eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
247 commits 5 branches 83 tags 53 MiB
Commit graph

83 commits

Author SHA1 Message Date
Mick Grove
d74c86818a added rule for Vercel 2025-08-13 15:35:04 -07:00
Mick Grove
a062e82728 fixed test 2025-08-13 09:20:36 -07:00
Mick Grove
12e9a01b5e Improved Tailscale api key detectors 2025-08-13 09:13:50 -07:00
Mick Grove
e7a8da6b3c Dropped the “prevalidated” flag from rule definitions and validation logic so every finding now flows through the standard active/inactive/unknown pipeline, simplifying rule configuration and preventing special‑case bypasses 2025-08-13 08:22:53 -07:00
Mick Grove
979bc469c5 - --quiet now suppresses scan summaries and rule statistics unless --rule-stats is explicitly provided 
- Added X Consumer key detection and validation
 2025-08-09 15:52:00 -07:00
Mick Grove
e53ad9f309 Added X Consumer key detection and validation 2025-08-09 08:45:27 -07:00
Mick Grove
b71fb5e6e2 JWT tokens without both 'iss' and 'aud' are no longer reported as active credentials 2025-08-07 17:21:16 -07:00
Mick Grove
de181634cb Fixed GitHub organization and GitLab group scans when using '--git-history=none' 2025-08-07 16:13:57 -07:00
Mick Grove
57ba607a33 Fixed validation logic for clarifai rule 2025-08-06 21:31:02 -07:00
Mick Grove
d9b90fbc50 fixing github action failure for linux-arm6 when making deb 2025-08-05 18:06:09 -07:00
Mick Grove
c2e227a832 Updated Supabase rule to detect project url's and validate their corresponding tokens 2025-08-05 16:25:22 -07:00
Mick Grove
756fd89097 - Use system TLS root certificates to support self-hosted GitLab instances with internal CAs 
- Added new rule: Coze personal access token
 2025-08-05 14:45:51 -07:00
Mick Grove
664cfd0e5c - Fixed header precedence so custom HTTP validation headers like "Accept" are preserved 
- Added new Heroku rule
 2025-08-04 19:32:19 -07:00
Mick Grove
27b37245e7 refactored output reporting and formatting logic 2025-08-04 08:58:06 -07:00
Mick Grove
ef51e77e24 updating s3 feature 2025-08-03 20:59:58 -07:00
Mick Grove
3a3db4a7d3 New rule: Groq 2025-08-01 17:07:13 -07:00
Mick Grove
8a74eba160 - New rules: Telegram bot token, OpenWeatherMap, Apify 
- New OpenAI detectors added (@joshlarsen)
- Fixed bug that broke validation when using unnamed group captures
 2025-08-01 16:56:04 -07:00
Mick Grove
4e4bf28723
 		Update data/rules/openai.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-01 15:31:29 -07:00
Josh Larsen
bcc3153700
 		add newer OpenAI API key formats 2025-08-01 15:04:37 -04:00
Mick Grove
f0a99dcfcd bug fixes in response to code review. Also added support for ed25519 coinbase cdp api keys 2025-07-31 18:29:21 -07:00
Mick Grove
51bc64339c - Fixed issue when more than 1 named capture group is used in a rule variable 
- Added 2 new liquid template filters: 'b64dec' and 'es256_sign'
- Added custom validator for Coinbase, and a Coinbase rule that uses it
 2025-07-31 16:52:50 -07:00
Mick Grove
9a3fabdbf2 WIP: Adding support for scanning Docker images 2025-07-27 12:20:20 -07:00
Mick Grove
bb78d90067 added buildkite rule 2025-07-26 22:01:49 -07:00
Mick Grove
e5942822c6 added buildkite rule 2025-07-26 22:00:35 -07:00
Mick Grove
33592fbc65 added buildkite rule 2025-07-26 22:00:05 -07:00
Mick Grove
5c8f7d88ef Added support for scanning issues returned from a JQL search using --jira-url and --jql 2025-07-25 17:23:18 -07:00
Mick Grove
a708fc6eea Added ElevenLabs rule 2025-07-25 10:31:17 -07:00
Mick Grove
793b9e847c Fixed Gitlab support. Added pre-commit and pre-receive installation scripts. 2025-07-23 19:57:33 -07:00
Mick Grove
31af8d88f0 Fixed bug in Makefile hen setting PROJECT_NAME 2025-07-21 22:52:05 -07:00
Mick Grove
1ca84d5f45 Fixed bug in Makefile hen setting PROJECT_NAME 2025-07-21 22:43:29 -07:00
Mick Grove
c4e3e5d1d7 - Now generating DEB and RPM packages 
- Now releasing Docker images, and updated README
- Added rule for Scale, Deepgram, AssemblyAI
 2025-07-21 15:21:10 -07:00
Mick Grove
8f587f62de Updating GitHub Action to generate Docker image. Added rules for Diffbot, ai21, baseten. Fixed supabase rule. Added 'alg' to JWT validation output 2025-07-18 15:26:18 -07:00
Mick Grove
9ed88453ff fixed 1password rule id 2025-07-17 15:25:10 -07:00
Mick Grove
bea92dcfd4 fixed issues found by pr review 2025-07-17 15:19:03 -07:00
Mick Grove
572d8146e7 upgraded cargo dependencies 2025-07-17 14:31:09 -07:00
Mick Grove
30f87c3e76 Added rule for Runway 2025-07-17 13:52:26 -07:00
Mick Grove
763ddac28b Added rule for Replicate 2025-07-17 13:28:59 -07:00
Mick Grove
f9c32a3d34 Added rules for Cohere and Stability.ai 2025-07-17 13:18:54 -07:00
Mick Grove
682766323c Added rules for Cohere and Stability.ai 2025-07-17 11:30:36 -07:00
Mick Grove
7b161030a3 Added rule for Google Gemini AI 2025-07-17 11:07:44 -07:00
Mick Grove
d261e9cb0e Added dockerfile and github action to build and publish it 2025-07-15 16:42:22 -07:00
Mick Grove
93f1e3b1da JWT validation performs OpenID Connect discovery using the iss claim and verifies signatures via JWKS 2025-07-14 15:31:44 -07:00
Mick Grove
f028180871 Merge remote-tracking branch 'origin/main' into development 
* origin/main:
  fix(digitalocean): regex is case-sensitive
  feat(adafruitio): improve pattern matching
 2025-07-14 13:27:18 -07:00
Mick Grove
eb4407784d
 		Merge pull request #35 from bored-engineer/patch-2 
fix(digitalocean): regex is case-sensitive
 2025-07-14 13:25:02 -07:00
Luke Young
027e6191c7
 		fix(digitalocean): regex is case-sensitive 2025-07-13 17:27:44 -07:00
Luke Young
7c8643db1a
 		feat(adafruitio): improve pattern matching 2025-07-13 17:09:15 -07:00
Mick Grove
0ab21ace99 improved azure storage rule. Added rule to detect TravisCI encrypted values 2025-07-12 22:44:34 -07:00
Mick Grove
b2a4263669 Added PR review suggestions 2025-07-09 16:00:54 -07:00
Mick Grove
dcb2191fe8 Added validation for Alibaba rule 2025-07-09 15:03:07 -07:00
Mick Grove
cd4f626502 Added support for HTTP request bodies in rule validation. Added mistral and perplexity rule 2025-07-08 17:49:12 -07:00