Skip to content

Commit

Permalink
Trufflehog mapper (#6013)
Browse files Browse the repository at this point in the history 
* initial commit

* changes

* Finalized trufflehog mapper

* Update libs/hdf-converters/test/mappers/forward/trufflehog_mapper.spec.ts

Co-authored-by: Charles Hu <[email protected]>

* Update libs/hdf-converters/test/mappers/forward/trufflehog_mapper.spec.ts

Co-authored-by: Charles Hu <[email protected]>

* removed unused import

* added tests and implemented changes

* Final commit

* linting fix

* final commit

* linting

* linting

* commented out filesync

* changed file perms

* added test files

---------

Co-authored-by: Charles Hu <[email protected]>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
  • Loading branch information
@andytang99 @charleshu-8 @mergify
3 people authored Jul 30, 2024
1 parent ceff081 commit a15376f
Show file tree
Hide file tree
Showing 19 changed files with 5,978 additions and 4 deletions.
1 change: 1 addition & 0 deletions apps/frontend/src/components/global/upload_tabs/FileReader.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@
<li>Scoutsuite</li>
<li>Snyk</li>
<li>Tenable (API)</li>
<li>Trufflehog</li>
<li>Twistlock</li>
<li>Veracode</li>
<li>XCCDF Results (native OpenSCAP and SCC outputs)</li>
Expand Down
3 changes: 3 additions & 0 deletions apps/frontend/src/store/report_intake.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ import {
SarifMapper,
ScoutsuiteMapper,
SnykResults,
TrufflehogResults,
TwistlockResults,
VeracodeMapper,
XCCDFResultsMapper,
Expand Down Expand Up @@ -271,6 +272,8 @@ export class InspecIntake extends VuexModule {
return new ChecklistResults(convertOptions.data).toHdf();
case INPUT_TYPES.GOSEC:
return new GoSecMapper(convertOptions.data).toHdf();
case INPUT_TYPES.TRUFFLEHOG:
return new TrufflehogResults(convertOptions.data).toHdf();
default:
return SnackbarModule.failure(
`Invalid file uploaded (${filename}), no fingerprints matched.`
Expand Down
9 changes: 5 additions & 4 deletions libs/hdf-converters/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,11 @@ OHDF Converters supplies several methods to convert various types of security to
17. [**snyk-mapper**] - Snyk results JSON file
18. [**sonarqube-mapper**] - SonarQube vulnerabilities for the specified project name and optional branch or pull/merge request ID name from an API
19. [**splunk-mapper**] - Splunk instance
20. [**twistlock-mapper**] - Twistlock CLI output file
21. [**veracode-mapper**] - Veracode Scan Results XML file
22. [**xccdf-results-mapper**] - SCAP client XCCDF-Results XML report
23. [**zap-mapper**] - OWASP ZAP results JSON
20. [**trufflehog-mapper**] - Trufflehog results json file
21. [**twistlock-mapper**] - Twistlock CLI output file
22. [**veracode-mapper**] - Veracode Scan Results XML file
23. [**xccdf-results-mapper**] - SCAP client XCCDF-Results XML report
24. [**zap-mapper**] - OWASP ZAP results JSON

### NOTICE

Expand Down
1 change: 1 addition & 0 deletions libs/hdf-converters/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ export * from './src/scoutsuite-mapper';
export * from './src/snyk-mapper';
export * from './src/sonarqube-mapper';
export * from './src/splunk-mapper';
export * from './src/trufflehog-mapper';
export * from './src/twistlock-mapper';
export * from './src/utils/attestations';
export * from './src/utils/compliance';
Expand Down
32 changes: 32 additions & 0 deletions ...verters/sample_jsons/trufflehog_mapper/sample_input_report/trufflehog-report-example.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
{
"SourceMetadata": {
"Data": {
"Git": {
"commit": "0416560b1330d8ac42045813251d85c688717eaf",
"file": "new_key",
"email": "counter \u003c[email protected]\u003e",
"repository": "https://github.com/trufflesecurity/test_keys",
"timestamp": "2023-10-19 02:56:37 +0000",
"line": 2
}
}
},
"SourceID": 1,
"SourceType": 16,
"SourceName": "trufflehog - git",
"DetectorType": 2,
"DetectorName": "AWS",
"DecoderName": "PLAIN",
"Verified": true,
"Raw": "AKIAQYLPMN5HHHFPZAM2",
"RawV2": "AKIAQYLPMN5HHHFPZAM21tUm636uS1yOEcfP5pvfqJ/ml36mF7AkyHsEU0IU",
"Redacted": "AKIAQYLPMN5HHHFPZAM2",
"ExtraData": {
"account": "052310077262",
"arn": "arn:aws:iam::052310077262:user/canarytokens.com@@c20nnjzlioibnaxvt392i9ope",
"is_canary": "true",
"message": "This is an AWS canary token generated at canarytokens.org, and was not set off; learn more here: https://trufflesecurity.com/canaries",
"resource_type": "Access key"
},
"StructuredData": null
}
92 changes: 92 additions & 0 deletions libs/hdf-converters/sample_jsons/trufflehog_mapper/sample_input_report/trufflehog.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
[
{
"SourceMetadata": {
"Data": {
"Git": {
"commit": "0416560b1330d8ac42045813251d85c688717eaf",
"file": "new_key",
"email": "counter \u003c[email protected]\u003e",
"repository": "https://github.com/trufflesecurity/test_keys",
"timestamp": "2023-10-19 02:56:37 +0000",
"line": 2
}
}
},
"SourceID": 1,
"SourceType": 16,
"SourceName": "trufflehog - git",
"DetectorType": 2,
"DetectorName": "AWS",
"DecoderName": "PLAIN",
"Verified": true,
"Raw": "AKIAQYLPMN5HHHFPZAM2",
"RawV2": "AKIAQYLPMN5HHHFPZAM21tUm636uS1yOEcfP5pvfqJ/ml36mF7AkyHsEU0IU",
"Redacted": "AKIAQYLPMN5HHHFPZAM2",
"ExtraData": {
"account": "052310077262",
"arn": "arn:aws:iam::052310077262:user/canarytokens.com@@c20nnjzlioibnaxvt392i9ope",
"is_canary": "true",
"message": "This is an AWS canary token generated at canarytokens.org, and was not set off; learn more here: https://trufflesecurity.com/canaries",
"resource_type": "Access key"
},
"StructuredData": null
},
{
"SourceMetadata": {
"Data": {
"Git": {
"commit": "fbc14303ffbf8fb1c2c1914e8dda7d0121633aca",
"file": "keys",
"email": "counter \u003c[email protected]\u003e",
"repository": "https://github.com/trufflesecurity/test_keys",
"timestamp": "2022-06-16 17:17:40 +0000",
"line": 4
}
}
},
"SourceID": 1,
"SourceType": 16,
"SourceName": "trufflehog - git",
"DetectorType": 2,
"DetectorName": "AWS",
"DecoderName": "PLAIN",
"Verified": true,
"Raw": "AKIAYVP4CIPPERUVIFXG",
"RawV2": "AKIAYVP4CIPPERUVIFXGZt2U1h267eViPnuSA+JO5ABhiu4T7XUMSZ+Y2Oth",
"Redacted": "AKIAYVP4CIPPERUVIFXG",
"ExtraData": {
"account": "595918472158",
"arn": "arn:aws:iam::595918472158:user/canarytokens.com@@mirux23ppyky6hx3l6vclmhnj",
"is_canary": "true",
"message": "This is an AWS canary token generated at canarytokens.org, and was not set off; learn more here: https://trufflesecurity.com/canaries",
"resource_type": "Access key"
},
"StructuredData": null
},
{
"SourceMetadata": {
"Data": {
"Git": {
"commit": "77b2a3e56973785a52ba4ae4b8dac61d4bac016f",
"file": "keys",
"email": "counter \u003c[email protected]\u003e",
"repository": "https://github.com/trufflesecurity/test_keys",
"timestamp": "2022-06-16 17:27:56 +0000",
"line": 3
}
}
},
"SourceID": 1,
"SourceType": 16,
"SourceName": "trufflehog - git",
"DetectorType": 17,
"DetectorName": "URI",
"DecoderName": "PLAIN",
"Verified": true,
"Raw": "https://admin:[email protected]",
"RawV2": "https://admin:[email protected]/basic_auth",
"Redacted": "https://admin:********@the-internet.herokuapp.com",
"ExtraData": null,
"StructuredData": null
}
]
Loading

0 comments on commit a15376f

Please sign in to comment.