eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
313 commits 5 branches 83 tags 53 MiB
Commit graph

110 commits

Author SHA1 Message Date
Mick Grove
2ee204ce3c updated jwt rule 2025-09-04 23:31:34 -07:00
Mick Grove
e03ab5972d fix ci build error 2025-08-31 10:27:16 -07:00
Mick Grove
3bed8b36f2 Fix changes in response to code review 2025-08-30 20:07:31 -07:00
Mick Grove
984231e25c Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance 2025-08-30 16:44:55 -07:00
Mick Grove
b2b5791190 - Improved rules: github oauth2, diffbot, mailchimp, aws 
- Added validation to SauceLabs rule
- Added rules: shodan, bitly, flickr
 2025-08-29 17:24:26 -07:00
Mick Grove
96f1784953 changes in response to code review 2025-08-27 15:43:31 -07:00
Mick Grove
332f2c59f9 added top level 'self-update' cli sub command to update the binary independently. Now supports updating over homebrew managed binary 2025-08-27 15:35:01 -07:00
Mick Grove
c2de3bc25c added rules for zhipu 2025-08-27 12:43:41 -07:00
Mick Grove
d1bd843567 added rules for together.ai 2025-08-27 12:20:44 -07:00
Mick Grove
4194b01306 added rules for nvidia nim 2025-08-27 11:39:32 -07:00
Mick Grove
49640c5338 added rules for cerbras, friendli, fireworks.ai 2025-08-27 11:25:39 -07:00
Mick Grove
8135bf6b37 Added rule for 'weights and biases' 2025-08-27 10:20:04 -07:00
Mick Grove
bbbb0f33bb added ollama rule 2025-08-26 10:22:18 -07:00
Mick Grove
96293385f5 - Improved rules: AWS, pem 2025-08-22 16:16:00 -07:00
Mick Grove
6f06b1acb3 mproved AWS rule 2025-08-22 13:26:54 -07:00
Mick Grove
f51abc00b0 fixed failing tests 2025-08-21 16:13:03 -07:00
Mick Grove
29e09906b7 fixed failing tests 2025-08-21 16:11:34 -07:00
Mick Grove
245fb20670 - Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' 
- Added rules for sendbird, mattermost, langchain, notion
- JWT validation hardened to reject alg:none by default (only allowed if explicitly configured), require iss for OIDC/JWKS verification, ensuring Active Credential means cryptographically verified and time-valid, not just unexpired
- Updated the Git cloning logic to include all refs and minimize clone output, allowing Kingfisher to analyze pull request and deleted branch history
 2025-08-21 15:39:04 -07:00
Mick Grove
c3257a7e6f fixed example in rule 2025-08-18 23:32:15 -07:00
Mick Grove
41a4ebb60f - Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key 
- Grouped JSON and JSONL outputs by rule, restoring matches arrays in reports
 2025-08-18 22:56:34 -07:00
Mick Grove
23c727f57d added more rules 2025-08-16 20:36:22 -07:00
Mick Grove
768d9c7899 added more rules 2025-08-16 20:23:27 -07:00
Mick Grove
0d89e682da added more rules 2025-08-16 14:54:01 -07:00
Mick Grove
a5c9c442d9 added clickhouse rule and validation 2025-08-16 08:41:39 -07:00
Mick Grove
f645212c57 removed serde_utils and added Authress rule 2025-08-16 07:35:52 -07:00
Mick Grove
6619705459 removed serde_utils and added Authress rule 2025-08-16 07:33:36 -07:00
Mick Grove
b259771ca9 fixed aiven regex to pass test 2025-08-14 10:17:16 -07:00
Mick Grove
d74c86818a added rule for Vercel 2025-08-13 15:35:04 -07:00
Mick Grove
a062e82728 fixed test 2025-08-13 09:20:36 -07:00
Mick Grove
12e9a01b5e Improved Tailscale api key detectors 2025-08-13 09:13:50 -07:00
Mick Grove
e7a8da6b3c Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses 2025-08-13 08:22:53 -07:00
Mick Grove
979bc469c5 - --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided 
- Added X Consumer key detection and validation
 2025-08-09 15:52:00 -07:00
Mick Grove
e53ad9f309 Added X Consumer key detection and validation 2025-08-09 08:45:27 -07:00
Mick Grove
b71fb5e6e2 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:21:16 -07:00
Mick Grove
de181634cb Fixed GitHub organization and GitLab group scans when using '--git-history=none' 2025-08-07 16:13:57 -07:00
Mick Grove
57ba607a33 Fixed validation logic for clarifai rule 2025-08-06 21:31:02 -07:00
Mick Grove
d9b90fbc50 fixing github action failure for linux-arm6 when making deb 2025-08-05 18:06:09 -07:00
Mick Grove
c2e227a832 Updated Supabase rule to detect project url's and validate their corresponding tokens 2025-08-05 16:25:22 -07:00
Mick Grove
756fd89097 - Use system TLS root certificates to support self-hosted GitLab instances with internal CAs 
- Added new rule: Coze personal access token
 2025-08-05 14:45:51 -07:00
Mick Grove
664cfd0e5c - Fixed header precedence so custom HTTP validation headers like "Accept" are preserved 
- Added new Heroku rule
 2025-08-04 19:32:19 -07:00
Mick Grove
27b37245e7 refactored output reporting and formatting logic 2025-08-04 08:58:06 -07:00
Mick Grove
ef51e77e24 updating s3 feature 2025-08-03 20:59:58 -07:00
Mick Grove
3a3db4a7d3 New rule: Groq 2025-08-01 17:07:13 -07:00
Mick Grove
8a74eba160 - New rules: Telegram bot token, OpenWeatherMap, Apify 
- New OpenAI detectors added (@joshlarsen)
- Fixed bug that broke validation when using unnamed group captures
 2025-08-01 16:56:04 -07:00
Mick Grove
4e4bf28723
 		Update data/rules/openai.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-01 15:31:29 -07:00
Josh Larsen
bcc3153700
 		add newer OpenAI API key formats 2025-08-01 15:04:37 -04:00
Mick Grove
f0a99dcfcd bug fixes in response to code review. Also added support for ed25519 coinbase cdp api keys 2025-07-31 18:29:21 -07:00
Mick Grove
51bc64339c - Fixed issue when more than 1 named capture group is used in a rule variable 
- Added 2 new liquid template filters: 'b64dec' and 'es256_sign'
- Added custom validator for Coinbase, and a Coinbase rule that uses it
 2025-07-31 16:52:50 -07:00
Mick Grove
9a3fabdbf2 WIP: Adding support for scanning Docker images 2025-07-27 12:20:20 -07:00
Mick Grove
bb78d90067 added buildkite rule 2025-07-26 22:01:49 -07:00