eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/crates/kingfisher-rules/data/rules/nessus.yml
Mick Grove 2444d83e5d more rules
2026-04-03 23:43:49 -07:00

25 lines
954 B
YAML
Raw Permalink Blame History

rules:
- name: Nessus Agent Linking Key
id: kingfisher.nessus.1
pattern: |
(?xi)
\b
(?:nessuscli|NESSUS_KEY|nessusagent)
(?:.|[\n\r]){0,32}?
(?:--key=|NESSUS_KEY=["'\s]*)
(
[a-f0-9]{64}
)
\b
pattern_requirements:
min_digits: 8
min_entropy: 3.5
confidence: high
examples:
- "/opt/nessus_agent/sbin/nessuscli agent link --key=b0ed12e9652fa25b92c91826f364d339f64f98a07159e24f644ed4f1aa075684 --host=manager.example.com"
- "/opt/nessus_agent/sbin/nessuscli agent link --key=a34b98943d38288385ce948429a8f33143f5122cfd22892310dccb9eed5087d5 --host=scanner2.example.com"
references:
- https://docs.tenable.com/nessus-agent/Content/GettingStarted.htm
# No public validation endpoint: Nessus linking keys are validated
# against a self-hosted Nessus Manager or Tenable Vulnerability Management
# instance with an instance-specific hostname.
View git blame Copy permalink