kingfisher

Author	SHA1	Message	Date
Mick Grove	645bfa2e01	Populate the finding path from git blob metadata so history-derived secrets display their file location instead of an empty path	2025-09-24 10:06:47 -07:00
Mick Grove	def9e5d18c	updated rule for AWS Secret Access key	2025-09-10 13:29:19 -07:00
Mick Grove	6a1d9e4142	- Enabled MongoDB URI validation - AWS + GCP validators now respect HTTPS_PROXY and share a consistent user agent across AWS, GCP, and HTTP validation	2025-09-09 16:45:02 -07:00
Mick Grove	9b6c67c243	updated jwt rule	2025-09-04 23:31:34 -07:00
Mick Grove	dcd0460e8a	fix ci build error	2025-08-31 10:27:16 -07:00
Mick Grove	43fce5159a	Fix changes in response to code review	2025-08-30 20:07:31 -07:00
Mick Grove	9de355a5c8	Decode Base64 blobs and scan their contents for secrets while skipping short strings for performance	2025-08-30 16:44:55 -07:00
Mick Grove	e54dbe90d0	- Improved rules: github oauth2, diffbot, mailchimp, aws - Added validation to SauceLabs rule - Added rules: shodan, bitly, flickr	2025-08-29 17:24:26 -07:00
Mick Grove	4f77706d0c	changes in response to code review	2025-08-27 15:43:31 -07:00
Mick Grove	b3f80d7a33	added top level 'self-update' cli sub command to update the binary independently. Now supports updating over homebrew managed binary	2025-08-27 15:35:01 -07:00
Mick Grove	c4cda65690	added rules for zhipu	2025-08-27 12:43:41 -07:00
Mick Grove	8798d799f9	added rules for together.ai	2025-08-27 12:20:44 -07:00
Mick Grove	41b237740b	added rules for nvidia nim	2025-08-27 11:39:32 -07:00
Mick Grove	0bd7a428f6	added rules for cerbras, friendli, fireworks.ai	2025-08-27 11:25:39 -07:00
Mick Grove	1945d65a70	Added rule for 'weights and biases'	2025-08-27 10:20:04 -07:00
Mick Grove	b54f9894c2	added ollama rule	2025-08-26 10:22:18 -07:00
Mick Grove	78b9f3dd8d	- Improved rules: AWS, pem	2025-08-22 16:16:00 -07:00
Mick Grove	ef4cb03226	mproved AWS rule	2025-08-22 13:26:54 -07:00
Mick Grove	71d0e02fc4	fixed failing tests	2025-08-21 16:13:03 -07:00
Mick Grove	36d9ba54a1	fixed failing tests	2025-08-21 16:11:34 -07:00
Mick Grove	81d2f47c67	- Added '--repo-artifacts' flag to scan repository issues, gists/snippets, and wikis when cloning via '--git-url' - Added rules for sendbird, mattermost, langchain, notion - JWT validation hardened to reject alg:none by default (only allowed if explicitly configured), require iss for OIDC/JWKS verification, ensuring Active Credential means cryptographically verified and time-valid, not just unexpired - Updated the Git cloning logic to include all refs and minimize clone output, allowing Kingfisher to analyze pull request and deleted branch history	2025-08-21 15:39:04 -07:00
Mick Grove	4602ea8754	fixed example in rule	2025-08-18 23:32:15 -07:00
Mick Grove	951b62d61e	- Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key - Grouped JSON and JSONL outputs by rule, restoring matches arrays in reports	2025-08-18 22:56:34 -07:00
Mick Grove	262adf658b	added more rules	2025-08-16 20:36:22 -07:00
Mick Grove	6d669b4bb7	added more rules	2025-08-16 20:23:27 -07:00
Mick Grove	a2965bcf47	added more rules	2025-08-16 14:54:01 -07:00
Mick Grove	1d2522882a	added clickhouse rule and validation	2025-08-16 08:41:39 -07:00
Mick Grove	7b08f5d447	removed serde_utils and added Authress rule	2025-08-16 07:35:52 -07:00
Mick Grove	6fb119d501	removed serde_utils and added Authress rule	2025-08-16 07:33:36 -07:00
Mick Grove	a3a7efb96e	fixed aiven regex to pass test	2025-08-14 10:17:16 -07:00
Mick Grove	e83b171694	added rule for Vercel	2025-08-13 15:35:04 -07:00
Mick Grove	deef538835	fixed test	2025-08-13 09:20:36 -07:00
Mick Grove	f90c0a6eff	Improved Tailscale api key detectors	2025-08-13 09:13:50 -07:00
Mick Grove	8c71eae231	Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses	2025-08-13 08:22:53 -07:00
Mick Grove	9275fb5541	- --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided - Added X Consumer key detection and validation	2025-08-09 15:52:00 -07:00
Mick Grove	f1c3bcb56a	Added X Consumer key detection and validation	2025-08-09 08:45:27 -07:00
Mick Grove	ac5b9fb594	JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials	2025-08-07 17:21:16 -07:00
Mick Grove	63125b3a7f	Fixed GitHub organization and GitLab group scans when using '--git-history=none'	2025-08-07 16:13:57 -07:00
Mick Grove	fb2b91595b	Fixed validation logic for clarifai rule	2025-08-06 21:31:02 -07:00
Mick Grove	a502375f78	fixing github action failure for linux-arm6 when making deb	2025-08-05 18:06:09 -07:00
Mick Grove	646e6175d2	Updated Supabase rule to detect project url's and validate their corresponding tokens	2025-08-05 16:25:22 -07:00
Mick Grove	5931847300	- Use system TLS root certificates to support self-hosted GitLab instances with internal CAs - Added new rule: Coze personal access token	2025-08-05 14:45:51 -07:00
Mick Grove	28fd24c9b4	- Fixed header precedence so custom HTTP validation headers like "Accept" are preserved - Added new Heroku rule	2025-08-04 19:32:19 -07:00
Mick Grove	bc05c3e5f2	refactored output reporting and formatting logic	2025-08-04 08:58:06 -07:00
Mick Grove	bbe1c38c93	updating s3 feature	2025-08-03 20:59:58 -07:00
Mick Grove	11b7fac03b	New rule: Groq	2025-08-01 17:07:13 -07:00
Mick Grove	46d0ecce3b	- New rules: Telegram bot token, OpenWeatherMap, Apify - New OpenAI detectors added (@joshlarsen) - Fixed bug that broke validation when using unnamed group captures	2025-08-01 16:56:04 -07:00
Mick Grove	e1533118c0	Update data/rules/openai.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-08-01 15:31:29 -07:00
Josh Larsen	87871055b9	add newer OpenAI API key formats	2025-08-01 15:04:37 -04:00
Mick Grove	902446d754	bug fixes in response to code review. Also added support for ed25519 coinbase cdp api keys	2025-07-31 18:29:21 -07:00

1 2 3

113 commits