-
-
Notifications
You must be signed in to change notification settings - Fork 43
/
API_Keys.bb
1 lines (1 loc) · 2.82 KB
/
API_Keys.bb
1
[{"Name":"API_Keys","Enabled":true,"Scanner":2,"Author":"@six2dez1","UrlEncode":false,"Grep":["true,Or,(?:\\s|\u003d|:|\"|^)AKC[a-zA-Z0-9]{10,}","true,Or,^(AAAA[A-Za-z0-9_-]{7}:[A-Za-z0-9_-]{140})","true,Or,[^a-zA-Z0-9](AAAA[A-Za-z0-9_-]{7}:[A-Za-z0-9_-]{140})","true,Or,(?i)github(.{0,20})?(?-i)[\u0027\\\"][0-9a-zA-Z]{35,40}","true,Or,^(EAACEdEose0cBA[0-9A-Za-z]+)","true,Or,[^a-zA-Z0-9](EAACEdEose0cBA[0-9A-Za-z]+)","true,Or,(?i)(facebook|fb)(.{0,20})?(?-i)[\u0027\\\"][0-9a-f]{32}","true,Or,[^a-zA-Z0-9](AIza[0-9A-Za-z-_]{35})","true,Or,^(AIza[0-9A-Za-z-_]{35})","true,Or,(?i)(google|gcp|youtube|drive|yt)(.{0,20})?[\u0027\\\"][AIza[0-9a-z\\\\-_]{35}][\u0027\\\"]","true,Or,^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})","true,Or,[^a-zA-Z0-9]([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})","true,Or,(?i)heroku.{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}","true,Or,(?i)heroku(.{0,20})?[\u0027\"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}[\u0027\"]","true,Or,^([0-9a-f]{32}-us[0-9])","true,Or,[^a-zA-Z0-9]([0-9a-f]{32}-us[0-9])","true,Or,^(key-[0-9a-zA-Z]{32})","true,Or,[^a-zA-Z0-9](key-[0-9a-zA-Z]{32})","true,Or,SG\\.[0-9A-Za-z\\-_]{22}\\.[0-9A-Za-z\\-_]{43}","true,Or,(?i)sauce.{0,50}(\\\\\\\"|\u0027|`)?[0-9a-f-]{36}(\\\\\\\"|\u0027|`)?","true,Or,xox.-[0-9]{12}-[0-9]{12}-[0-9a-zA-Z]{24}","true,Or,(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})","true,Or,(xox[baprs]-([0-9a-zA-Z]{10,48})?)","true,Or,https:\\/\\/hooks.slack.com\\/services\\/T[a-zA-Z0-9_]{8}\\/B[a-zA-Z0-9_]{8}\\/[a-zA-Z0-9_]{24}","true,Or,sq0[a-z]{3}-[0-9A-Za-z\\-_]{22,43}","true,Or,(?:r|s)k_live_[0-9a-zA-Z]{24}","true,Or,^(SK[0-9a-fA-F]{32})","true,Or,[^a-zA-Z0-9](SK[0-9a-fA-F]{32})","true,Or,^(R_[0-9a-f]{32})","true,Or,[^a-zA-Z0-9](R_[0-9a-f]{32})","true,Or,(?i)nr-internal-api-key","true,Or,(?i)NRAK-[A-Z0-9]{27}","true,Or,(?i)NRRA-[a-f0-9]{42}","true,Or,(?i)NRAA-[a-f0-9]{27}"],"Tags":["All"],"PayloadResponse":false,"NotResponse":false,"isTime":false,"iscontentLength":false,"CaseSensitive":false,"ExcludeHTTP":false,"OnlyHTTP":false,"IsContentType":true,"ContentType":"text/css,image/jpeg,image/png,image/svg+xml,image/gif,image/tiff,image/webp,image/x-icon,application/font-woff,image/vnd.microsoft.icon,font/ttf,font/woff2","NegativeCT":true,"IsResponseCode":false,"ResponseCode":"","NegativeRC":false,"isurlextension":false,"NegativeUrlExtension":false,"MatchType":2,"RedirType":0,"MaxRedir":0,"payloadPosition":0,"grepsFile":"","IssueName":"API Key or Token discovered","IssueSeverity":"Medium","IssueConfidence":"Firm","IssueDetail":"API Key or Token discovered, check how to take advantage of it here https://github.com/streaak/keyhacks","RemediationDetail":"","IssueBackground":"","RemediationBackground":"","VariationAttributes":[],"InsertionPointType":[],"Scantype":0,"pathDiscovery":false}]