forked from mirrors/kingfisher
65 lines
1.9 KiB
YAML
65 lines
1.9 KiB
YAML
rules:
|
|
- name: Docker Hub Personal Access Token
|
|
id: kingfisher.dockerhub.1
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(
|
|
dckr_pat_[A-Za-z0-9_-]{27}
|
|
)
|
|
(?: $ | [^A-Za-z0-9_-] )
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- docker login -u gemesa -p dckr_pat_hc8VxYclixyTr2rDFsa2rqzkP3Y
|
|
- docker login -u gemesa -p dckr_pat_tkzBYxjNNC3R_Yg6jd_O-G8FbrJ
|
|
- docker login -u gemesa -p dckr_pat_1q8yKET1VDJTpfCwseUDzT8vFh-
|
|
references:
|
|
- https://docs.docker.com/reference/api/hub/latest/#tag/access-tokens/paths/~1v2~1access-tokens~1%7Buuid%7D/get
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
headers:
|
|
Authorization: Bearer {{ TOKEN }}
|
|
Accept: application/json
|
|
method: GET
|
|
response_matcher:
|
|
- report_response: true
|
|
- status:
|
|
- 200
|
|
type: StatusMatch
|
|
url: https://hub.docker.com/v2/access-tokens?page_size=1
|
|
- name: Docker Hub Organization Access Token
|
|
id: kingfisher.dockerhub.2
|
|
pattern: |
|
|
(?x)
|
|
\b
|
|
(
|
|
dckr_oat_[A-Za-z0-9_-]{32}
|
|
)
|
|
(?: $ | [^A-Za-z0-9_-] )
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- docker login -u docker-test -p dckr_oat_7bA9zRt5-JqX3vP0l_MnY8sK2wE-dF6h
|
|
references:
|
|
- https://docs.docker.com/enterprise/security/access-tokens/
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
headers:
|
|
Authorization: Bearer {{ TOKEN }}
|
|
Accept: application/json
|
|
method: GET
|
|
response_matcher:
|
|
- report_response: true
|
|
- status:
|
|
- 200
|
|
type: StatusMatch
|
|
url: https://hub.docker.com/v2/access-tokens?page_size=1
|