forked from mirrors/kingfisher
78 lines
No EOL
2.7 KiB
YAML
78 lines
No EOL
2.7 KiB
YAML
rules:
|
|
- name: Cloudflare API Token
|
|
id: kingfisher.cloudflare.1
|
|
pattern: |
|
|
(?x)
|
|
(?i)
|
|
\b
|
|
cloudflare
|
|
(?:.|[\n\r]){0,32}?
|
|
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[a-z0-9_-]{38,42}
|
|
)
|
|
\b
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
examples:
|
|
- cloudflareAPIKey = A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6Q7R8S9T0
|
|
- |
|
|
CLOUDFLARE_API_TOKEN: 'a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0'
|
|
cloudflare_key="B1C2D3E4F5G6H7I8J9K0L1M2N3O4P5Q6R7S8T9U0V1"
|
|
references:
|
|
- https://developers.cloudflare.com/api/resources/user/subresources/tokens/methods/verify/
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
headers:
|
|
Authorization: Bearer {{ TOKEN }}
|
|
Accept: application/json
|
|
method: GET
|
|
response_matcher:
|
|
- report_response: true
|
|
- status:
|
|
- 200
|
|
type: StatusMatch
|
|
url: https://api.cloudflare.com/client/v4/user/tokens/verify
|
|
|
|
- name: Cloudflare CA Key
|
|
id: kingfisher.cloudflare.2
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
(?:cloudflare|x-auth-user-service-key)
|
|
(?:.|[\n\r]){0,64}?
|
|
(
|
|
v1\.0-[a-z0-9._-]{160,}
|
|
)
|
|
["'`]?
|
|
\b
|
|
min_entropy: 4.5
|
|
confidence: medium
|
|
examples:
|
|
- 'X-Auth-User-Service-Key = v1.0-e26de050e02ddeaeef6de8d5ee267df5e78f68666ddd0ee76f22d26a0d20756f-eda77de60e8e76077e162727656787de2005d25e2f6e502e2d067657ed65722eade065275001a0f6f6e521e5e1fd76a6e8d7e2d6da8a2ee01e66e061e22570e2-07f2ede0aed78e82e8d2e620aaef8656d81e762266d7d226a205de7e18e2256a'
|
|
- |
|
|
cloudflare_service_key: "v1.0-e26de050e02ddeaeef6de8d5ee267df5e78f68666ddd0ee76f22d26a0d20756f-eda77de60e8e76077e162727656787de2005d25e2f6e502e2d067657ed65722eade065275001a0f6f6e521e5e1fd76a6e8d7e2d6da8a2ee01e66e061e22570e2-07f2ede0aed78e82e8d2e620aaef8656d81e762266d7d226a205de7e18e2256a"
|
|
references:
|
|
- https://developers.cloudflare.com/api/keys/
|
|
- https://developers.cloudflare.com/fundamentals/api/get-started/keys/
|
|
categories:
|
|
- api
|
|
- secret
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
headers:
|
|
Content-Type: application/json
|
|
X-Auth-User-Service-Key: '{{ TOKEN }}'
|
|
method: GET
|
|
response_matcher:
|
|
- report_response: true
|
|
- status:
|
|
- 200
|
|
type: StatusMatch
|
|
url: https://api.cloudflare.com/client/v4/certificates?per_page=1 |