d356fbb265671\n" + - "dwolla\nclient_id = 7e4e5187580c7d329862fdfca8dc1f45c6e3e467a0c376782\n" references: - https://developers.dwolla.com/ @@ -45,8 +45,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - "dwolla secret = 4d1d407752bfd562bZ=9b7c21f8862fdfc57bcge45" - - "DWOLLA_CLIENT_SECRET=7e4e5297691dg673cA=0c7d43j9973gecgh8dcgf56" + - "dwolla secret = 4d1d407752bfd562bZ=9b7c21f8862fdfc57bc1e45\n" + - "dwolla\nclient_secret = 7e4e5297691a673cA=0c7d43b997ec1h8dcaf56\n" references: - https://developers.dwolla.com/ # No simple validation: Dwolla OAuth2 requires both client_id and diff --git a/crates/kingfisher-rules/data/rules/elasticemail.yml b/crates/kingfisher-rules/data/rules/elasticemail.yml index d384084..28b0850 100644 --- a/crates/kingfisher-rules/data/rules/elasticemail.yml +++ b/crates/kingfisher-rules/data/rules/elasticemail.yml @@ -23,8 +23,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - "'apikey' => '8a2d35a4-2e83-41c2-9509-5c6e116ebc2b'" - - "ELASTICEMAIL_API_KEY=7b1f46a3-3d92-52b1-a81e-6d7f227fcd3c" + - "elasticemail\napikey => '8a2d35a4-2e83-41c2-9509-5c6e116ebc2b'" + - "elasticemail\napi-key = 7b1f46a3-3d92-52b1-a81e-6d7f227fcd3c" references: - https://api.elasticemail.com/public/help - https://elasticemail.com/developers/api-documentation/ diff --git a/crates/kingfisher-rules/data/rules/equinix.yml b/crates/kingfisher-rules/data/rules/equinix.yml index 2928b1f..c14197e 100644 --- a/crates/kingfisher-rules/data/rules/equinix.yml +++ b/crates/kingfisher-rules/data/rules/equinix.yml @@ -19,8 +19,8 @@ rules: min_entropy: 3.5 confidence: high examples: - - "export PACKET_API_TOKEN=bRniGMGkhjH0x2a0aHdxddyNDReH7Za3" - - "EQUINIX_PACKET_API_TOKEN=cSojHNHliII1y3b1bIeyeezOESiH8Ab4" + - "export PACKET_API_TOKEN=bRniGMGkhjH0x2a0aHdxddyNDReH7Za3\n" + - "EQUINIX_PACKET_API_TOKEN=cSojHNHliII1y3b1bIeyeezOESiH8Ab4\n" references: - https://metal.equinix.com/developers/api/ validation: diff --git a/crates/kingfisher-rules/data/rules/fernet.yml b/crates/kingfisher-rules/data/rules/fernet.yml index 4537ae3..7461bdf 100644 --- a/crates/kingfisher-rules/data/rules/fernet.yml +++ b/crates/kingfisher-rules/data/rules/fernet.yml @@ -18,8 +18,8 @@ rules: min_entropy: 3.5 confidence: high examples: - - "AIRFLOW__CORE__FERNET_KEY=gAAAAAB_AbCdEfGhIjKlMnOpQrStUvWxYz1234567890AA=" - - "fernet_key = 'xK9mP2qRsT4wY6zA1cD3eF5gH7iJ0kLmN8oP+Q2rS5tU='" + - "AIRFLOW__CORE__FERNET_KEY=AbCdEfGhIjKlMnOpQrStUvWxYz0123456789AbCDEFG= " + - "fernet_key = 'MbDfFhHjJlLnNpPrRtTvVxXzZ0123456789MbDFHJLN='" references: - https://cryptography.io/en/latest/fernet/ - https://airflow.apache.org/docs/apache-airflow/stable/security/secrets/fernet.html diff --git a/crates/kingfisher-rules/data/rules/forestadmin.yml b/crates/kingfisher-rules/data/rules/forestadmin.yml index 7020df7..f59cf0b 100644 --- a/crates/kingfisher-rules/data/rules/forestadmin.yml +++ b/crates/kingfisher-rules/data/rules/forestadmin.yml @@ -6,7 +6,7 @@ rules: \b forest[_-]?auth[_-]?secret (?:.|[\n\r]){0,16}? - [=:"'\s] + [=:"'\s]+ ['"]* ( [A-Za-z0-9+/]{20,96} @@ -18,9 +18,9 @@ rules: min_entropy: 3.0 confidence: high examples: - - "forest_auth_secret: CJh5orog8MCU99dBf1TblR" - - "FOREST_AUTH_SECRET=CuFtspjuNN6OuTVZNFgmS8wELetNfgMh" - - "FOREST_AUTH_SECRET=d9474g33894d755182h8cef87eg80845c06bcg625156gd60" + - "forest_auth_secret: CJh5orog8MCU99dBf1TblR\n" + - "FOREST_AUTH_SECRET=CuFtspjuNN6OuTVZNFgmS8wELetNfgMh\n" + - "FOREST_AUTH_SECRET=d9474A33894d755182b8cef87eA80845c06bca625156ad60\n" references: - https://docs.forestadmin.com/documentation/reference-guide/how-it-works # No public validation endpoint: Forest Admin auth secrets are used diff --git a/crates/kingfisher-rules/data/rules/ftp.yml b/crates/kingfisher-rules/data/rules/ftp.yml index abf7961..7371036 100644 --- a/crates/kingfisher-rules/data/rules/ftp.yml +++ b/crates/kingfisher-rules/data/rules/ftp.yml @@ -5,7 +5,7 @@ rules: (?xi) \b ftps?:// - ([^:@\s]{1,64}) + [^:@\s]{1,64} : ([^@\s]{6,128}) @ @@ -16,7 +16,7 @@ rules: confidence: medium examples: - "ftp://johndoe:pg9stqu2018@files.example.edu.cn" - - "BACKUP_URL=ftps://backupuser:$5ecureP@ss2024@ftp.corp.example.com" + - "BACKUP_URL=ftps://backupuser:S5ec4rePassWord@ftp.corp.example.com" references: - https://datatracker.ietf.org/doc/html/rfc959 # No public validation endpoint: FTP servers are instance-specific. diff --git a/crates/kingfisher-rules/data/rules/fullcontact.yml b/crates/kingfisher-rules/data/rules/fullcontact.yml index 456e353..d648706 100644 --- a/crates/kingfisher-rules/data/rules/fullcontact.yml +++ b/crates/kingfisher-rules/data/rules/fullcontact.yml @@ -22,8 +22,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - 'fullcontact_api_key = "u8jzPde0IgxLd6GncfBAepfJBd0Kh8oO"' - - 'X-FullContact-APIKey: OL8dKLzdocJ2isAjIhKtJ0RlgLKOmxgJ' + - 'fullcontact.api_key = "u8jzPde0IgxLd6GncfBAepfJBd0Kh8oO"' + - 'X-FullContact-APIKey: OL8dKLzdocJ2isAjIhKt40RlgLKOmxgJ' references: - https://platform.fullcontact.com/docs/apis/enrich/authorization validation: diff --git a/crates/kingfisher-rules/data/rules/gemstash.yml b/crates/kingfisher-rules/data/rules/gemstash.yml index 36d1f03..2eaeda4 100644 --- a/crates/kingfisher-rules/data/rules/gemstash.yml +++ b/crates/kingfisher-rules/data/rules/gemstash.yml @@ -3,7 +3,6 @@ rules: id: kingfisher.gemstash.1 pattern: | (?xi) - \b :gemstash[_-]?key: \s* ( @@ -15,7 +14,7 @@ rules: min_entropy: 3.0 confidence: high examples: - - ":gemstash_key: f485c343gcg6ec5829e0b32ge74cd521" + - ":gemstash_key: f485c343aec6ec5829e0b32ae74cd521" - ":gemstash-key: 2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e" references: - https://github.com/rubygems/gemstash diff --git a/crates/kingfisher-rules/data/rules/gitguardian.yml b/crates/kingfisher-rules/data/rules/gitguardian.yml index 364c340..548248e 100644 --- a/crates/kingfisher-rules/data/rules/gitguardian.yml +++ b/crates/kingfisher-rules/data/rules/gitguardian.yml @@ -22,8 +22,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - 'Authorization: Token 4283FEFC63f0cd0E873a0000C6d07ef7b77E90d3593ad699fC1f7Cd5bB2e35cbf0f19C5 for https://enterprise.gitguardian.com/api/v1/incidents' - - 'gitguardian public monitoring key = "122B598615DcBe810bEAcd557705a54B5EDbBbE5cE7F8fBEeBEf7A58F99D96fb2A06311"' + - 'host: enterprise.gitguardian.com\nAuthorization: Token 4283fefc63f0cd0e873a0000c6d07ef7b77e90d3593ad699fc1f7cd5bb2e35cbf0f19c5' + - 'gitguardian public monitoring key = "122b598615dcbe810beacd557705a54b5edbbbe5ce7f8fbeebef7a58f99d96fb2a06311"' references: - https://enterprise.gitguardian.com/api/docs - https://enterprise.gitguardian.com/docs @@ -69,8 +69,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - 'GG_API_URL=https://api.gitguardian.com/v1 api_key = "aE075528A220e087D35b92558589eaFfc09cad68386D070C415ed7E70CaD19465922995"' - - 'ggshield auth login --method token --token 74bF20f8b6ffC474Ec0251908FCdcE4Bc14F68d9dcbd7a085a368932ff2b2d407dd311C' + - 'GG_API_URL=https://api.gitguardian.com/v1 authorization = "ae075528a220e087d35b92558589eaffc09cad68386d070c415ed7e70cad19465922995"' + - 'ggshield auth login --method token --token 74bf20f8b6ffc474ec0251908fcdce4bc14f68d9dcbd7a085a368932ff2b2d407dd311c' references: - https://api.gitguardian.com/docs validation: diff --git a/crates/kingfisher-rules/data/rules/huawei.yml b/crates/kingfisher-rules/data/rules/huawei.yml index 0c2fe2b..7f1e74c 100644 --- a/crates/kingfisher-rules/data/rules/huawei.yml +++ b/crates/kingfisher-rules/data/rules/huawei.yml @@ -46,7 +46,7 @@ rules: confidence: medium examples: - "{ \"Huawei\": { \"ClientId\": \"100809947\", \"ClientSecret\": \"9c94020cf0aed099bc88c0e57b613fdd55cdcec2590b55fa5693a9d672cad2d5\" } }" - - "HUAWEI_CLIENT_SECRET=1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b" + - "huawei\nclient_secret=1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b" references: - https://developer.huawei.com/consumer/en/doc/development/HMS-Guides/38054564 # No standalone validation: Huawei OAuth2 requires both client_id and diff --git a/crates/kingfisher-rules/data/rules/influxdb.yml b/crates/kingfisher-rules/data/rules/influxdb.yml index 36bef3e..345893c 100644 --- a/crates/kingfisher-rules/data/rules/influxdb.yml +++ b/crates/kingfisher-rules/data/rules/influxdb.yml @@ -20,8 +20,8 @@ rules: min_entropy: 4.0 confidence: medium examples: - - 'INFLUX_TOKEN=nxft2SEGZrEH2-jwDIea6tDSiX6TqHn50u0kOcDqSRnUdnK35VYauC1buWdwh-UFq7dgeb7qf3pMyKg6sbf6zg==' - - "INFLUX_TOKEN='z62qZYqGCOCI1zx3cFZYFcosWJoGw9XKIeEcF_GWwhfefRBSMjQfl3M5-ZDZN1FOFvWJPJHVi2-bZ6hPaQWvpw=='" + - "influx\ntoken=nxft2SEGZrEH2-jwDIea6tDSiX6TqHn50u0kOcDqSRnUdnK35VYauC1buWdwh-UFq7dgeb7qf3pMyKg6sbf6zg==" + - "influxdb\ntoken='z62qZYqGCOCI1zx3cFZYFcosWJoGw9XKIeEcF_GWwhfefRBSMjQfl3M5-ZDZN1FOFvWJPJHVi2-bZ6hPaQWvpw=='" references: - https://docs.influxdata.com/ - https://docs.influxdata.com/influxdb/cloud/security/tokens/ diff --git a/crates/kingfisher-rules/data/rules/kairos.yml b/crates/kingfisher-rules/data/rules/kairos.yml index 6094818..82d00f1 100644 --- a/crates/kingfisher-rules/data/rules/kairos.yml +++ b/crates/kingfisher-rules/data/rules/kairos.yml @@ -45,8 +45,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - "$api_key = '49ca1gd77eb01f2fedc8965g8g23651e8';" - - "KAIROS_API_KEY=5adb2he88fc12g3gfed9076h9h34762f9" + - "kairos\n$api_key = '49ca1ad77eb01f2fedc8965a8a23651e';" + - "kairos\napi_key=5adb2be88fc12a3afed9076b9b34762f " references: - https://kairos.com/docs/ # No public validation endpoint documented. diff --git a/crates/kingfisher-rules/data/rules/lacework.yml b/crates/kingfisher-rules/data/rules/lacework.yml index cd39093..dbc0254 100644 --- a/crates/kingfisher-rules/data/rules/lacework.yml +++ b/crates/kingfisher-rules/data/rules/lacework.yml @@ -19,8 +19,8 @@ rules: confidence: medium visible: false examples: - - "lacework_api_key = \"DEVACCT_B2849286C1644991C28692DF7C5EG973BA0BB848B6DD303D\"" - - "LACEWORK_API_KEY=PRODACCT_E1F2A3B4C5D6789012345ABCDEF012345678901234" + - "LACEWORK_API_KEY=\"DEVACCT_B2849286C1644991C28692DF7C5EA973BA0BB848B6DD303D\"" + - "LACEWORK_API_KEY=PRODACCT_E1F2A3B4C5D6789012345ABCDEF012345678901234 " references: - https://docs.lacework.com/api/api-access-keys-and-tokens @@ -42,8 +42,8 @@ rules: min_entropy: 3.0 confidence: high examples: - - "lacework_api_secret = \"_c7df6ee56c7cf8603854g3i1j2k4m5n6\"" - - "LACEWORK_API_SECRET=_a4d3e2f1b7c8e5d294963h2i1j3k4l5m6" + - "LACEWORK_API_SECRET=\"_c7df6ee56c7cf8603854a3b1b2b4a5b\"" + - "LACEWORK_API_SECRET=_a4d3e2f1b7c8e5d294963a2b1b3b4c5 " references: - https://docs.lacework.com/api/api-access-keys-and-tokens # No simple validation: Lacework API requires both the API key and secret diff --git a/crates/kingfisher-rules/data/rules/laravel.yml b/crates/kingfisher-rules/data/rules/laravel.yml index 0a62ecb..f2d08be 100644 --- a/crates/kingfisher-rules/data/rules/laravel.yml +++ b/crates/kingfisher-rules/data/rules/laravel.yml @@ -20,9 +20,9 @@ rules: min_entropy: 3.0 confidence: high examples: - - "APP_KEY=base64:SomeRandomBase64StringHere1234567890ABCD=" - - "APP_KEY=AbCdEf1234GhIjKl5678MnOpQr90StUv" - - "'key' => env('APP_KEY', 'base64:xK9mP2qR8sT4wY6zA1cD3eF5gH7iJ0kL+M=')" + - "APP_KEY=base64:SomeRandomBase64xStr1234567890ABCDEFGabcdef= " + - "APP_KEY=AbCdEf1234GhIjKl5678MnOpQr90StUv\n" + - "'key' => env('APP_KEY', 'base64:xK9mP2qR8sT4wY6zA1cD3eF5gH7iJ0kLmNpQrStuVwx=')" references: - https://laravel.com/docs/encryption # No public validation endpoint: APP_KEY is used for local payload diff --git a/crates/kingfisher-rules/data/rules/ldap.yml b/crates/kingfisher-rules/data/rules/ldap.yml index c2ae0bf..4176173 100644 --- a/crates/kingfisher-rules/data/rules/ldap.yml +++ b/crates/kingfisher-rules/data/rules/ldap.yml @@ -20,7 +20,7 @@ rules: examples: - "ldap_pass = \"zX#mK91wP$3n=Q7!\"" - "ldap_pwd = 'Tr0ub4dor&3!'" - - "LDAP_PASSWORD=s3cur3P@ssw0rd" + - "LDAP_PASSWORD=s3cur3P@ssw0rd\n" references: - https://tools.ietf.org/html/rfc2251 # No public validation endpoint: LDAP servers are self-hosted; diff --git a/crates/kingfisher-rules/data/rules/llamacloud.yml b/crates/kingfisher-rules/data/rules/llamacloud.yml index 78585f6..766d4e7 100644 --- a/crates/kingfisher-rules/data/rules/llamacloud.yml +++ b/crates/kingfisher-rules/data/rules/llamacloud.yml @@ -15,7 +15,7 @@ rules: confidence: high examples: - "LLAMA_CLOUD_API_KEY=llx-b3D8GhZgQ2iAY4qYvwueaOkedPrstZpASP4P4KrBaeeuR4CE" - - "llama_api_key = 'llx-M0nQ3rS9tU5xZ7aB2dE4fG6hI1jK8lN0oPqRsT4w'" + - "llama_api_key = 'llx-M0nQ3rS9tU5xZ7aB2dE4fG6hI1jK8lN0oPqRsT4wXyZa'" references: - https://docs.llmapi.com/quickstart # No public validation endpoint documented. diff --git a/crates/kingfisher-rules/data/rules/mariadb.yml b/crates/kingfisher-rules/data/rules/mariadb.yml index 8205e2d..298a749 100644 --- a/crates/kingfisher-rules/data/rules/mariadb.yml +++ b/crates/kingfisher-rules/data/rules/mariadb.yml @@ -19,9 +19,9 @@ rules: min_entropy: 2.8 confidence: medium examples: - - "mariadb.password=mY5ecureP4ss" - - "MARIADB_PASSWORD=Tr0ub4dor&3" - - "db.url=jdbc:mariadb://db.example.com mariadb.password=r8tqvmx1kp!" + - "mariadb.password=mY5ecureP4ss\n" + - "mariadb\npassword=Tr0ub4dor&3\n" + - "db.url=jdbc:mariadb://db.example.com mariadb.password=r8tqvmx1kp!\n" references: - https://mariadb.org/documentation/ # No public validation endpoint: MariaDB is self-hosted; diff --git a/crates/kingfisher-rules/data/rules/midtrans.yml b/crates/kingfisher-rules/data/rules/midtrans.yml index 89b36ee..8066ea4 100644 --- a/crates/kingfisher-rules/data/rules/midtrans.yml +++ b/crates/kingfisher-rules/data/rules/midtrans.yml @@ -56,8 +56,8 @@ rules: min_entropy: 2.8 confidence: high examples: - - "MIDTRANS_SERVER_KEY=\"Mid-server-AbCdEfGhIjKlMn\"" - - "midtrans_client_key = 'Mid-client-Xk93PcDP8pMKfhY2'" + - "midtrans\nserver_key=\"Mid-server-Xk93PcDP8pMKfhY2\"" + - "midtrans.client_key = 'Mid-client-Xk93PcDP8pMKfhY2'" references: - https://docs.midtrans.com validation: diff --git a/crates/kingfisher-rules/data/rules/mssql.yml b/crates/kingfisher-rules/data/rules/mssql.yml index 768eaa8..7e7aa33 100644 --- a/crates/kingfisher-rules/data/rules/mssql.yml +++ b/crates/kingfisher-rules/data/rules/mssql.yml @@ -17,9 +17,9 @@ rules: min_entropy: 2.8 confidence: medium examples: - - "MSSQL_PASSWORD=n53qmpa3xe" - - "mssql_password=myS3cur3Passw0rd" - - "spring.datasource.password=Tr0ub4dor&3" + - "mssql_password=n53qmpa3xe\n" + - "mssql_password=myS3cur3Passw0rd\n" + - "mssql_password=Tr0ub4dor&3\n" references: - https://docs.microsoft.com/en-us/sql/ # No public validation endpoint: MSSQL is self-hosted; diff --git a/crates/kingfisher-rules/data/rules/neo4j.yml b/crates/kingfisher-rules/data/rules/neo4j.yml index 8cb4a62..e959bbf 100644 --- a/crates/kingfisher-rules/data/rules/neo4j.yml +++ b/crates/kingfisher-rules/data/rules/neo4j.yml @@ -19,7 +19,7 @@ rules: confidence: medium examples: - "spring.data.neo4j.password: Tr0ub4dor&3xampL" - - "neo4j_password: zeoh!zafFEa" + - "neo4j.password: ze0h!zafFEa" references: - https://neo4j.com/docs/getting-started/current/ - https://neo4j.com/docs/operations-manual/current/authentication-authorization/ diff --git a/crates/kingfisher-rules/data/rules/nessus.yml b/crates/kingfisher-rules/data/rules/nessus.yml index 00d95de..3f68351 100644 --- a/crates/kingfisher-rules/data/rules/nessus.yml +++ b/crates/kingfisher-rules/data/rules/nessus.yml @@ -17,7 +17,7 @@ rules: confidence: high examples: - "/opt/nessus_agent/sbin/nessuscli agent link --key=b0ed12e9652fa25b92c91826f364d339f64f98a07159e24f644ed4f1aa075684 --host=manager.example.com" - - "NESSUS_KEY=\"34b98943d38288385ce948429a8f33143f5122cfd22892310dccb9eed5087d50\"" + - "/opt/nessus_agent/sbin/nessuscli agent link --key=a34b98943d38288385ce948429a8f33143f5122cfd22892310dccb9eed5087d5 --host=scanner2.example.com" references: - https://docs.tenable.com/nessus-agent/Content/GettingStarted.htm # No public validation endpoint: Nessus linking keys are validated diff --git a/crates/kingfisher-rules/data/rules/nxcloud.yml b/crates/kingfisher-rules/data/rules/nxcloud.yml index 867abd2..e0e6b6d 100644 --- a/crates/kingfisher-rules/data/rules/nxcloud.yml +++ b/crates/kingfisher-rules/data/rules/nxcloud.yml @@ -19,7 +19,7 @@ rules: confidence: high examples: - "nx_cloud_token = \"UDM4ZGY4NWUtZDU4ZS01Z2I4LWNkZWUtYjcyMTAzN2RjOGI0fHJlYWQtd3JpdGU=\"" - - "NX_CLOUD_TOKEN=VEN5ZWY5NmYtZTY5Zi02aGM5LWRlZmYtYzgzMjE0OGVkOWM1fHJlYWQtb25seQ==" + - "NX_CLOUD_TOKEN=VEN5ZWY5NmYtZTY5Zi02aGM5LWRlZmYtYzgzMjE0OGVkOWM1fHJlYWQtb25seQ==\n" references: - https://nx.dev/ci/recipes/security/personal-access-tokens validation: diff --git a/crates/kingfisher-rules/data/rules/oracle.yml b/crates/kingfisher-rules/data/rules/oracle.yml index 9c1c177..c436683 100644 --- a/crates/kingfisher-rules/data/rules/oracle.yml +++ b/crates/kingfisher-rules/data/rules/oracle.yml @@ -5,7 +5,7 @@ rules: (?xi) \b oracle:// - ([^:@\s]{1,64}) + [^:@\s]{1,64} : ([^@\s]{6,128}) @ diff --git a/crates/kingfisher-rules/data/rules/ovh.yml b/crates/kingfisher-rules/data/rules/ovh.yml index 9c61143..c570dd7 100644 --- a/crates/kingfisher-rules/data/rules/ovh.yml +++ b/crates/kingfisher-rules/data/rules/ovh.yml @@ -49,8 +49,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "application_secret=r4DVZuOvp8Acg18fMF1LLd7KapVFc7Qz" - - "OVH_APPLICATION_SECRET=AbCdEf1234GhIjKl5678MnOpQr90StUv" + - "[ovh-eu]\napplication_secret=r4DVZuOvp8Acg18fMF1LLd7KapVFc7Qz" + - "ovh.application_secret=AbCdEf1234GhIjKl5678MnOpQr90StUv" references: - https://api.ovh.com/ - https://api.ovh.com/console/#/me/api/application/%7BapplicationId%7D#DELETE diff --git a/crates/kingfisher-rules/data/rules/pingidentity.yml b/crates/kingfisher-rules/data/rules/pingidentity.yml index 2329e13..e456c90 100644 --- a/crates/kingfisher-rules/data/rules/pingidentity.yml +++ b/crates/kingfisher-rules/data/rules/pingidentity.yml @@ -24,8 +24,8 @@ rules: confidence: medium visible: false examples: - - "pingone client_id = 7fe9Gf06-7F40-CE8D-6EBF-55ggFe4d9bF4" - - "PINGONE_CLIENT_ID=8gf0Hg17-8G51-DF9E-7FCG-66hhGf5e0cG5" + - "pingone client_id = 7fe9af06-7f40-ce8d-6ebf-55aafe4d9bf4 " + - "pingone\nclient_id=8af0ba17-8a51-df9e-7fca-66bbaf5e0ca5 " references: - https://docs.pingidentity.com/r/en-us/pingone/p1_c_environments @@ -50,8 +50,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - "pingone client_secret = 5dGwD6ZxOQj.~XD9Pd82I.q79zA8rSk9sscgHQ." - - "PINGONE_CLIENT_SECRET=6eHxE7AyPRk.~YE0Qe93J.r80AB9sTo0ttdhIR." + - "pingone client_secret = 5dGwD6ZxOQj.~XD9Pd82I.q79zA8rSk9sscgHQ. " + - "pingone\nclient_secret=6eHxE7AyPRk.~YE0Qe93J.r80AB9sTo0ttdhIR. " references: - https://docs.pingidentity.com/r/en-us/pingone/p1_c_environments # No simple validation: PingOne OAuth2 requires both client_id and diff --git a/crates/kingfisher-rules/data/rules/plivo.yml b/crates/kingfisher-rules/data/rules/plivo.yml index 4e7d145..962b8ba 100644 --- a/crates/kingfisher-rules/data/rules/plivo.yml +++ b/crates/kingfisher-rules/data/rules/plivo.yml @@ -47,8 +47,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "PLIVO_AUTH_TOKEN = 'QCNiY2U3YzliY2E2OGNhZDNjYjRkMGI5NDQ1MWB5'" - - "plivo_token: 'KFBiY2E2OGNhZDNjYjRkMGI5NDQ1MWh3cqZV'" + - "plivo\nauth_token = 'QCNiY2U3YzliY2E2OGNhZDNjYjRkMGI5NDQ1MWB5'" + - "plivo\ntoken: 'KFBiY2E2OGNhZDNjYjRkMGI5NDQ1MWh3cqZVXy'" references: - https://www.plivo.com/docs/ - https://support.plivo.com/hc/en-us/articles/360041731231 diff --git a/crates/kingfisher-rules/data/rules/pusher.yml b/crates/kingfisher-rules/data/rules/pusher.yml index bbc6170..9a2f719 100644 --- a/crates/kingfisher-rules/data/rules/pusher.yml +++ b/crates/kingfisher-rules/data/rules/pusher.yml @@ -45,8 +45,8 @@ rules: min_entropy: 2.8 confidence: medium examples: - - "PUSHER_APP_SECRET=4dc86652b4f69252461e" - - "pusher_secret = 'a1b2c3d4e5f678901234'" + - "pusher\napp_secret=4dc86652b4f69252461e" + - "pusher.secret = 'a1b2c3d4e5f678901234'" references: - https://pusher.com/docs/channels/server_api/overview - https://pusher.com/docs/channels/server_api/authorizing-users/ diff --git a/crates/kingfisher-rules/data/rules/redshift.yml b/crates/kingfisher-rules/data/rules/redshift.yml index 847c40d..b2e441d 100644 --- a/crates/kingfisher-rules/data/rules/redshift.yml +++ b/crates/kingfisher-rules/data/rules/redshift.yml @@ -5,7 +5,7 @@ rules: (?xi) \b redshift:// - ([^:@\s]{1,64}) + [^:@\s]{1,64} : ([^@\s]{6,128}) @ diff --git a/crates/kingfisher-rules/data/rules/scaleway.yml b/crates/kingfisher-rules/data/rules/scaleway.yml index 5ccdd97..fc95c96 100644 --- a/crates/kingfisher-rules/data/rules/scaleway.yml +++ b/crates/kingfisher-rules/data/rules/scaleway.yml @@ -23,8 +23,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - 'scaleway Bearer 56bd4fd9-f2db-b40d-a2b4-bfde7fab5ed3' - - 'SCW_SECRET_KEY=b7c3f1d9-8a5e-4b02-92f6-10db7e431abc' + - "scaleway token 56bd4fd9-f2db-b40d-a2b4-bfde7fab5ed3" + - "scaleway\nsecret_key=b7c3f1d9-8a5e-4b02-92f6-10db7e431abc" references: - https://developers.scaleway.com/en/ - https://www.scaleway.com/en/developers/api/ diff --git a/crates/kingfisher-rules/data/rules/scalr.yml b/crates/kingfisher-rules/data/rules/scalr.yml index 12bcf9d..a6de712 100644 --- a/crates/kingfisher-rules/data/rules/scalr.yml +++ b/crates/kingfisher-rules/data/rules/scalr.yml @@ -22,8 +22,8 @@ rules: min_entropy: 3.5 confidence: high examples: - - "SCALR_KEY=\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQt dzFwNWtvN2h2ODh0bGVzcDAifQ.VCPHD8dI5RAO4yexSrfk7mhrBu1KFnGU3Rm2zwApplF\"" - - "scalr_api_key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQt eVo1cW81aHY5OTF1bWZzcTAifQ.WDRIE9eJ6SBP5zfyTugl8nih Cu2LGoPV4Sn3AxBrqmG" + - "SCALR_KEY=\"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQtdzFwNWtvN2h2ODh0bGVzcDAifQ.VCPHD8dI5RAO4yexSrfk7mhrBu1KFnGU3Rm2zwApplF\"" + - "scalr_api_key: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ1c2VyIiwianRpIjoiYXQteVo1cW81aHY5OTF1bWZzcTAifQ.WDRIE9eJ6SBP5zfyTugl8nihCu2LGoPV4Sn3AxBrqmN\n" references: - https://docs.scalr.com/docs/api-tokens validation: diff --git a/crates/kingfisher-rules/data/rules/signifyd.yml b/crates/kingfisher-rules/data/rules/signifyd.yml index 73a6ad5..c398a83 100644 --- a/crates/kingfisher-rules/data/rules/signifyd.yml +++ b/crates/kingfisher-rules/data/rules/signifyd.yml @@ -21,8 +21,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "SIGNIFYD_APIKEY=KSqPR9cGmJRxIfNLkRsJ09A9z" - - "signifyd_key = 'MRnOQ9bGlIRsIfNLkRsJ09A9z'" + - "signifyd\napikey=KSqPR9cGmJRxIfNLkRsJ09A9z" + - "signifyd.key = 'MRnOQ9bGlIRsIfNLkRsJ09A9z'" references: - https://developer.signifyd.com/api/ validation: diff --git a/crates/kingfisher-rules/data/rules/smb.yml b/crates/kingfisher-rules/data/rules/smb.yml index d7c2b5a..649e8a6 100644 --- a/crates/kingfisher-rules/data/rules/smb.yml +++ b/crates/kingfisher-rules/data/rules/smb.yml @@ -5,7 +5,7 @@ rules: (?xi) \b smb:// - ([^:@\s]{1,64}) + [^:@\s]{1,64} : ([^@\s]{6,128}) @ diff --git a/crates/kingfisher-rules/data/rules/smtp.yml b/crates/kingfisher-rules/data/rules/smtp.yml index 56e2dfb..045152b 100644 --- a/crates/kingfisher-rules/data/rules/smtp.yml +++ b/crates/kingfisher-rules/data/rules/smtp.yml @@ -17,9 +17,9 @@ rules: min_entropy: 2.8 confidence: medium examples: - - "EMAIL_HOST_PASSWORD = Nftu435p2634" - - "smtp_password = s3cureEmAilP@ss" - - "EMAIL_HOST_PASSWORD=aXyz789#Secure" + - "EMAIL_HOST_PASSWORD = Nftu435p2634\n" + - "smtp_password = s3cureEmAilP@ss\n" + - "EMAIL_HOST_PASSWORD=aXyz789#Secure\n" references: - https://datatracker.ietf.org/doc/html/rfc5321 # No public validation endpoint: SMTP credentials are server-specific. diff --git a/crates/kingfisher-rules/data/rules/snowflake.yml b/crates/kingfisher-rules/data/rules/snowflake.yml index 7cfdecf..5f266af 100644 --- a/crates/kingfisher-rules/data/rules/snowflake.yml +++ b/crates/kingfisher-rules/data/rules/snowflake.yml @@ -6,7 +6,7 @@ rules: \b snowflake[a-z+.-]* :// - ([A-Za-z0-9_.@%+!-]+) # username + [A-Za-z0-9_.@%+!-]+ # username (non-capturing) : ([^@\s"'<>]{6,128}?) # password (captured) @ @@ -19,7 +19,7 @@ rules: confidence: medium examples: - 'CONNECTION_URI="db:snowflake://myuser:P4ssw0rd!@xyz123.us-east-1.snowflakecomputing.com/mydb"' - - 'engine = create_engine("snowflake://admin:S3cr3tP@ss@acct987.snowflakecomputing.com/warehouse")' + - 'engine = create_engine("snowflake://admin:S3cr3tPassw0rd@acct987.snowflakecomputing.com/warehouse")' references: - https://docs.snowflake.com/en/ - https://docs.snowflake.com/en/developer-guide/python-connector/python-connector-api diff --git a/crates/kingfisher-rules/data/rules/solr.yml b/crates/kingfisher-rules/data/rules/solr.yml index f669008..8a08e60 100644 --- a/crates/kingfisher-rules/data/rules/solr.yml +++ b/crates/kingfisher-rules/data/rules/solr.yml @@ -5,7 +5,7 @@ rules: (?xi) \b solr:// - ([^:@\s]{1,64}) + [^:@\s]{1,64} : ([^@\s]{6,128}) @ diff --git a/crates/kingfisher-rules/data/rules/sparkpost.yml b/crates/kingfisher-rules/data/rules/sparkpost.yml index a2c9f89..558fa43 100644 --- a/crates/kingfisher-rules/data/rules/sparkpost.yml +++ b/crates/kingfisher-rules/data/rules/sparkpost.yml @@ -18,11 +18,7 @@ rules: confidence: medium examples: - sparkpost_api_key = "14ac5499cfdd2bb2859e4476d2e5b1d2bad079bf" - - | - headers = { - "Authorization": "3f2c1a7b5d9e8c60124fab37d8519ce20ab46d7f", - "X-Service": "sparkpost" - } + - "\"X-Service\": \"sparkpost\",\n\"Authorization\": \"3f2c1a7b5d9e8c60124fab37d8519ce20ab46d7f\"\n" references: - https://developers.sparkpost.com/api/ validation: diff --git a/crates/kingfisher-rules/data/rules/splunk.yml b/crates/kingfisher-rules/data/rules/splunk.yml index 037c671..41081b6 100644 --- a/crates/kingfisher-rules/data/rules/splunk.yml +++ b/crates/kingfisher-rules/data/rules/splunk.yml @@ -22,9 +22,9 @@ rules: min_entropy: 3.0 confidence: medium examples: - - 'SPLUNK_TOKEN1 = "C73A9E41-B2F0-4D18-A563-F9E73B012ABC"' - - 'splunk_token=a4d7e19c-3b25-4f0c-8d61-720a9b3e4f58' - - '-Dsplunk_token=D6BD1AD4-CB62-4D80-A637-593EE2B17391' + - "splunk.token = \"C73A9E41-B2F0-4D18-A563-F9E73B012ABC\"" + - "splunk.token=a4d7e19c-3b25-4f0c-8d61-720a9b3e4f58" + - "splunk.hec=D6BD1AD4-CB62-4D80-A637-593EE2B17391" references: - https://docs.splunk.com/Documentation/Splunk/8.0.2/Security/UseAuthTokens # Splunk tokens are instance-scoped UUIDs; no public SaaS endpoint exists for standalone validation. diff --git a/crates/kingfisher-rules/data/rules/statsig.yml b/crates/kingfisher-rules/data/rules/statsig.yml index d1bbd1a..af3391d 100644 --- a/crates/kingfisher-rules/data/rules/statsig.yml +++ b/crates/kingfisher-rules/data/rules/statsig.yml @@ -16,7 +16,7 @@ rules: min_entropy: 3.5 confidence: high examples: - - "STATSIG_SERVER_KEY=\"secret-K9mT4xRpWsLqZvAnBcDeFgHiJkLmNoPqRsTuVw\"" + - "STATSIG_SERVER_KEY=\"secret-K9mT4xRpWsLqZvAnBcDeFgHiJkLmNoPqRsTuVwXy\"" - "statsig.initialize(\"secret-AbCdEfGhIjKlMnOpQrStUvWxYz0123456789ABCD\", options)" references: - https://docs.statsig.com/ diff --git a/crates/kingfisher-rules/data/rules/stream.yml b/crates/kingfisher-rules/data/rules/stream.yml index 321428d..a7a10aa 100644 --- a/crates/kingfisher-rules/data/rules/stream.yml +++ b/crates/kingfisher-rules/data/rules/stream.yml @@ -45,8 +45,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "const client = stream.connect('og8lrq3kyc14', 'bgv804hi3feioqendjza50sq54t9iez8vzned3rvn3sqsei6vciey4lt3wwadyift', '71748')" - - "STREAM_SECRET=7k2m4nqpxyz89abc3def5ghijklmnopqrstuvwx012345678901234567890abc" + - "const client = stream.connect('og8lrq3kyc14', secret='bgv804hi3feioqendjza50sq54t9iez8vzned3rvn3sqsei6vciey4lt3wwadyif', '71748')" + - "stream.api_secret=7k2m4nqpxyz89abc3def5ghijklmnopqrstuvwx0123456789012345678901abc " references: - https://getstream.io/docs_rest/ - https://getstream.io/dashboard diff --git a/crates/kingfisher-rules/data/rules/surge.yml b/crates/kingfisher-rules/data/rules/surge.yml index 1b3f34c..537da91 100644 --- a/crates/kingfisher-rules/data/rules/surge.yml +++ b/crates/kingfisher-rules/data/rules/surge.yml @@ -17,8 +17,8 @@ rules: min_entropy: 3.0 confidence: high examples: - - "export SURGE_TOKEN=g0d3gdd7d6475f32bb3d0e5c91177b80" - - "SURGE_TOKEN=h1e4hee8e7586g43cc4e1f6da2288c91" + - "export SURGE_TOKEN=a0d3add7d6475f32bb3d0e5c91177b80 " + - "SURGE_TOKEN=b1e4bee8e7586a43cc4e1f6da2288c91 " references: - https://surge.sh/help/getting-started-with-surge # No public validation endpoint available. diff --git a/crates/kingfisher-rules/data/rules/tencent.yml b/crates/kingfisher-rules/data/rules/tencent.yml index 9073d21..1c74ade 100644 --- a/crates/kingfisher-rules/data/rules/tencent.yml +++ b/crates/kingfisher-rules/data/rules/tencent.yml @@ -48,8 +48,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "tencent_secret_key => '7aHHkz236LOYu0nRuBwn5PwT0x3km7LE'" - - "TENCENT_SECRET_KEY=AbCdEf1234GhIjKl5678MnOpQr90StUv" + - "tencent.secret_key => '7aHHkz236LOYu0nRuBwn5PwT0x3km7LE'" + - "tencent\nsecret_key=AbCdEf1234GhIjKl5678MnOpQr90StUv" references: - https://intl.cloud.tencent.com/product/api # No simple validation: Tencent Cloud API uses TC3-HMAC-SHA256 request diff --git a/crates/kingfisher-rules/data/rules/terraform.yml b/crates/kingfisher-rules/data/rules/terraform.yml index c3498a1..906ef48 100644 --- a/crates/kingfisher-rules/data/rules/terraform.yml +++ b/crates/kingfisher-rules/data/rules/terraform.yml @@ -16,7 +16,7 @@ rules: confidence: high examples: - "TERRAFORM_TOKEN=aBcDeF.atlasv1.AbCdEfGhIjKlMnOpQrStUvWxYz1234567890abcdefghijklmnopqrstuvwxyz0123" - - "token = \"xK9mP2.atlasv1.qRsT4wY6zA1cD3eF5gH7iJ0kLmN8oPqR2sT5uV7wX9yZ1aB3cD6eF8g\"" + - "token = \"xK9mP2.atlasv1.qRsT4wY6zA1cD3eF5aH7iJ0kLmN8oPqR2sT5uV7wX9yZ1aB3cD6eF8aB9c0d\"" references: - https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens validation: diff --git a/crates/kingfisher-rules/data/rules/thycotic.yml b/crates/kingfisher-rules/data/rules/thycotic.yml index 34bd842..130b377 100644 --- a/crates/kingfisher-rules/data/rules/thycotic.yml +++ b/crates/kingfisher-rules/data/rules/thycotic.yml @@ -19,8 +19,8 @@ rules: min_entropy: 2.5 confidence: medium examples: - - "base_url_tss='https://myorg.secretservercloud.com'\npassword = bsfijgbfbf" - - "THYCOTIC_PASSWORD=s3cur3V@ultPass" + - "base_url_tss='https://myorg.secretserver.com'\npassword = bs1ijgb2bf\n" + - "thycotic\npassword=s3cur3V@ultPass\n" references: - https://docs.delinea.com/online-help/secret-server/ # No public validation endpoint: Secret Server is self-hosted or diff --git a/crates/kingfisher-rules/data/rules/vkontakte.yml b/crates/kingfisher-rules/data/rules/vkontakte.yml index 53a1c77..b9e336d 100644 --- a/crates/kingfisher-rules/data/rules/vkontakte.yml +++ b/crates/kingfisher-rules/data/rules/vkontakte.yml @@ -14,8 +14,8 @@ rules: min_entropy: 4.0 confidence: high examples: - - "VK_TOKEN=vk1.a.DlL6WTIGQ4BrnY7s1bGmeRDTHQbR_PN4NAKOIwGORABmDrOVmM-zL4wDFT37LuH-3FlJKY1rYVdl9RT7N_qEceyhu1By" - - "vk_access_token = 'vk1.a.BcDeFgHiJkLmNoPqRsTuVwXy2345678901-_bcdefghijklmnopqrstuvwxyz1234567890BCDEFGHIJKLMNOPQRSTUVWXYZA'" + - "VK_TOKEN=vk1.a.DlL6WTIGQ4BrnY7s1bGmeRDTHQbR_PN4NAKOIwGORABmDrOVmM-zL4wDFT37LuH-3FlJKY1rYVdl9RT7N_qEceyhu1ByAbCdEfGh" + - "vk_access_token = 'vk1.a.BcDeFgHiJkLmNoPqRsTuVwXy2345678901-_bcdefghijklmnopqrstuvwxyz1234567890BCDEFGHIJKLMNOPQRSTUVWXYZAabc'" references: - https://dev.vk.com/en/api/access-token/getting-started validation: diff --git a/crates/kingfisher-rules/data/rules/vonage.yml b/crates/kingfisher-rules/data/rules/vonage.yml index dd6469a..acd701e 100644 --- a/crates/kingfisher-rules/data/rules/vonage.yml +++ b/crates/kingfisher-rules/data/rules/vonage.yml @@ -47,8 +47,8 @@ rules: min_entropy: 3.2 confidence: medium examples: - - "nexmo api_secret='bjrDnPt6HrfVjzDv'" - - "VONAGE_API_SECRET=K9mT4xRpWsLqZvAn" + - "nexmo api_secret='bjrDnPt67HrfVjzD'" + - "vonage\napi_secret=K9mT4xRpWsLqZvAn" references: - https://developer.vonage.com/en/getting-started/overview - https://developer.nexmo.com/api/account#secret-management diff --git a/crates/kingfisher-rules/data/rules/webex.yml b/crates/kingfisher-rules/data/rules/webex.yml index 957a068..a66d125 100644 --- a/crates/kingfisher-rules/data/rules/webex.yml +++ b/crates/kingfisher-rules/data/rules/webex.yml @@ -45,8 +45,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "webex_secret = 8ab9b3c77035e1121e2d7d64529749682b3ce5b93dc1f1e6677f0800dcf00d1e" - - "WEBEX_CLIENT_SECRET=1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b" + - "webex.secret = 8ab9b3c77035e1121e2d7d64529749682b3ce5b93dc1f1e6677f0800dcf00d1e" + - "webex\nclient_secret=1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b" references: - https://developer.webex.com/docs/platform-introduction - https://developer.webex.com/docs/integrations diff --git a/crates/kingfisher-rules/data/rules/wechat.yml b/crates/kingfisher-rules/data/rules/wechat.yml index d84d055..0cf4f0e 100644 --- a/crates/kingfisher-rules/data/rules/wechat.yml +++ b/crates/kingfisher-rules/data/rules/wechat.yml @@ -40,8 +40,8 @@ rules: min_entropy: 3.0 confidence: medium examples: - - "wechatkey = 9bdaebb9594bff61b28073d91213af23" - - "WECHAT_APP_SECRET=1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d" + - "wechat.key = 9bdaebb9594bff61b28073d91213af23" + - "wechat\napp_secret=1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d" references: - https://open.weixin.qq.com/?lang=en - https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Get_access_token.html diff --git a/crates/kingfisher-rules/data/rules/workato.yml b/crates/kingfisher-rules/data/rules/workato.yml index 475b3ec..d50c1f7 100644 --- a/crates/kingfisher-rules/data/rules/workato.yml +++ b/crates/kingfisher-rules/data/rules/workato.yml @@ -25,7 +25,7 @@ rules: confidence: medium examples: - 'WORKATO_API_TOKEN="wrka-eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkZXBsb3ktYm90IiwianRpIjoiY2kxMjM0NTY3LXRlc3QiLCJleHAiOjIwMDAwMDAwMDB9.aQ1bC2dE3fG4hI5jK6lM7nO8pQ9rS0tU1vW2xY3zA4bC5dE6fG7hI8jK9lM0nP1qR2sT3uV4wX5yZ6aB7cD8eF9gH0iJ1kL2mN3oP4qR5sT6uV7wX8yZ9AbCdEfGhIjKlMnOpQr"' - - 'Authorization: Bearer wrkaeu-eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJldS1jbGllbnQiLCJqdGkiOiI1YzYxZTkwYi1kZW1vLWtleSIsImV4cCI6MjA1MDAwMDAwMH0.Rs7tUv8wXy9ZaBcDeFgHiJkLmNoPqRsTuVwXyZaBcDeFgHiJkLmNoPqRsTuVwXyZaBcDeFgHiJkLmNoPqRsTuVwXyZaBcDeFgHiJkLmNoPqRsTuVwXyZaBcD"' + - 'Authorization: Bearer wrka-eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJjbGllbnQiLCJqdGkiOiI1YzYxZTkwYi1kZW1vLWtleSIsImV4cCI6MjA1MDAwMDAwMH0.Rs7t_v8wXy9ZaBcDeFgHiJkLmNoPqRsTuVwXyZaBcDeFgHiJkLmNoPqRsTuVwXyZaBcDeFgHiJkLmNoPqRsTuVwXyZaBcDeFgHiJkLmNoPqRsTuVw-yZaBcD"' references: - https://docs.workato.com/workato-api.html - https://docs.workato.com/workato-api/users.html diff --git a/crates/kingfisher-rules/data/rules/yahoo.yml b/crates/kingfisher-rules/data/rules/yahoo.yml index f0a90ec..4068124 100644 --- a/crates/kingfisher-rules/data/rules/yahoo.yml +++ b/crates/kingfisher-rules/data/rules/yahoo.yml @@ -40,8 +40,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - "Yahoo Client Secret 33g773dbe8bg319d86666d4b6137fg4ece272431" - - "YAHOO_CLIENT_SECRET=44h884ecf9ch42ae97777e5c7248gh5fdf383542" + - "Yahoo Client Secret 33a773dbe8ba319d86666d4b6137fa4ece272431 " + - "Yahoo Client Secret 44b884ecf9cb42ae97777e5c7248ab5fdf383542 " references: - https://developer.yahoo.com/oauth2/guide/ # No simple validation: Yahoo OAuth2 requires both client_id and diff --git a/crates/kingfisher-rules/data/rules/yousign.yml b/crates/kingfisher-rules/data/rules/yousign.yml index 49e20ed..13623bf 100644 --- a/crates/kingfisher-rules/data/rules/yousign.yml +++ b/crates/kingfisher-rules/data/rules/yousign.yml @@ -17,8 +17,8 @@ rules: min_entropy: 3.0 confidence: high examples: - - "yousign_api_key = \"8ib7d4cgd4483472fb898df8f520eb10\";" - - "YOUSIGN_API_KEY=9jc8e5dhe5594583gc909e09g631fc21" + - "yousign_api_key = \"8ab7d4ced4483472fb898df8f520eb10\";" + - "YOUSIGN_API_KEY=9ac8e5def5594583ec909e09a631fc21 " references: - https://developers.yousign.com/ validation: diff --git a/crates/kingfisher-rules/data/rules/zoom.yml b/crates/kingfisher-rules/data/rules/zoom.yml index 9a6bb53..aa4034b 100644 --- a/crates/kingfisher-rules/data/rules/zoom.yml +++ b/crates/kingfisher-rules/data/rules/zoom.yml @@ -49,8 +49,8 @@ rules: min_entropy: 3.5 confidence: medium examples: - - ZOOM_AUTH_SECRET=9NeGUzYkSjRupIF5pt93m2D1w17fOjI8 - - '"ZOOM_API_SECRET": "ihPmh3dnXxn3Cd7s3UVZoCDvVEef1f1Q"' + - "zoom.auth_secret=9NeGUzYkSjRupIF5pt93m2D1w17fOjI8" + - "zoom\napi_secret=\"ihPmh3dnXxn3Cd7s3UVZoCDvVEef1f1Q\"" references: - https://developers.zoom.us/docs/integrations/ - https://developers.zoom.us/docs/integrations/oauth-scopes-overview/ diff --git a/src/main.rs b/src/main.rs index 26d3bba..92e9a94 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,17 +1,25 @@ // ──────────────────────────────────────────────────────────── // Global allocator setup -// * Default - mimalloc on Linux/Windows, system on Darwin/other targets -// * Opt-in - mimalloc (`use-mimalloc` feature) -// * Opt-in - jemalloc (`use-jemalloc` feature) -// * Explicit - system allocator (`system-alloc` feature) +// * Default - mimalloc (`use-mimalloc`) +// * Opt-in - jemalloc (`use-jemalloc`) for one-off debugging +// * Explicit - system allocator on Darwin (`system-alloc`) // ──────────────────────────────────────────────────────────── +#[cfg(all(feature = "use-jemalloc", feature = "system-alloc"))] +compile_error!("`use-jemalloc` and `system-alloc` are mutually exclusive"); + +#[cfg(all(feature = "use-jemalloc", feature = "use-mimalloc"))] +compile_error!("`use-jemalloc` and `use-mimalloc` are mutually exclusive"); + +#[cfg(all(feature = "system-alloc", not(target_os = "macos")))] +compile_error!("`system-alloc` is only supported on Darwin targets"); + // --- jemalloc (opt-in) --- #[cfg(feature = "use-jemalloc")] #[global_allocator] static GLOBAL: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc; -// --- mimalloc (default on Linux/Windows, opt-in elsewhere) --- +// --- mimalloc (default) --- #[cfg(all( not(feature = "use-jemalloc"), not(feature = "system-alloc"), @@ -20,7 +28,7 @@ static GLOBAL: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc; #[global_allocator] static GLOBAL: mimalloc::MiMalloc = mimalloc::MiMalloc; -// --- system allocator (default on Darwin/other targets, explicit elsewhere) --- +// --- system allocator (fallback, explicit on Darwin) --- #[cfg(any( feature = "system-alloc", all(