eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/data/rules/azurestorage.yml
Mick Grove 951b62d61e - Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key 
- Grouped JSON and JSONL outputs by rule, restoring matches arrays in reports
2025-08-18 22:56:34 -07:00

48 lines
1.1 KiB
YAML
Raw Blame History

rules:
- name: Azure Storage Account Name
id: kingfisher.azurestorage.1
pattern: |
(?xi)
(?:
\b
azure
(?:.|[\n\r]){0,32}?
(?i:
(?:Account|Storage)
(?:[._-]Account)?
[._-]?Name
)
(?:.|[\n\r]){0,20}?
([a-z0-9]{3,24})
|
([a-z0-9]{3,24})
(?i:\.blob\.core\.windows\.net)
)\b
min_entropy: 2.5
visible: false
confidence: medium
examples:
- azure_storage_name=mystorageaccount123
- mystorageaccount.blob.core.windows.net
- name: Azure Storage Account Key
id: kingfisher.azurestorage.2
pattern: |
(?xi)
\b
azure
(?:.|[\n\r]){0,128}?
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
(?:.|[\n\r]){0,128}?
(
[A-Z0-9+\\/-]{86,88}={0,2}
)
min_entropy: 4.0
confidence: medium
examples:
- Azure AccountKey=Xy9aB8cD7eF6gH5iJ4kL3mN2oP1qR0sT9uV8wX7yZ6aB5cD4eF3gH2iJ1kL0mN9oP8qR7sT6uV5wX4yZ3aB2cD1eF0gH9iJ8kL7mN6oP5q==\
validation:
type: AzureStorage
depends_on_rule:
- rule_id: kingfisher.azurestorage.1
variable: AZURENAME
View git blame Copy permalink