eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/crates/kingfisher-rules/data/rules/hashicorp.yml

143 lines
3.7 KiB
YAML
Raw Permalink Blame History

rules:
- name: Hashicorp Vault Service Token (< v1.10)
id: kingfisher.hashicorp.1
pattern: |
(?x)
(?i: hashicorp | vault | token | key | secret )
(?:.|[\n\r]){0,32}?
\b
(
s\.[A-Za-z0-9_-]{24,128}
)
\b
pattern_requirements:
min_digits: 2
confidence: medium
min_entropy: 3.0
examples:
- 'VAULT_CLIENT_TOKEN="s.Z4bTMtngfLeQ18AqVoBBkUAOD1"'
- 'vaultToken="s.CAESIP2jTxc9S3K7Z6CtcFWQv7-044m_oS.0H3nF89l3GiYKHGh3cy5sQmlIZVNyTWJNcDRsYWJpQjlhYjVlb2cQh6PL8wEYAg"`'
references:
- https://developer.hashicorp.com/vault/docs/concepts/tokens
- name: Hashicorp Vault Batch Token (< v1.10)
id: kingfisher.hashicorp.2
pattern: |
(?x)
(?i: hashicorp | vault | token | key | secret )
["':=\ ]{0,5}
(b\.[A-Za-z0-9_-]{24,500})
(?: [^A-Za-z0-9_-] | $ )
pattern_requirements:
min_digits: 2
examples:
- 'VAULT_CLIENT_TOKEN="b.Z4bTMtngfLeQ18AqVoBBkUAOD1"'
confidence: medium
min_entropy: 3.0
references:
- https://developer.hashicorp.com/vault/docs/concepts/tokens
- name: Hashicorp Vault Recovery Token (< v1.10)
id: kingfisher.hashicorp.3
pattern: |
(?x)
(?i: hashicorp | vault | token | key | secret )
["':=\ ]{0,5}
(r\.[A-Za-z0-9_-]{24,500})
(?: [^A-Za-z0-9_-] | $ )
pattern_requirements:
min_digits: 2
examples:
- 'VAULT_CLIENT_TOKEN="r.Z4bTMtngfLeQ18AqVoBBkUAOD1"'
confidence: medium
min_entropy: 3.0
references:
- https://developer.hashicorp.com/vault/docs/concepts/tokens
- https://developer.hashicorp.com/vault/docs/concepts/recovery-mode
- name: Hashicorp Vault Service Token (>= v1.10)
id: kingfisher.hashicorp.4
pattern: |
(?x)
(hvs\.[A-Za-z0-9]{24,130})
(?: [^A-Za-z0-9_-] | $ )
pattern_requirements:
min_digits: 2
examples:
- "apikey: hvs.JGbZZaCkOSgsZ56uhGlTK2zyC1j2mwhy0VLp4"
confidence: medium
min_entropy: 3.0
references:
- https://developer.hashicorp.com/vault/docs/concepts/tokens
- name: Hashicorp Vault Batch Token (>= v1.10)
id: kingfisher.hashicorp.5
pattern: |
(?x)
(hvb\.[A-Za-z0-9_-]{24,500})
(?: [^A-Za-z0-9_-] | $ )
pattern_requirements:
min_digits: 2
examples:
- "apikey: hvb.JGbZZaCkOSgsZ56uhGlTK2zyC1j2mwhy0VLp4"
- "hvb.AAAAAQJgxDgqsGNorpoOR8hPZ5SU-ynBvCl764jyRP_fnX8WvkdkDzGjbLNGdPdtlY32Als2P36yDZueqzfdGw9RsaTeaYXSH5E4RYSWuRoQ9YRKIw9o7mDDY2ZcT3KOB7RwtW2w1FN2eDqcy_sbCjXPaM1iBVH-mqMSYRmRd2nb5D1SJPeBzIYRqSglLc32wUGN7xEzyrKUczqOKsIcybQA"
confidence: medium
min_entropy: 3.0
references:
- https://developer.hashicorp.com/vault/docs/concepts/tokens
- name: Hashicorp Vault Recovery Token (>= v1.10)
id: kingfisher.hashicorp.6
pattern: |
(?x)
(hvr\.[A-Za-z0-9]{24,130})
(?: [^A-Za-z0-9_-] | $ )
pattern_requirements:
min_digits: 2
examples:
- "apikey: hvr.JGbZZaCkOSgsZ56uhGlTK2zyC1j2mwhy0VLp4"
confidence: medium
min_entropy: 3.0
references:
- https://developer.hashicorp.com/vault/docs/concepts/tokens
- https://developer.hashicorp.com/vault/docs/concepts/recovery-mode
- name: Hashicorp Vault Unseal Key
id: kingfisher.hashicorp.7
pattern: |
(?x)
(?i: unseal )
\b
.{1,10}
([a-zA-Z0-9+/]{44})
(?: [^a-zA-Z0-9+/] | $ )
pattern_requirements:
min_digits: 2
examples:
- "Unseal Key 2: 0tZn+7QQCxphpHwTm7/dC3LpP5JGIbYl3PK8Sy81R+P2"
- "oc -n vault exec -ti vault-0 -- vault operator unseal 98m+o2ylRhVbOi+3o5ub6PbP343ocFUVORgSYeypMDjh"
confidence: medium
min_entropy: 3.0
references:
- https://developer.hashicorp.com/vault/docs/concepts/seal
View git blame Copy permalink