forked from mirrors/kingfisher
53 lines
1.4 KiB
YAML
53 lines
1.4 KiB
YAML
rules:
|
|
- name: Amplitude Secret Key
|
|
id: kingfisher.amplitude.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
amplitude
|
|
(?:.|[\n\r]){0,32}?
|
|
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN|AUTHORIZATION)
|
|
(?:.|[\n\r]){0,16}?
|
|
\b
|
|
(
|
|
[a-f0-9]{32}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 4
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- 'amplitude_api_key=8b6f8d6594749cb659b1be03e6a0a2e7'
|
|
- 'AMPLITUDE_API_KEY=ef929907c3923e8f3da83c24f0255aa6'
|
|
- "AMPLITUDE_SECRET_KEY=8b6f8d6594749cb659b1be03e6a0a2e7"
|
|
references:
|
|
- https://amplitude.com/docs/apis/authentication
|
|
- https://www.docs.developers.amplitude.com/analytics/apis/export-api/
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: POST
|
|
url: https://api2.amplitude.com/2/httpapi
|
|
headers:
|
|
Content-Type: application/json
|
|
Accept: "*/*"
|
|
body: |
|
|
{
|
|
"api_key": "{{ TOKEN }}",
|
|
"events": [
|
|
{
|
|
"user_id": "203201202",
|
|
"device_id": "C8F9E604-F01A-4BD9-95C6-8E5357DF265D",
|
|
"event_type": "watch_tutorial"
|
|
}
|
|
]
|
|
}
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: WordMatch
|
|
words:
|
|
- '"code":200'
|