forked from mirrors/kingfisher
52 lines
1.4 KiB
YAML
52 lines
1.4 KiB
YAML
rules:
|
|
- name: Apollo API Key
|
|
id: kingfisher.apollo.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
apollo
|
|
(?:.|[\n\r]){0,16}?
|
|
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[A-Z0-9_-]{22}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_uppercase: 1
|
|
min_lowercase: 1
|
|
min_entropy: 3.0
|
|
confidence: medium
|
|
examples:
|
|
- 'APOLLO_API_KEY="ZNh-14foqIiscbz24oKwww"'
|
|
- apollo_key=8ku3EoDJxz8fOSCdxYozdA
|
|
- apollo.io api_key oD8GCL8MNZIyg0tzeSDuhw
|
|
references:
|
|
- https://docs.apollo.io/reference/people-api-search
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: POST
|
|
url: "https://api.apollo.io/api/v1/mixed_people/api_search"
|
|
headers:
|
|
accept: "application/json"
|
|
content-type: "application/json"
|
|
x-api-key: "{{ TOKEN }}"
|
|
body: |
|
|
{"page":1,"per_page":1}
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200, 403]
|
|
- type: WordMatch
|
|
words:
|
|
- '"total_entries"'
|
|
- '"API_INACCESSIBLE"'
|
|
match_all_words: false
|
|
- type: WordMatch
|
|
negative: true
|
|
words:
|
|
- '"Invalid access credentials"'
|