added more rules

2025-08-16 20:23:27 -07:00 · 2025-08-16 20:23:27 -07:00 · 6d669b4bb7
commit 6d669b4bb7
parent a2965bcf47
16 changed files with 529 additions and 3 deletions
--- a/data/rules/stackhawk.yml
+++ b/data/rules/stackhawk.yml
@ -0,0 +1,26 @@
+rules:
+  - name: StackHawk API Key
+    id: kingfisher.stackhawk.1
+    pattern: '\b(hawk\.[0-9A-Za-z_-]{20}\.[0-9A-Za-z_-]{20})\b'
+    confidence: medium
+    min_entropy: 3.0
+    examples:
+      - 'HAWK_API_KEY="hawk.nHAOHdJjXoNyzAcTDC5M.R2gqQh2aCesrh0yCGB7q"'
+    references:
+      - https://docs.stackhawk.com/apidocs.html
+      - https://apidocs.stackhawk.com/reference/getuser
+    validation:
+      type: Http
+      content:
+        request:
+          method: GET
+          url: "https://api.stackhawk.com/api/v1/auth/user"
+          headers:
+            X-Api-Key: "{{TOKEN}}"
+          response_matcher:
+            - report_response: true
+            - type: StatusMatch
+              status: [200]
+            - type: WordMatch
+              words:
+                - '"user":'