- Improved rules: github oauth2, diffbot, mailchimp, aws

- Added validation to SauceLabs rule - Added rules: shodan, bitly, flickr
2025-08-29 17:24:26 -07:00 · 2025-08-29 17:24:26 -07:00 · b2b5791190
commit b2b5791190
parent 96f1784953
13 changed files with 487 additions and 55 deletions
--- a/data/rules/github.yml
+++ b/data/rules/github.yml
@ -166,6 +166,7 @@ rules:
      (?: id | identifier | key )
      .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2}
      \b ([a-z0-9]{20}) \b
+    visible: false
    examples:
      - |
        GITHUB_CLIENT_ID=ac58d6da7d7a84c039b7
@ -181,6 +182,26 @@ rules:
      (?: key | oauth | sec | secret )?
      .{0,2} \s{0,20} .{0,2} \s{0,20} .{0,2}
      \b ([a-z0-9]{40}) \b
+    depends_on_rule:
+      - rule_id: "kingfisher.github.5"
+        variable: GITHUB_CLIENT_ID
+    validation:
+      type: Http
+      content:
+        request:
+          method: POST
+          url: "https://github.com/login/oauth/access_token"
+          headers:
+            Accept: "application/json"
+            Content-Type: "application/json"
+          body: '{"client_id":"{{GITHUB_CLIENT_ID}}","client_secret":"{{TOKEN}}","code":"invalid_code"}'
+          response_matcher:
+            - report_response: true
+            - type: StatusMatch
+              status: [200]
+            - type: WordMatch
+              words:
+                - '"error":"bad_verification_code"'
    examples:
      - |
        GITHUB_CLIENT_ID=ac58d6da7d7a84c039b7