forked from mirrors/kingfisher
48 lines
1.3 KiB
YAML
48 lines
1.3 KiB
YAML
rules:
|
|
- name: Ghost CMS Admin API Key
|
|
id: kingfisher.ghost.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
ghost
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[0-9a-f]{24}:[0-9a-f]{64}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 4
|
|
min_lowercase: 4
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
examples:
|
|
- 'GHOST_ADMIN_API_KEY=1efedd9db174adee2d23d982:4b74dca0219bad629852191af326a45037346c2231240e0f7aec1f9371cc14e8'
|
|
- 'ghost_key = "6101c750c9d0ab0e34567890:abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890"'
|
|
references:
|
|
- https://ghost.org/docs/admin-api/
|
|
- https://ghost.org/docs/admin-api/#token-authentication
|
|
|
|
- name: Ghost CMS Content API Key
|
|
id: kingfisher.ghost.2
|
|
pattern: |
|
|
(?xi)
|
|
\b(?:ghost|content[_-]?api)
|
|
(?:.|[\n\r]){0,48}?
|
|
(?:KEY|TOKEN|SECRET|API)
|
|
(?:.|[\n\r]){0,24}?
|
|
\b
|
|
(
|
|
[0-9a-f]{26}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 3
|
|
min_entropy: 3.0
|
|
confidence: medium
|
|
examples:
|
|
- 'GHOST_CONTENT_API_KEY=22444f78447824223cefc48062'
|
|
- 'ghost_api_key: "a1b2c3d4e5f6a7b8c9d0e1f2a3"'
|
|
references:
|
|
- https://ghost.org/docs/content-api/
|
|
# No validation: Ghost Content API keys are site-specific and require the Ghost site URL.
|