forked from mirrors/kingfisher
32 lines
1 KiB
YAML
32 lines
1 KiB
YAML
rules:
|
|
- name: Azure DevOps Personal Access Token
|
|
id: kingfisher.azure.devops.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
azure
|
|
(?:.|[\n\r]){0,32}?
|
|
(
|
|
[a-z0-9]{75}AZDO[a-z0-9]{5}
|
|
)
|
|
\b
|
|
min_entropy: 3
|
|
confidence: medium
|
|
examples:
|
|
- azure devops pat = FBdFol081crwkIHWJH2yiqDDyrFjVSi7HWl22hN2hTYfsB8NlGDpJQQJ77BAACAAAAAAAAAAAAASAZDOBucT
|
|
references:
|
|
- https://learn.microsoft.com/en-us/rest/api/azure/devops/profile/profiles/get?view=azure-devops-rest-7.1&tabs=HTTP
|
|
- https://learn.microsoft.com/en-us/azure/devops/release-notes/2024/general/sprint-241-update
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
headers:
|
|
Authorization: 'Basic {{ ":" | append: TOKEN | b64enc }}'
|
|
method: GET
|
|
url: https://app.vssps.visualstudio.com/_apis/profile/profiles/me?api-version=7.1-preview.1
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status:
|
|
- 200
|