kingfisher/crates/kingfisher-rules/data/rules/thycotic.yml

rules:
  - name: Thycotic / Delinea Secret Server Credentials
    id: kingfisher.thycotic.1
    pattern: |
      (?xi)
      \b
      (?:secretserver|thycotic|delinea)
      (?:.|[\n\r]){0,128}?
      \b(?:password|passwd|pass|pwd)\b
      (?:.|[\n\r]){0,16}?
      [=:"'\s]
      ['"]*
      (
        [^\s"']{6,128}
      )
      ['"\s]
    pattern_requirements:
      min_digits: 1
    min_entropy: 2.5
    confidence: medium
    examples:
      - "base_url_tss='https://myorg.secretserver.com'\npassword = bs1ijgb2bf\n"
      - "thycotic\npassword=s3cur3V@ultPass\n"
    references:
      - https://docs.delinea.com/online-help/secret-server/
    # No public validation endpoint: Secret Server is self-hosted or
    # tenant-specific and requires an instance URL to validate.