diff --git a/.ci/benchmark.txt b/.ci/benchmark.txt index bf2377e1d..ea6a267b5 100644 --- a/.ci/benchmark.txt +++ b/.ci/benchmark.txt @@ -1,9 +1,9 @@ -META MD5 d0a224099b6f47bb8948c372b8fc6144 -DATA MD5 0c336686c107937f85997d599484de04 -DATA: 16329853 interested lines. MARKUP: 59550 items +META MD5 ea6bfd4ab65bd77b9e769ffdfcb5dc2a +DATA MD5 7249009ff1484bfef2e45b9fc62c8d6b +DATA: 16334259 interested lines. MARKUP: 59607 items FileType FileNumber ValidLines Positives Negatives Templates --------------- ------------ ------------ ----------- ----------- ----------- - 193 28288 69 415 90 + 194 28342 71 415 90 .1 2 641 2 5 .admx 1 26 1 .adoc 1 158 13 5 1 @@ -15,7 +15,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .bat 5 248 2 14 2 .bats 15 2804 14 49 9 .bazel 3 424 8 -.build 2 40 3 +.build 2 40 1 2 .bundle 4 1512 476 .bzl 3 2503 11 .c 179 284009 8 774 5 @@ -35,7 +35,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .creds 1 10 1 1 .crlf 1 27 1 .crt 2 4979 211 -.cs 266 79474 153 872 95 +.cs 266 79474 156 872 95 .cshtml 5 180 12 .csp 3 379 9 .csproj 1 14 1 @@ -55,7 +55,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .erb 13 323 26 .erl 4 96 7 .ex 25 4968 5 98 5 -.example 17 1838 74 36 51 +.example 18 1863 74 37 51 .exs 24 4842 8 187 4 .ext 5 211 1 4 2 .fsproj 1 75 1 2 @@ -63,7 +63,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .gd 1 37 1 .gml 3 3075 16 .gni 3 5017 19 -.go 1075 565673 652 4090 748 +.go 1081 568661 654 4097 748 .golden 5 1168 1 13 29 .gradle 45 3265 2 90 100 .graphql 7 420 13 @@ -85,7 +85,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .java 613 133184 345 1325 171 .jenkinsfile 1 58 2 6 .jinja2 1 64 2 -.js 653 532652 527 2450 316 +.js 653 532652 528 2450 316 .json 843 13045846 1076 10012 139 .jsp 13 3202 1 37 .jsx 7 857 19 @@ -113,7 +113,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .markdown 3 139 3 1 .markerb 3 12 3 .marko 1 21 2 -.md 671 148304 719 2340 614 +.md 674 148660 733 2340 614 .mdx 3 549 7 .mjml 1 18 1 .mjs 22 4424 71 333 @@ -135,7 +135,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .patch 4 109405 4 27 .pbxproj 1 941 1 .pem 48 1169 47 8 -.php 370 75658 114 1451 71 +.php 371 75676 114 1452 71 .pl 16 14727 7 33 .pm 3 744 7 .po 3 2994 15 @@ -153,7 +153,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .pug 2 193 2 .purs 1 69 4 .pxd 1 150 4 2 -.py 886 290215 665 3236 726 +.py 886 290215 667 3236 726 .pyi 4 1361 9 .pyp 1 167 1 .pyx 2 1094 23 @@ -172,20 +172,20 @@ FileType FileNumber ValidLines Positives Negatives Templat .rs 31 9855 2 234 11 .rsc 1 691 1 .rsp 16 7101 20 10 27 -.rst 86 33980 71 305 68 +.rst 87 34002 72 305 68 .rules 1 6 2 .sample 2 25 3 4 4 .sbt 3 570 5 2 .scala 39 5028 22 99 .scss 16 8553 32 1 .secrets 1 11 1 -.sh 142 21518 58 464 23 +.sh 147 22139 64 464 23 .slim 1 153 1 2 .smali 1 775 18 .snap 3 1708 9 29 2 .spec 2 332 2 .spin 1 565 1 -.sql 25 6456 124 56 3 +.sql 26 6468 129 57 3 .storyboard 20 1802 339 .strings 20 1240 137 .stub 3 84 6 @@ -194,7 +194,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .svg 1 638 12 .t 9 1767 15 44 13 .td 2 14002 6 -.template 19 1633 4 35 11 +.template 19 1633 4 36 11 .test 2 24 22 1 4 .testsettings 1 21 1 10 .tf 21 1377 2 30 2 @@ -209,7 +209,7 @@ FileType FileNumber ValidLines Positives Negatives Templat .ts 581 106648 137 1774 203 .tsx 54 7914 1 113 5 .ttar 1 452 1 -.txt 266 76254 5144 5094 46 +.txt 268 76325 5148 5094 46 .utf8 1 77 2 .vsixmanifest 1 36 1 .vsmdi 1 6 2 @@ -219,19 +219,19 @@ FileType FileNumber ValidLines Positives Negatives Templat .xib 11 503 164 .xsl 1 311 1 .yaml 136 18591 123 341 42 -.yml 418 36057 523 910 375 +.yml 420 36296 545 910 375 .zsh 6 872 12 .zsh-theme 1 97 1 -TOTAL: 10003 16329853 11874 46613 5067 -credsweeper result_cnt : 11643, lost_cnt : 0, true_cnt : 11409, false_cnt : 234 +TOTAL: 10026 16334259 11937 46623 5067 +credsweeper result_cnt : 11718, lost_cnt : 0, true_cnt : 11506, false_cnt : 212 Rules Positives Negatives Templates Reported TP FP TN FN FPR FNR ACC PRC RCL F1 ------------------------------ ----------- ----------- ----------- ---------- ----- ---- ----- ---- -------- -------- -------- -------- -------- -------- -API 130 3166 188 126 125 1 3353 5 0.000298 0.038462 0.998278 0.992063 0.961538 0.976562 +API 130 3166 188 127 127 0 3354 3 0.000000 0.023077 0.999139 1.000000 0.976923 0.988327 AWS Client ID 168 21 0 160 160 0 21 8 0.000000 0.047619 0.957672 1.000000 0.952381 0.975610 AWS Multi 82 10 0 84 82 1 9 0 0.100000 0.000000 0.989130 0.987952 1.000000 0.993939 AWS S3 Bucket 67 23 0 92 67 23 0 0 1.000000 0.000000 0.744444 0.744444 1.000000 0.853503 Atlassian Old PAT token 3 7 0 10 3 7 0 0 1.000000 0.000000 0.300000 0.300000 1.000000 0.461538 -Auth 415 2743 82 391 385 6 2819 30 0.002124 0.072289 0.988889 0.984655 0.927711 0.955335 +Auth 415 2743 82 395 393 2 2823 22 0.000708 0.053012 0.992593 0.994937 0.946988 0.970370 Azure Access Token 19 0 0 12 12 0 0 7 0.368421 0.631579 1.000000 0.631579 0.774194 BASE64 Private Key 12 4 0 12 12 0 4 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000 BASE64 encoded PEM Private Key 7 0 0 5 5 0 0 2 0.285714 0.714286 1.000000 0.714286 0.833333 @@ -241,8 +241,8 @@ CMD ConvertTo-SecureString 13 4 0 1 CMD Password 21 128 6 20 20 0 134 1 0.000000 0.047619 0.993548 1.000000 0.952381 0.975610 CMD Secret 1 1 0 1 1 0 1 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000 CMD Token 6 0 0 6 6 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000 -Certificate 24 471 0 20 20 0 471 4 0.000000 0.166667 0.991919 1.000000 0.833333 0.909091 -Credential 91 421 76 92 91 1 496 0 0.002012 0.000000 0.998299 0.989130 1.000000 0.994536 +Certificate 24 471 0 19 19 0 471 5 0.000000 0.208333 0.989899 1.000000 0.791667 0.883721 +Credential 91 421 76 90 90 0 497 1 0.000000 0.010989 0.998299 1.000000 0.989011 0.994475 Docker Swarm Token 2 0 0 1 1 0 0 1 0.500000 0.500000 1.000000 0.500000 0.666667 Dropbox App secret 64 139 1 46 35 10 130 29 0.071429 0.453125 0.808824 0.777778 0.546875 0.642202 Facebook Access Token 0 1 0 0 0 1 0 0.000000 1.000000 @@ -257,20 +257,21 @@ Grafana Provisioned API Key 22 1 0 JSON Web Token 170 61 0 131 131 0 61 39 0.000000 0.229412 0.831169 1.000000 0.770588 0.870432 Jira / Confluence PAT token 0 4 0 0 0 4 0 0.000000 1.000000 Jira 2FA 15 6 1 12 12 0 7 3 0.000000 0.200000 0.863636 1.000000 0.800000 0.888889 -Key 3912 15714 485 3922 3897 25 16174 15 0.001543 0.003834 0.998011 0.993626 0.996166 0.994894 -Nonce 93 49 0 91 91 0 49 2 0.000000 0.021505 0.985915 1.000000 0.978495 0.989130 +Key 3912 15714 485 3924 3904 20 16179 8 0.001235 0.002045 0.998608 0.994903 0.997955 0.996427 +Nonce 93 49 0 93 92 1 48 1 0.020408 0.010753 0.985915 0.989247 0.989247 0.989247 Other 9 7447 5 0 0 7452 9 0.000000 1.000000 0.998794 0.000000 PEM Private Key 1019 1483 0 1023 1019 4 1479 0 0.002697 0.000000 0.998401 0.996090 1.000000 0.998041 -Password 1887 7535 2663 1813 1800 13 10185 87 0.001275 0.046105 0.991725 0.992830 0.953895 0.972973 +Password 1906 7532 2663 1835 1829 6 10189 77 0.000589 0.040399 0.993141 0.996730 0.959601 0.977813 +SQL Password 44 13 0 41 41 0 13 3 0.000000 0.068182 0.947368 1.000000 0.931818 0.964706 Salesforce Credentials 2 0 0 2 2 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000 -Salt 47 76 1 45 45 0 77 2 0.000000 0.042553 0.983871 1.000000 0.957447 0.978261 -Secret 1297 1576 802 1292 1288 4 2374 9 0.001682 0.006939 0.996463 0.996904 0.993061 0.994979 +Salt 47 76 1 44 44 0 77 3 0.000000 0.063830 0.975806 1.000000 0.936170 0.967033 +Secret 1297 1576 802 1292 1291 1 2377 6 0.000421 0.004626 0.998095 0.999226 0.995374 0.997296 Seed 1 6 0 0 0 6 1 0.000000 1.000000 0.857143 0.000000 Slack Token 4 1 0 4 4 0 1 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000 Stripe Credentials 2 0 0 2 2 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000 Tencent WeChat API App ID 6 0 0 6 6 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000 -Token 643 4171 454 617 616 1 4624 27 0.000216 0.041991 0.994685 0.998379 0.958009 0.977778 +Token 643 4171 454 624 624 0 4625 19 0.000000 0.029549 0.996393 1.000000 0.970451 0.985004 Twilio Credentials 30 39 0 30 30 0 39 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000 -URL Credentials 210 157 215 209 208 1 371 2 0.002688 0.009524 0.994845 0.995215 0.990476 0.992840 +URL Credentials 210 157 215 209 209 0 372 1 0.000000 0.004762 0.998282 1.000000 0.995238 0.997613 UUID 1075 265 0 1074 1073 1 264 2 0.003774 0.001860 0.997761 0.999069 0.998140 0.998604 - 11874 46613 5067 11656 11409 234 46379 465 0.005020 0.039161 0.988049 0.979902 0.960839 0.970277 + 11937 46623 5067 11731 11506 212 46411 431 0.004547 0.036106 0.989020 0.981908 0.963894 0.972818 diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index adcd2eb07..cc387a5df 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -441,8 +441,7 @@ jobs: # check whether credsweeper is available as module python -m credsweeper --banner # use only 2 epochs for the test - sed -i 's/max_epochs = .*/max_epochs = 2/' main.py - python main.py --data ${{ github.workspace }}/CredData -j $(( 2 * $(nproc) )) + python main.py --data ${{ github.workspace }}/CredData --jobs $(( 2 * $(nproc) )) --epochs 2 # dbg git diff # crc32 should be changed diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 5b16b92af..1290ea879 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -40,8 +40,8 @@ jobs: - name: Check ml_config.json and ml_model.onnx integrity if: ${{ always() && steps.code_checkout.conclusion == 'success' }} run: | - md5sum --binary credsweeper/ml_model/ml_config.json | grep 092a588d5bebdac5136c4d01c87abf27 - md5sum --binary credsweeper/ml_model/ml_model.onnx | grep a707745d781517556fd58890cb2812be + md5sum --binary credsweeper/ml_model/ml_config.json | grep 3a4bfcd6f3ea74461b158d4ec073cc06 + md5sum --binary credsweeper/ml_model/ml_model.onnx | grep 9725b166e07e60f94929fea986f84ae2 # # # line ending diff --git a/credsweeper/ml_model/ml_config.json b/credsweeper/ml_model/ml_config.json index 407bfa550..d5b8d26db 100644 --- a/credsweeper/ml_model/ml_config.json +++ b/credsweeper/ml_model/ml_config.json @@ -1,5 +1,5 @@ { - "char_set": " \t\n0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~", + "char_set": "\u001b\t\n\r !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~", "thresholds": { "lowest": 0.22917, "low": 0.35739, @@ -54,6 +54,22 @@ "attribute": "value" } }, + { + "type": "SearchInAttribute", + "comment": "Repeated symbol", + "kwargs": { + "pattern": ".*(?:(\\S)(\\S))((\\1.)|(.\\2)){7,}", + "attribute": "value" + } + }, + { + "type": "SearchInAttribute", + "comment": "SHA marker", + "kwargs": { + "pattern": ".*(?i:sha)[_-]?(224|256|384|512)", + "attribute": "value" + } + }, { "type": "SearchInAttribute", "comment": "VariableNotAllowedPatternCheck", @@ -239,6 +255,7 @@ ".bat", ".bats", ".bazel", + ".build", ".bundle", ".bzl", ".c", @@ -295,6 +312,7 @@ ".jsx", ".ks", ".kt", + ".kts", ".las", ".ldif", ".ldml", @@ -360,6 +378,7 @@ ".sql", ".storyboard", ".strings", + ".sty", ".t", ".td", ".tdf", @@ -403,6 +422,7 @@ "Key", "Nonce", "Password", + "SQL Password", "Salt", "Secret", "Token", diff --git a/credsweeper/ml_model/ml_model.onnx b/credsweeper/ml_model/ml_model.onnx index 2c05cee07..b5d3a1f9f 100644 Binary files a/credsweeper/ml_model/ml_model.onnx and b/credsweeper/ml_model/ml_model.onnx differ diff --git a/credsweeper/rules/config.yaml b/credsweeper/rules/config.yaml index 9580d381e..e5725688e 100644 --- a/credsweeper/rules/config.yaml +++ b/credsweeper/rules/config.yaml @@ -144,6 +144,24 @@ target: - doc +- name: SQL Password + severity: medium + confidence: weak + type: pattern + values: + - (\\[nrt]|\b)(?i:(?P(CREATE|ALTER|SET\s{1,8}PASSWORD|INSERT(\s{1,8}IGNORE)?|UPDATE\s{1,8}[^\s;]{1,80})\s{1,8}(LOGIN|USER|ROLE|FOR|INTO|SET)\s{1,8}([^\s;]{1,80}\s{1,8}|VALUES\s*\(){1,8}(IDENTIFIED((\s{1,8}WITH\s{1,8}\S{1,80})?\s{1,8}(BY|AS))|(=|WITH)?\s*PASSWORD\b(\s*=)?)))\s*(?P[(]\s*)?(?P((?P\\{1,8})?([`'\"]|&(quot|apos);)){1,4})?(?P(?(value_leftquote)((?!(?P=value_leftquote))(?(esq)((?!(?P=esq)([`'\"]|&(quot|apos);)).)|((?!(?P=value_leftquote)).)))|(?!&(quot|apos);)(\\+([ tnr]|[^\s`'\"])|[^\s`'\",;\\])){3,80})(?(value_leftquote)(?P(?[0-9A-Za-z]{10,12}[B-Za-z0-9]A{10,12}[B-Za-z0-9][0-9A-Za-z]{40,44})(?![=0-9A-Za-z_/+-]) - filter_type: [] + filter_type: [ ] min_line_len: 43 required_substrings: - AAAAAAAAAA diff --git a/docs/images/Model_with_features.png b/docs/images/Model_with_features.png index f803fdd50..43c44f986 100644 Binary files a/docs/images/Model_with_features.png and b/docs/images/Model_with_features.png differ diff --git a/docs/source/overall_architecture.rst b/docs/source/overall_architecture.rst index b3478855e..49e14de8d 100644 --- a/docs/source/overall_architecture.rst +++ b/docs/source/overall_architecture.rst @@ -82,13 +82,18 @@ Each Rule_ is dedicated to detect a specific type of credential, imported from ` ... - name: API - severity: medium - type: keyword - values: - - api - filter_type: GeneralKeyword - use_ml: true - - name: AWS Client ID + severity: medium + confidence: moderate + type: keyword + values: + - api + filter_type: GeneralKeyword + use_ml: true + min_line_len: 11 + required_substrings: + - api + target: + - code ... **Rule Attributes** @@ -140,6 +145,13 @@ Each Rule_ is dedicated to detect a specific type of credential, imported from ` - The type of the Filter_ group you want to apply. Filter_ groups implemented are as follows: `GeneralKeyword `_, `GeneralPattern `_, `PasswordKeyword `_, and `UrlCredentials `_. - use_ml - The attribute to set whether to perform ML validation. If true, ML validation will be performed. If false - ml_probability will be set to None in report. +- min_line_len + - drop too short stripped lines before text search to increase performance +- required_substrings + - any strings has to be found in a line before regex search to increase performance +- target + - code : The rule will be applied without --doc option + - doc : The rule will be applied with --doc option Filter ------ @@ -168,13 +180,12 @@ And ML can be fully disable by setting ``--ml_threshold 0`` python -m credsweeper --ml_threshold 0 ... Our ML model architecture is a combination of Bidirectional LSTM with additional handcrafted features. -It uses last 50 characters from the potential credential and 91 handcrafted features to decide if it's a real credential or not. +It uses first 80 characters from the potential credential value and variable (if available), 160 characters from line around the value and configurable handcrafted features to decide if it's a real credential or not. -Example: +Example (file leaked_cred.py): -.. code-block:: text +.. code-block:: python - leaked_cred.py: my_db_password = "NUU423cds" Steps: @@ -182,10 +193,10 @@ Steps: 1. Regular expression extracts ```NUU423cds``` as a secret value, ```my_db_password``` as a variable, and ```my_db_password = "NUU423cds"``` as whole line 2. Handcrafted feature classes instantiated from classes in `features.py `_ using `model_config.json `_. Instantiation process can be checked at `ml_validator.py#L46 `_. Features include: ``` ``` character in line: yes/no, ```(``` character in line: yes/no, file extension is ```.c```: yes/no, etc. 3. Handcrafted features from step 2 used on line, value, variable, and filename to get feature vector of length 91 -4. ```NUU423cds``` lowercased and right padded with special padding characters to the length 50. Last 50 characters selected if longer. Only 70 symbols used: 68 ASCII characters + 1 padding character + 1 special character for all other symbols: `ml_validator.py#L29 `_. Padded line than `one-hot encoded `_. Link to corresponding code: `ml_validator.py#L63 `_ -5. Padded line from step 4 inputted to Bidirectional LSTM. LSTM produce single vector of length 60 as output -6. LSTM output and handcrafted features concatenated into a single vector of length 151 -7. Vector from step 6 feed into the two last Dense layers +4. ```NUU423cds``` Configurable character set is applied + 1 padding character + 1 special character for all other symbols. Padded line than `one-hot encoded `_. Link to corresponding code: `MlValidator.encode `_ +5. Padded line from step 4 inputted to Bidirectional LSTM of value. The same encodings are performed for variable and line. LSTM produce 3 single vectors of lengths 80, 80, 160 as outputs +6. LSTM outputs and handcrafted features concatenated into a single vector +7. The vector from step 6 is fed into a stack of two sequential Dense layers, each with the number of output units equal to the number of input units. 8. Last layer outputs float value in range 0-1 with estimated probability of line being a real credential 9. Predicted probability compared to the threshold (see `--ml_threshold` CLI option) and credential reported if predicted probability is greater diff --git a/experiment/main.py b/experiment/main.py index 3ab619d31..61ffbfb35 100644 --- a/experiment/main.py +++ b/experiment/main.py @@ -53,7 +53,13 @@ def evaluate_model(thresholds: dict, keras_model: Model, x_data: List[np.ndarray f"F1:{f1:0.6f}") -def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: +def main(cred_data_location: str, + jobs: int, + epochs: int, + batch_size: int, + patience: int, + doc_target: bool, + use_tuner: bool = False) -> str: print(f"Memory at start: {LogCallback.get_memory_info()}") current_time = datetime.now().strftime("%Y%m%d_%H%M%S") @@ -62,7 +68,7 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: os.makedirs(dir_path, exist_ok=True) print(f"Train model on data from {cred_data_location}") - prepare_train_data(_cred_data_location, jobs) + prepare_train_data(cred_data_location, jobs, doc_target) # detected data means which data is passed to ML validator of credsweeper after filters with RuleName cred_data_location_path = pathlib.Path(cred_data_location) / "data" @@ -82,7 +88,7 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: for i in range(3): # there are 2 times possible fails due ml config was updated try: - thresholds = model_config_preprocess(df_all) + thresholds = model_config_preprocess(df_all, doc_target) break except RuntimeError as exc: if "RESTART:" in str(exc): @@ -136,12 +142,6 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: print(f"Memory before search / compile: {LogCallback.get_memory_info()}") - max_epochs = 100 - # ^^^ the line is patched in GitHub action to speed-up test train - batch_size = 256 - patience = 5 - #return - log_callback = LogCallback() if use_tuner: tuner = kt.GridSearch( @@ -158,7 +158,7 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: tuner.search( x=[x_train_line, x_train_variable, x_train_value, x_train_features], y=y_train, - epochs=max_epochs, + epochs=epochs, batch_size=batch_size, callbacks=[search_early_stopping, log_callback], validation_data=([x_test_line, x_test_variable, x_test_value, x_test_features], y_test), @@ -189,7 +189,7 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: fit_history = keras_model.fit(x=[x_train_line, x_train_variable, x_train_value, x_train_features], y=y_train, batch_size=batch_size, - epochs=max_epochs, + epochs=epochs, verbose=2, validation_data=([x_test_line, x_test_variable, x_test_value, x_test_features], y_test), @@ -259,7 +259,8 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: if __name__ == "__main__": parser = ArgumentParser() - parser.add_argument("--data", + parser.add_argument("-d", + "--data", nargs="?", help="CredData location", dest="cred_data_location", @@ -271,18 +272,33 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: default=4, dest="jobs", metavar="POSITIVE_INT") - parser.add_argument("-t", "--tuner", help="use keras tuner", dest="use_tuner", action="store_true") + parser.add_argument("-e", + "--epochs", + help="maximal epochs to train (default: 100)", + default=100, + dest="epochs", + metavar="POSITIVE_INT") + parser.add_argument("-b", + "--batch_size", + help="batch size (default: 256)", + default=256, + dest="batch_size", + metavar="POSITIVE_INT") + parser.add_argument("-p", + "--patience", + help="early stopping patience (default: 5)", + default=5, + dest="patience", + metavar="POSITIVE_INT") + parser.add_argument("--doc", help="use doc target", dest="doc_target", action="store_true") + parser.add_argument("--tuner", help="use keras tuner", dest="use_tuner", action="store_true") args = parser.parse_args() - fixed_seed = 20241126 # int(datetime.now().timestamp()) - # print(f"Random seed:{fixed_seed}") - if fixed_seed is not None: - tf.random.set_seed(fixed_seed) - np.random.seed(fixed_seed) - random.seed(fixed_seed) - - _cred_data_location = args.cred_data_location - _jobs = int(args.jobs) + fixed_seed = 20250117 + print(f"Fixed seed:{fixed_seed}") + tf.random.set_seed(fixed_seed) + np.random.seed(fixed_seed) + random.seed(fixed_seed) # to keep the hash in log and verify command = f"md5sum {pathlib.Path(__file__).parent.parent}/credsweeper/ml_model/ml_config.json" @@ -290,6 +306,12 @@ def main(cred_data_location: str, jobs: int, use_tuner: bool = False) -> str: command = f"md5sum {pathlib.Path(__file__).parent.parent}/credsweeper/ml_model/ml_model.onnx" subprocess.check_call(command, shell=True, cwd=pathlib.Path(__file__).parent) - _model_file_name = main(_cred_data_location, _jobs, args.use_tuner) + _model_file_name = main(cred_data_location=args.cred_data_location, + jobs=int(args.jobs), + epochs=int(args.epochs), + batch_size=int(args.batch_size), + patience=int(args.patience), + doc_target=bool(args.doc_target), + use_tuner=bool(args.use_tuner)) # print in last line the name print(f"\nYou can find your model in:\n{_model_file_name}") diff --git a/experiment/main.sh b/experiment/main.sh index 90e212f05..4309989ba 100755 --- a/experiment/main.sh +++ b/experiment/main.sh @@ -2,25 +2,57 @@ set -ex -CREDSWEEPER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." > /dev/null 2>&1 && pwd )" -export PYTHONPATH=${CREDSWEEPER_DIR}:$PYTHONPATH -echo $PYTHONPATH -${CREDSWEEPER_DIR}/.venv/bin/python -m credsweeper --banner +START_TIME=$(date +%s) +NOW=$(date +%Y%m%d_%H%M%S) +echo ">>> START ${BASH_SOURCE[0]} in $(pwd) at ${NOW}" -now=$(date +%Y%m%d_%H%M%S) +# use the path environments without / at end -RESULT_DIR=${CREDSWEEPER_DIR}/experiment/results -mkdir -vp ${RESULT_DIR} +echo "CREDSWEEPER_DIR='${CREDSWEEPER_DIR}'" +if [ -z "${CREDSWEEPER_DIR}" ] || [ ! -d "${CREDSWEEPER_DIR}" ]; then + echo "CREDSWEEPER_DIR environment is empty or does not exist" + exit 1 +fi + +echo "CREDDATA_DIR='${CREDDATA_DIR}'" +if [ -z "${CREDDATA_DIR}" ] || [ ! -d "${CREDDATA_DIR}" ]; then + echo "CREDDATA_DIR environment is empty or does not exist" + exit 1 +fi + +echo "JOBS=$(nproc)" +if [ -z "${JOBS}" ]; then + JOBS=$(nproc) + echo "Used JOBS=${JOBS} for multiple process" +elif [ ! 0 -lt ${JOBS} ]; then + echo "Unappropriated JOBS=${JOBS}" + exit 1 +fi + +export PYTHONPATH="${CREDSWEEPER_DIR}":$PYTHONPATH + +# check whether current version +"${CREDSWEEPER_DIR}"/.venv/bin/python -m credsweeper --banner + +WORK_DIR="${CREDSWEEPER_DIR}/experiment" +cd "${WORK_DIR}" +RESULT_DIR="${WORK_DIR}/results" +mkdir -vp "${RESULT_DIR}" # set env TUNER to use keras-tuner #TUNER=--tuner -${CREDSWEEPER_DIR}/.venv/bin/python main.py --data ~/q/DataCred/main --jobs $(nproc) ${TUNER} | tee ${RESULT_DIR}/${now}.train.log +# set env DOC to apply doc dataset +#DOC=--doc +"${CREDSWEEPER_DIR}"/.venv/bin/python main.py --data "${CREDDATA_DIR}" --jobs ${JOBS} ${TUNER} ${DOC} | tee "${RESULT_DIR}/${NOW}.train.log" error_code=${PIPESTATUS} if [ 0 -ne ${error_code} ]; then exit ${error_code}; fi -cd ${CREDSWEEPER_DIR} -report_file=${RESULT_DIR}/${now}.json -${CREDSWEEPER_DIR}/.venv/bin/python -m credsweeper --sort --path ~/q/DataCred/main/data --log info --job $(nproc) --subtext --save-json ${report_file} +cd "${CREDSWEEPER_DIR}" +report_file=${RESULT_DIR}/${NOW}.json +${CREDSWEEPER_DIR}/.venv/bin/python -m credsweeper ${DOC} --sort --path "${CREDDATA_DIR}/data" --log info --jobs ${JOBS} --subtext --save-json ${report_file} -cd ~/q/DataCred/main +cd "${CREDDATA_DIR}" .venv/bin/python -m benchmark --scanner credsweeper --load ${report_file} | tee ${CREDSWEEPER_DIR}/.ci/benchmark.txt + +SPENT_TIME=$(date -ud "@$(( $(date +%s) - ${START_TIME} ))" +"%H:%M:%S") +echo "<<< DONE ${BASH_SOURCE[0]} in $(pwd) at $(date) elapsed ${SPENT_TIME}" diff --git a/experiment/src/data_loader.py b/experiment/src/data_loader.py index 5c5173af8..63017c2f2 100644 --- a/experiment/src/data_loader.py +++ b/experiment/src/data_loader.py @@ -1,9 +1,7 @@ import contextlib -import copy import json import os import pathlib -import subprocess from copy import deepcopy from functools import cache from typing import Tuple, Dict, Set, Any diff --git a/experiment/src/entropy_test.py b/experiment/src/entropy_test.py index 468ceca5d..7bd0f30c0 100644 --- a/experiment/src/entropy_test.py +++ b/experiment/src/entropy_test.py @@ -2,15 +2,12 @@ import random import signal import statistics -import string import threading import time -from datetime import datetime from multiprocessing import Pool from typing import Tuple, Dict from credsweeper.common.constants import Chars -from credsweeper.filters import ValueEntropyBase36Check from credsweeper.utils import Util random_data: str diff --git a/experiment/src/log_callback.py b/experiment/src/log_callback.py index 0342c0e8f..22636422d 100644 --- a/experiment/src/log_callback.py +++ b/experiment/src/log_callback.py @@ -1,7 +1,7 @@ import datetime -from keras.src.callbacks import Callback import psutil +from keras.src.callbacks import Callback class LogCallback(Callback): diff --git a/experiment/src/lstm_model.py b/experiment/src/lstm_model.py index 41a53f95e..1b802380b 100644 --- a/experiment/src/lstm_model.py +++ b/experiment/src/lstm_model.py @@ -26,35 +26,27 @@ def __init__( def build(self, hp=None) -> Model: """Get keras model with string and feature input and single binary out""" if hp: - min_val = 0.22 - max_val = 0.44 - step_val = 0.11 - dropout_line = hp.Float('dropout_line', min_value=min_val, max_value=max_val, step=step_val) - dropout_variable = hp.Float('dropout_variable', min_value=min_val, max_value=max_val, step=step_val) - dropout_value = hp.Float('dropout_value', min_value=min_val, max_value=max_val, step=step_val) - dropout_dense = hp.Float('dropout_dense', min_value=min_val, max_value=max_val, step=step_val) + lstm_dropout = hp.Float('dropout_lstm', min_value=0.4, max_value=0.5, step=0.01) + dense_dropout = hp.Float('dropout_threshold', min_value=0.3, max_value=0.4, step=0.01) else: # found best values - dropout_line = 0.33 - dropout_variable = 0.33 - dropout_value = 0.33 - dropout_dense = 0.33 + lstm_dropout = 0.45 + dense_dropout = 0.35 line_input = Input(shape=(None, self.line_shape[2]), name="line_input", dtype=self.d_type) line_lstm = LSTM(units=self.line_shape[1], dtype=self.d_type) line_bidirectional = Bidirectional(layer=line_lstm, name="line_bidirectional") - line_lstm_branch = Dropout(dropout_line, name="line_dropout")(line_bidirectional(line_input)) + line_lstm_branch = Dropout(lstm_dropout, name="line_dropout")(line_bidirectional(line_input)) variable_input = Input(shape=(None, self.variable_shape[2]), name="variable_input", dtype=self.d_type) variable_lstm = LSTM(units=self.variable_shape[1], dtype=self.d_type) variable_bidirectional = Bidirectional(layer=variable_lstm, name="variable_bidirectional") - variable_lstm_branch = Dropout(dropout_variable, - name="variable_dropout")(variable_bidirectional(variable_input)) + variable_lstm_branch = Dropout(lstm_dropout, name="variable_dropout")(variable_bidirectional(variable_input)) value_input = Input(shape=(None, self.value_shape[2]), name="value_input", dtype=self.d_type) value_lstm = LSTM(units=self.value_shape[1], dtype=self.d_type) value_bidirectional = Bidirectional(layer=value_lstm, name="value_bidirectional") - value_lstm_branch = Dropout(dropout_value, name="value_dropout")(value_bidirectional(value_input)) + value_lstm_branch = Dropout(lstm_dropout, name="value_dropout")(value_bidirectional(value_input)) feature_input = Input(shape=(self.feature_shape[1], ), name="feature_input", dtype=self.d_type) @@ -63,15 +55,20 @@ def build(self, hp=None) -> Model: # 3 bidirectional + features dense_units = 2 * MlValidator.MAX_LEN + 2 * 2 * ML_HUNK + self.feature_shape[1] # check after model compilation. Should be matched the combined size. - dense_a = Dense(units=dense_units, activation='relu', name="dense", dtype=self.d_type) - joined_layers = dense_a(joined_features) - dropout_layer = Dropout(dropout_dense, name="dense_dropout")(joined_layers) - dense_b = Dense(units=1, activation='sigmoid', name="prediction", dtype=self.d_type) - output = dense_b(dropout_layer) + + # first hidden layer + dense_a = Dense(units=dense_units, activation='relu', name="a_dense", dtype=self.d_type)(joined_features) + dropout_dense_a = Dropout(dense_dropout, name="a_dropout")(dense_a) + + # second hidden layer + dense_b = Dense(units=dense_units, activation='relu', name="b_dense", dtype=self.d_type)(dropout_dense_a) + dropout_dense_b = Dropout(dense_dropout, name="b_dropout")(dense_b) + + dense_final = Dense(units=1, activation='sigmoid', name="prediction", dtype=self.d_type)(dropout_dense_b) metrics = [BinaryAccuracy(name="binary_accuracy"), Precision(name="precision"), Recall(name="recall")] - model: Model = Model(inputs=[line_input, variable_input, value_input, feature_input], outputs=output) + model: Model = Model(inputs=[line_input, variable_input, value_input, feature_input], outputs=dense_final) model.compile(optimizer=Adam(), loss='binary_crossentropy', metrics=metrics) model.summary(line_length=120, expand_nested=True, show_trainable=True) diff --git a/experiment/src/model_config_preprocess.py b/experiment/src/model_config_preprocess.py index 5d060df12..edbe8357e 100644 --- a/experiment/src/model_config_preprocess.py +++ b/experiment/src/model_config_preprocess.py @@ -1,4 +1,4 @@ -from typing import Set, Dict +from typing import Dict import pandas as pd @@ -6,9 +6,13 @@ from credsweeper.utils import Util -def model_config_preprocess(df_all: pd.DataFrame) -> Dict[str, float]: +def model_config_preprocess(df_all: pd.DataFrame, doc_target: bool) -> Dict[str, float]: model_config_path = APP_PATH / "ml_model" / "ml_config.json" model_config = Util.json_load(model_config_path) + ascii_char_set = ''.join(chr(x) for x in range(0x20, 0x7F)) + extra_char_set = "\x1B\t\n\r" # ESC code, tab and line end variations + doc_char_set = " ●개공기께내는님당드등로메밀번보복본비사생서석성슈스시암에용워으의이작정주지체큰키토패할호화" if doc_target else '' + model_config["char_set"] = extra_char_set + ascii_char_set + doc_char_set # check whether all extensions from meta are in ml_config.json diff --git a/experiment/src/prepare_data.py b/experiment/src/prepare_data.py index 34ca997bd..7f3f47627 100644 --- a/experiment/src/prepare_data.py +++ b/experiment/src/prepare_data.py @@ -8,12 +8,13 @@ from credsweeper.utils import Util -def execute_scanner(dataset_location: str, result_location_str, j): +def execute_scanner(dataset_location: str, result_location_str: str, jobs: int, doc_target: bool): """Execute CredSweeper as a separate process to make sure no global states is shared with training script""" dir_path = os.path.dirname(os.path.realpath(__file__)) + "/.." command = f"{sys.executable} -m credsweeper --path {dataset_location}/data" \ f" --save-json {result_location_str} --log info" \ - f" --job {j} --sort --rules results/train_config.yaml --ml_threshold 0 --subtext" + f" {'--doc' if doc_target else ''}" \ + f" --jobs {jobs} --sort --rules results/train_config.yaml --ml_threshold 0 --subtext" error_code = subprocess.check_call(command, shell=True, cwd=dir_path) if 0 != error_code: sys.exit(error_code) @@ -29,13 +30,14 @@ def data_checksum(dir_path: Path) -> str: return binascii.hexlify(checksum).decode() -def prepare_train_data(cred_data_location: str, j: int): +def prepare_train_data(cred_data_location: str, jobs: int, doc_target: bool): print("Start train data preparation...") if not os.path.exists("train_config.yaml"): # use pattern or keyword type rules = Util.yaml_load("../credsweeper/rules/config.yaml") - new_rules = [x for x in rules if x.get("use_ml")] + target = "doc" if doc_target else "code" + new_rules = [x for x in rules if x.get("use_ml") and target in x["target"]] Util.yaml_dump(new_rules, "results/train_config.yaml") meta_checksum = data_checksum(Path(cred_data_location) / "meta") @@ -47,7 +49,7 @@ def prepare_train_data(cred_data_location: str, j: int): if not os.path.exists(detected_data_filename): print(f"Get CredSweeper results from {cred_data_location}. May take some time") - execute_scanner(cred_data_location, detected_data_filename, j) + execute_scanner(cred_data_location, detected_data_filename, jobs, doc_target) else: print(f"Get cached result {data_dir_checksum}") diff --git a/experiment/src/strength_test.py b/experiment/src/strength_test.py index e1ca0c5a6..e58395c7a 100644 --- a/experiment/src/strength_test.py +++ b/experiment/src/strength_test.py @@ -2,18 +2,13 @@ import random import signal import statistics -import string import threading import time -from datetime import datetime from multiprocessing import Pool from typing import Tuple, Dict from password_strength import PasswordStats -from credsweeper.common.constants import Chars -from credsweeper.utils import Util - random_data: str ITERATIONS = 1000 diff --git a/requirements.txt b/requirements.txt index ebf1968be..709277515 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ hatchling==1.27.0 # 1.27.0 creates Metadata-Version: 2.4 which is not supported fully by publish github action #hatchling==1.26.3 # check build -twine +twine==6.1.0 # Common requirements base58==2.1.1 diff --git a/tests/__init__.py b/tests/__init__.py index 6f1a21d2d..31fbe5613 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -1,27 +1,27 @@ from pathlib import Path # total number of files in test samples -SAMPLES_FILES_COUNT = 145 +SAMPLES_FILES_COUNT = 146 # the lowest value of ML threshold is used to display possible lowest values NEGLIGIBLE_ML_THRESHOLD = 0.0001 # credentials count after scan with negligible ML threshold -SAMPLES_CRED_COUNT = 436 +SAMPLES_CRED_COUNT = 465 SAMPLES_CRED_LINE_COUNT = SAMPLES_CRED_COUNT + 19 # Number of filtered credentials with ML -ML_FILTERED = 34 +ML_FILTERED = 91 # credentials count after post-processing SAMPLES_POST_CRED_COUNT = SAMPLES_CRED_COUNT - ML_FILTERED # with option --doc -SAMPLES_IN_DOC = 694 +SAMPLES_IN_DOC = 650 # archived credentials that are not found without --depth -SAMPLES_IN_DEEP_1 = SAMPLES_POST_CRED_COUNT + 90 -SAMPLES_IN_DEEP_2 = SAMPLES_IN_DEEP_1 + 7 +SAMPLES_IN_DEEP_1 = SAMPLES_POST_CRED_COUNT + 84 +SAMPLES_IN_DEEP_2 = SAMPLES_IN_DEEP_1 + 8 SAMPLES_IN_DEEP_3 = SAMPLES_IN_DEEP_2 + 1 # well known string with all latin letters diff --git a/tests/data/depth_3.json b/tests/data/depth_3.json index d14a06f2f..9c5771e2a 100644 --- a/tests/data/depth_3.json +++ b/tests/data/depth_3.json @@ -121,7 +121,7 @@ "rule": "API", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.996, "line_data_list": [ { "line": "gi_reo_gi_api = \"DvMB_glvwjlEQ_uqIyn8k\"; ", @@ -271,7 +271,7 @@ "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.998, "line_data_list": [ { "line": "\"kerberos_authentication\": \"YI7IB6wYJgaMgHAgIKoZI2AQBuIh2cSA0IB1qA\"", @@ -321,7 +321,7 @@ "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.999, "line_data_list": [ { "line": "headers = {authorization: /oauth_signature=\"JgEWaL6V6eM%2FFb9wuXG4I3IB6wY%3D\"/, content_type: 'application/json; charset=utf-8'}", @@ -584,31 +584,6 @@ } ] }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.833, - "line_data_list": [ - { - "line": "https://iufurvyh.google.com/v1/projects/29182364324/clients?key=HrPioECfMsa602sfDyhzzIWok&alt=json

", - "line_num": 1, - "path": "./tests/samples/aws_multi.json", - "info": "FILE|STRUCT|STRING:unicode_url|RAW", - "value": "HrPioECfMsa602sfDyhzzIWok", - "value_start": 64, - "value_end": 89, - "variable": "key", - "variable_start": 60, - "variable_end": 63, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.323856189774723, - "valid": false - } - } - ] - }, { "rule": "AWS S3 Bucket", "severity": "info", @@ -760,56 +735,6 @@ } ] }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.995, - "line_data_list": [ - { - "line": " \"AwsSecretKey\":\"CrackleGiReoGi123CrackleGiReoGi123AWSkey\",", - "line_num": 4, - "path": "./tests/samples/aws_multi.json", - "info": "FILE|RAW", - "value": "CrackleGiReoGi123CrackleGiReoGi123AWSkey", - "value_start": 20, - "value_end": 60, - "variable": "AwsSecretKey", - "variable_start": 5, - "variable_end": 17, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.012814895472355, - "valid": false - } - } - ] - }, - { - "rule": "Secret", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.995, - "line_data_list": [ - { - "line": " \"AwsSecretKey\":\"CrackleGiReoGi123CrackleGiReoGi123AWSkey\",", - "line_num": 4, - "path": "./tests/samples/aws_multi.json", - "info": "FILE|RAW", - "value": "CrackleGiReoGi123CrackleGiReoGi123AWSkey", - "value_start": 20, - "value_end": 60, - "variable": "AwsSecretKey", - "variable_start": 5, - "variable_end": 17, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.012814895472355, - "valid": false - } - } - ] - }, { "rule": "AWS Client ID", "severity": "high", @@ -906,7 +831,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": " \"SecretAccessKey\" : \"RMkMm8niUJ1iuhyugy3fFt5rtrf7GFQ9xz1\",", @@ -931,7 +856,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": " \"SecretAccessKey\" : \"RMkMm8niUJ1iuhyugy3fFt5rtrf7GFQ9xz1\",", @@ -1006,7 +931,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.626, "line_data_list": [ { "line": "AWS_MWS_KEY = \"amzn.mws.c1dg4haz-6xd6-4gqi-vna2-ed3whf71x9k6\"", @@ -1406,7 +1331,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.713, + "ml_probability": 0.999, "line_data_list": [ { "line": "\"Bitbucket Repository Access Token\" : \"ATCTT3xFfGN0zXtbKHz2POF86xa-2aBiYC4o_T3-myk01bmFVluUIFtGm_VFQwLizp4o1FKw-AMZhtdA0NzizshnA8WzRdfgv6GeTyowCD101oqKbJ4nx9DFsar5YyUNkwO9maR9-00tQvfciyfOHtPKG6K1d76Ki3iFo7roGeyJu4j1jM3GwQ4=EDDE81AD\"", @@ -1431,7 +1356,7 @@ "rule": "Certificate", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { "line": "const certificatePEM := 'LS0tLS1CRUdJTiBDRVJUSUZ0VLQW9JQkFRRFkwYzFUS0I1b1pQd1EKN3QxQ3dNSXJ2cUI2R0lVM3RQeTZSaGNrWlhUa09COFllQldKN1VLZkN6OEhHZJQ0FURS0tLS0tCk1JSUMrekND'", @@ -1527,6 +1452,31 @@ } ] }, + { + "rule": "CMD Password", + "severity": "high", + "confidence": "moderate", + "ml_probability": 0.901, + "line_data_list": [ + { + "line": "gpg --decrypt --passphrase N1DdkUD3E73 --output decrypted.txt encrypted.txt.gpg", + "line_num": 1, + "path": "./tests/samples/cmd_credential", + "info": "FILE|RAW", + "value": "N1DdkUD3E73", + "value_start": 27, + "value_end": 38, + "variable": "passphrase", + "variable_start": 16, + "variable_end": 26, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.0957952550009344, + "valid": false + } + } + ] + }, { "rule": "CMD Password", "severity": "high", @@ -1556,7 +1506,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.751, + "ml_probability": 0.964, "line_data_list": [ { "line": "-Domain 'localhost' -Password 'Sjdn43ss@!'", @@ -1581,7 +1531,7 @@ "rule": "CMD Secret", "severity": "high", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "--super-secret_token 1ace4d19-fa7e-b4e2-c3f0-9129474bcd81", @@ -1606,7 +1556,7 @@ "rule": "CMD Token", "severity": "high", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "--super-secret_token 1ace4d19-fa7e-b4e2-c3f0-9129474bcd81", @@ -1656,7 +1606,32 @@ "rule": "CMD ConvertTo-SecureString", "severity": "high", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 0.997, + "line_data_list": [ + { + "line": "ConvertTo-SecureString -String -Force dsjUE#$gds8s", + "line_num": 1, + "path": "./tests/samples/cmd_secure_string", + "info": "FILE|RAW", + "value": "dsjUE#$gds8s", + "value_start": 38, + "value_end": 50, + "variable": "ConvertTo-SecureString -String -Force", + "variable_start": 0, + "variable_end": 37, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.4245614587540074, + "valid": false + } + } + ] + }, + { + "rule": "CMD ConvertTo-SecureString", + "severity": "high", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { "line": "\"ConvertTo-SecureString \\\"4yd21JKH~GE8dkd\\\"\"", @@ -1681,7 +1656,7 @@ "rule": "Credential", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.999, "line_data_list": [ { "line": "gi_reo_gi_credential = \"K2u6mFw8wJOsAf\"", @@ -1806,32 +1781,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.744, - "line_data_list": [ - { - "line": "Username:master Password:dipPr13Gg!", - "line_num": 4, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr13Gg!", - "value_start": 25, - "value_end": 35, - "variable": "Password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.977, + "ml_probability": 0.864, "line_data_list": [ { "line": "id:master,password:dipPr14Gg!", @@ -1856,32 +1806,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.704, - "line_data_list": [ - { - "line": "ID:master/PW:dipPr15Gg!", - "line_num": 6, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr15Gg!", - "value_start": 13, - "value_end": 23, - "variable": "PW", - "variable_start": 10, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.855, "line_data_list": [ { "line": "id:master password:dipPr16Gg!", @@ -1906,7 +1831,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.874, "line_data_list": [ { "line": "user:master password:dipPr17Gg!", @@ -1931,7 +1856,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.893, "line_data_list": [ { "line": "username:master,password:dipPr19Gg!", @@ -1956,57 +1881,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.873, - "line_data_list": [ - { - "line": "ANYid:master,password:dipPr111Gg!", - "line_num": 12, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr111Gg!", - "value_start": 22, - "value_end": 33, - "variable": "password", - "variable_start": 13, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.7126753349281376, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.981, - "line_data_list": [ - { - "line": "user id:master password:dipPr113Gg!", - "line_num": 14, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr113Gg!", - "value_start": 24, - "value_end": 35, - "variable": "password", - "variable_start": 15, - "variable_end": 23, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.978, + "ml_probability": 0.708, "line_data_list": [ { "line": "user:master,password:dipPr114Gg!", @@ -2031,7 +1906,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 0.915, "line_data_list": [ { "line": "user=master,password=dipPr115Gg!", @@ -2056,7 +1931,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.971, + "ml_probability": 0.704, "line_data_list": [ { "line": "username=master password=dipPr116Gg!", @@ -2081,32 +1956,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.917, - "line_data_list": [ - { - "line": "User name:master Password:dipPr117Gg!", - "line_num": 18, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr117Gg!", - "value_start": 26, - "value_end": 37, - "variable": "Password", - "variable_start": 17, - "variable_end": 25, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.948, + "ml_probability": 0.738, "line_data_list": [ { "line": "username=master,password=dipPr118Gg!", @@ -2131,7 +1981,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.876, "line_data_list": [ { "line": "--user=master --password=dipPr119Gg!", @@ -2156,36 +2006,11 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.889, + "ml_probability": 0.912, "line_data_list": [ { - "line": "user=master passwd=dipPr120Gg!", - "line_num": 21, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr120Gg!", - "value_start": 19, - "value_end": 30, - "variable": "passwd", - "variable_start": 12, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ - { - "line": "account:dipPr121Gg! password:dipPr121Gg!", - "line_num": 22, + "line": "account:dipPr121Gg! password:dipPr121Gg!", + "line_num": 22, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", "value": "dipPr121Gg!", @@ -2206,82 +2031,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.652, - "line_data_list": [ - { - "line": "id:master pass:dipPr122Gg!", - "line_num": 23, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr122Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pass", - "variable_start": 10, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.847, - "line_data_list": [ - { - "line": "user:master pw:dipPr124Gg!", - "line_num": 25, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr124Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.828, - "line_data_list": [ - { - "line": "Username:master/Password:dipPr125Gg!", - "line_num": 26, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr125Gg!", - "value_start": 25, - "value_end": 36, - "variable": "Password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.98, + "ml_probability": 0.767, "line_data_list": [ { "line": "userId:master,password:dipPr126Gg!", @@ -2306,7 +2056,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.999, "line_data_list": [ { "line": "--user master --password dipPr127Gg!", @@ -2331,32 +2081,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.929, - "line_data_list": [ - { - "line": "dipPr128Gg! ID:master dipPr128Gg! Password:dipPr128Gg!", - "line_num": 29, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr128Gg!", - "value_start": 43, - "value_end": 54, - "variable": "Password", - "variable_start": 34, - "variable_end": 42, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.911, + "ml_probability": 0.909, "line_data_list": [ { "line": "ANYid:master,pw:dipPr129Gg!", @@ -2381,32 +2106,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.78, - "line_data_list": [ - { - "line": "user:master pwd:dipPr130Gg!", - "line_num": 31, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr130Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pwd", - "variable_start": 12, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.948, + "ml_probability": 0.847, "line_data_list": [ { "line": "ANYID:master Password:dipPr132Gg!", @@ -2431,32 +2131,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.82, - "line_data_list": [ - { - "line": "-Username:master -Password:dipPr133Gg!", - "line_num": 34, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr133Gg!", - "value_start": 27, - "value_end": 38, - "variable": "Password", - "variable_start": 18, - "variable_end": 26, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.933, "line_data_list": [ { "line": "account:dipPr134Gg! pw:dipPr134Gg!", @@ -2481,7 +2156,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.905, + "ml_probability": 0.791, "line_data_list": [ { "line": "user id:master user pw:dipPr135Gg!", @@ -2506,7 +2181,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.973, + "ml_probability": 0.733, "line_data_list": [ { "line": "user_name=master password=dipPr136Gg!", @@ -2531,7 +2206,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.99, + "ml_probability": 0.999, "line_data_list": [ { "line": "--username master --password dipPr137Gg!", @@ -2556,7 +2231,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.992, "line_data_list": [ { "line": "ANYlogin:master,ANYpassword:dipPr138Gg!", @@ -2606,7 +2281,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.959, + "ml_probability": 0.687, "line_data_list": [ { "line": "ID:master/PASS:dipPr141Gg!", @@ -2631,32 +2306,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, - "line_data_list": [ - { - "line": "account:master passwd:dipPr142Gg!", - "line_num": 43, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr142Gg!", - "value_start": 22, - "value_end": 33, - "variable": "passwd", - "variable_start": 15, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.955, + "ml_probability": 0.726, "line_data_list": [ { "line": "login:master password:dipPr143Gg!", @@ -2681,32 +2331,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.863, - "line_data_list": [ - { - "line": "user=master,pass=dipPr144Gg!", - "line_num": 45, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr144Gg!", - "value_start": 17, - "value_end": 28, - "variable": "pass", - "variable_start": 12, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.971, "line_data_list": [ { "line": "password:dipPr145Gg! username:master", @@ -2731,7 +2356,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.935, + "ml_probability": 0.846, "line_data_list": [ { "line": "Login as:master Password:dipPr146Gg!", @@ -2756,32 +2381,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.917, - "line_data_list": [ - { - "line": "ID:master,pass:dipPr147Gg!", - "line_num": 48, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr147Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pass", - "variable_start": 10, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.888, + "ml_probability": 0.761, "line_data_list": [ { "line": "id:master pw:dipPr148Gg!", @@ -2806,7 +2406,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.664, + "ml_probability": 0.803, "line_data_list": [ { "line": "(98.76.54.32)ID:master PW:dipPr149Gg!", @@ -2831,32 +2431,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.854, - "line_data_list": [ - { - "line": "-id:master -pw:dipPr151Gg!", - "line_num": 52, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr151Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.794, + "ml_probability": 0.666, "line_data_list": [ { "line": "username:master pw:dipPr152Gg!", @@ -2881,7 +2456,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.956, + "ml_probability": 0.842, "line_data_list": [ { "line": "-User Name:master -Password:dipPr154Gg!", @@ -2931,7 +2506,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.921, + "ml_probability": 0.961, "line_data_list": [ { "line": "ANYuser=master ANY_pass=dipPr156Gg!", @@ -2956,7 +2531,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": 0.989, "line_data_list": [ { "line": "ANYUser:master password:dipPr157Gg!", @@ -2977,31 +2552,6 @@ } ] }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.802, - "line_data_list": [ - { - "line": "user:master,pwd:dipPr158Gg!", - "line_num": 59, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr158Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pwd", - "variable_start": 12, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "Password", "severity": "medium", @@ -3031,7 +2581,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.97, "line_data_list": [ { "line": "ANYusername:master,ANY_password:dipPr160Gg!", @@ -3056,7 +2606,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.892, + "ml_probability": 0.656, "line_data_list": [ { "line": "ANY_USER=master ANY_PASS=dipPr161Gg!", @@ -3081,32 +2631,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.985, - "line_data_list": [ - { - "line": "User Account:master User password:dipPr162Gg!", - "line_num": 63, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr162Gg!", - "value_start": 34, - "value_end": 45, - "variable": "password", - "variable_start": 25, - "variable_end": 33, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.88, "line_data_list": [ { "line": "userid=master password=dipPr164Gg!", @@ -3131,7 +2656,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.989, "line_data_list": [ { "line": "ANY-username=master ANY-password=dipPr165Gg!", @@ -3156,107 +2681,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.806, - "line_data_list": [ - { - "line": "username:master pass:dipPr166Gg!", - "line_num": 67, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr166Gg!", - "value_start": 21, - "value_end": 32, - "variable": "pass", - "variable_start": 16, - "variable_end": 20, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.796, - "line_data_list": [ - { - "line": "user=master pwd=dipPr168Gg!", - "line_num": 69, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr168Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pwd", - "variable_start": 12, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.751, - "line_data_list": [ - { - "line": "Name:master,PW:dipPr169Gg!", - "line_num": 70, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr169Gg!", - "value_start": 15, - "value_end": 26, - "variable": "PW", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.871, - "line_data_list": [ - { - "line": "user:master pass:dipPr172Gg!", - "line_num": 73, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr172Gg!", - "value_start": 17, - "value_end": 28, - "variable": "pass", - "variable_start": 12, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.978, "line_data_list": [ { "line": "user=master password=dipPr174Gg!", @@ -3281,7 +2706,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.996, "line_data_list": [ { "line": "Host name:master/Password:dipPr175Gg!", @@ -3306,7 +2731,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.984, + "ml_probability": 0.955, "line_data_list": [ { "line": "role:master,password:dipPr176Gg!", @@ -3331,7 +2756,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.857, + "ml_probability": 0.662, "line_data_list": [ { "line": "Wifi Name:master,PW:dipPr177Gg!", @@ -3356,7 +2781,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 0.751, "line_data_list": [ { "line": "ID:master/Password:dipPr178Gg!", @@ -3381,7 +2806,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.992, "line_data_list": [ { "line": "name:master,password:dipPr179Gg!", @@ -3406,7 +2831,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.874, + "ml_probability": 0.733, "line_data_list": [ { "line": "Loging:master Password:dipPr180Gg!", @@ -3431,19 +2856,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.692, + "ml_probability": 0.653, "line_data_list": [ { - "line": "id:master,default pw:dipPr182Gg!", - "line_num": 83, + "line": "id/pw id:master pw:dipPr185Gg!", + "line_num": 86, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", - "value": "dipPr182Gg!", - "value_start": 21, - "value_end": 32, + "value": "dipPr185Gg!", + "value_start": 19, + "value_end": 30, "variable": "pw", - "variable_start": 18, - "variable_end": 20, + "variable_start": 16, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.1449378351248165, @@ -3456,14 +2881,14 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.812, + "ml_probability": 0.828, "line_data_list": [ { - "line": "id/pw id:master pw:dipPr185Gg!", - "line_num": 86, + "line": "username:master pw:dipPr189Gg!", + "line_num": 90, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", - "value": "dipPr185Gg!", + "value": "dipPr189Gg!", "value_start": 19, "value_end": 30, "variable": "pw", @@ -3481,18 +2906,18 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.719, + "ml_probability": 0.992, "line_data_list": [ { - "line": "user:master,pwd:dipPr186Gg!", - "line_num": 87, + "line": "ANYid:master pw:dipPr194Gg! ip:98.76.54.32", + "line_num": 95, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", - "value": "dipPr186Gg!", + "value": "dipPr194Gg!", "value_start": 16, "value_end": 27, - "variable": "pwd", - "variable_start": 12, + "variable": "pw", + "variable_start": 13, "variable_end": 15, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", @@ -3506,22 +2931,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.623, + "ml_probability": 0.976, "line_data_list": [ { - "line": "username:master/pw:dipPr188Gg!", - "line_num": 89, + "line": "id: master pw:dipPr197Gg!", + "line_num": 98, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", - "value": "dipPr188Gg!", - "value_start": 19, - "value_end": 30, + "value": "dipPr197Gg!", + "value_start": 14, + "value_end": 25, "variable": "pw", - "variable_start": 16, - "variable_end": 18, + "variable_start": 11, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, + "entropy": 3.1449378351248165, "valid": false } } @@ -3531,22 +2956,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.872, + "ml_probability": 0.667, "line_data_list": [ { - "line": "username:master pw:dipPr189Gg!", - "line_num": 90, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "ANY_password=Prl23Db#@", + "line_num": 8, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "dipPr189Gg!", - "value_start": 19, - "value_end": 30, - "variable": "pw", - "variable_start": 16, - "variable_end": 18, + "value": "Prl23Db#@", + "value_start": 13, + "value_end": 22, + "variable": "ANY_password", + "variable_start": 0, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } @@ -3556,47 +2981,47 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.732, + "ml_probability": 0.988, "line_data_list": [ { - "line": "PW:dipPr190Gg! ID:master", - "line_num": 91, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "master@98.76.54.32 password:Prl23Db#@", + "line_num": 14, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "dipPr190Gg!", - "value_start": 3, - "value_end": 14, - "variable": "PW", - "variable_start": 0, - "variable_end": 2, + "value": "Prl23Db#@", + "value_start": 28, + "value_end": 37, + "variable": "password", + "variable_start": 19, + "variable_end": 27, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Password", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.922, + "ml_probability": 0.895, "line_data_list": [ { - "line": "ANYid:master pw:dipPr194Gg! ip:98.76.54.32", - "line_num": 95, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "--Password Prl23Db#@", + "line_num": 15, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "dipPr194Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pw", - "variable_start": 13, - "variable_end": 15, + "value": "Prl23Db#@", + "value_start": 11, + "value_end": 20, + "variable": "Password", + "variable_start": 2, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } @@ -3606,22 +3031,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.975, + "ml_probability": 0.943, "line_data_list": [ { - "line": "id: master pw:dipPr197Gg!", - "line_num": 98, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "default password:Prl23Db#@", + "line_num": 18, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "dipPr197Gg!", - "value_start": 14, - "value_end": 25, - "variable": "pw", - "variable_start": 11, - "variable_end": 13, + "value": "Prl23Db#@", + "value_start": 17, + "value_end": 26, + "variable": "password", + "variable_start": 8, + "variable_end": 16, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } @@ -3631,47 +3056,47 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.8, + "ml_probability": 0.728, "line_data_list": [ { - "line": "id:master@example.com,pw:dipPr198Gg!", - "line_num": 99, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "\"password\":\"Prl23Db#@\"", + "line_num": 21, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "dipPr198Gg!", - "value_start": 25, - "value_end": 36, - "variable": "pw", - "variable_start": 22, - "variable_end": 24, + "value": "Prl23Db#@", + "value_start": 12, + "value_end": 21, + "variable": "password", + "variable_start": 1, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Password", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.937, + "ml_probability": 0.998, "line_data_list": [ { - "line": "id:master@example.com,pw:IHQSB1GG!", - "line_num": 102, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "-password \"Prl23Db#@\"", + "line_num": 33, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "IHQSB1GG!", - "value_start": 25, - "value_end": 34, - "variable": "pw", - "variable_start": 22, - "variable_end": 24, + "value": "Prl23Db#@", + "value_start": 11, + "value_end": 20, + "variable": "password", + "variable_start": 1, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.595488890170944, + "entropy": 2.4654972233440207, "valid": false } } @@ -3681,22 +3106,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.717, + "ml_probability": 0.764, "line_data_list": [ { - "line": "ID/Password:master/iPp2@GRq", - "line_num": 3, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "ANYpassword=Prl23Db#@", + "line_num": 45, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "master/iPp2@GRq", + "value": "Prl23Db#@", "value_start": 12, - "value_end": 27, - "variable": "Password", - "variable_start": 3, + "value_end": 21, + "variable": "ANYpassword", + "variable_start": 0, "variable_end": 11, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, + "entropy": 2.4654972233440207, "valid": false } } @@ -3706,647 +3131,647 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.949, + "ml_probability": 0.916, "line_data_list": [ { - "line": "username/password:master/iPp7@GRq", - "line_num": 8, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "# password: keep empty", + "line_num": 56, + "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "master/iPp7@GRq", - "value_start": 18, - "value_end": 33, + "value": "keep", + "value_start": 12, + "value_end": 16, "variable": "password", - "variable_start": 9, - "variable_end": 17, + "variable_start": 2, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, + "entropy": 1.5, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.699, + "ml_probability": 1.0, "line_data_list": [ { - "line": "id/passwd:master/iPp8@GRq", - "line_num": 9, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "ANY-Token:AIhq5Xyb1Gga9Q0", + "line_num": 1, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "master/iPp8@GRq", + "value": "AIhq5Xyb1Gga9Q0", "value_start": 10, "value_end": 25, - "variable": "passwd", - "variable_start": 3, + "variable": "ANY-Token", + "variable_start": 0, "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.739, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32(ID:master/PW:iPp10@GRq) # todo: move into other sample ?", - "line_num": 11, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "token:AIhq5Xyb1Gga9Q2", + "line_num": 3, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "iPp10@GRq", - "value_start": 25, - "value_end": 34, - "variable": "PW", - "variable_start": 22, - "variable_end": 24, + "value": "AIhq5Xyb1Gga9Q2", + "value_start": 6, + "value_end": 21, + "variable": "token", + "variable_start": 0, + "variable_end": 5, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8177111123931664, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.967, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32 id/pw:master/iPp19@GRq", - "line_num": 20, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", + "line_num": 4, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "master/iPp19@GRq", - "value_start": 18, - "value_end": 34, - "variable": "pw", - "variable_start": 15, - "variable_end": 17, + "value": "AIhq5Xyb1Gga9Q3", + "value_start": 11, + "value_end": 26, + "variable": "KEY", + "variable_start": 7, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.666, + "ml_probability": 1.0, "line_data_list": [ { - "line": "user/pass:master/iPp25@GRq", - "line_num": 26, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", + "line_num": 4, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "master/iPp25@GRq", - "value_start": 10, + "value": "AIhq5Xyb1Gga9Q3", + "value_start": 11, "value_end": 26, - "variable": "pass", - "variable_start": 5, - "variable_end": 9, + "variable": "SECRET KEY", + "variable_start": 0, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.918, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ID/Password=master/iPp27@GRq", - "line_num": 28, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "secret=AIhq5Xyb1Gga9Q4", + "line_num": 5, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "master/iPp27@GRq", - "value_start": 12, - "value_end": 28, - "variable": "Password", - "variable_start": 3, - "variable_end": 11, + "value": "AIhq5Xyb1Gga9Q4", + "value_start": 7, + "value_end": 22, + "variable": "secret", + "variable_start": 0, + "variable_end": 6, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.911, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:Prl23Db#@", - "line_num": 1, - "path": "./tests/samples/doc_passwd_pair", + "line": "--token AIhq5Xyb1Gga9Q5", + "line_num": 6, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, + "value": "AIhq5Xyb1Gga9Q5", + "value_start": 8, + "value_end": 23, + "variable": "token", + "variable_start": 2, + "variable_end": 7, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.773557262275185, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.918, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password=Prl23Db#@", - "line_num": 4, - "path": "./tests/samples/doc_passwd_pair", + "line": "secret:AIhq5Xyb1Gga9Q6", + "line_num": 7, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", + "value": "AIhq5Xyb1Gga9Q6", + "value_start": 7, + "value_end": 22, + "variable": "secret", "variable_start": 0, - "variable_end": 8, + "variable_end": 6, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_password=Prl23Db#@", + "line": "ANY_token=AIhq5Xyb1Gga9Q7", "line_num": 8, - "path": "./tests/samples/doc_passwd_pair", + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "ANY_password", + "value": "AIhq5Xyb1Gga9Q7", + "value_start": 10, + "value_end": 25, + "variable": "ANY_token", "variable_start": 0, - "variable_end": 12, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Secret", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.723, + "ml_probability": 1.0, "line_data_list": [ { - "line": "pass:Prl23Db#@", - "line_num": 10, - "path": "./tests/samples/doc_passwd_pair", + "line": "-secret AIhq5Xyb1Gga9Q10", + "line_num": 11, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 5, - "value_end": 14, - "variable": "pass", - "variable_start": 0, - "variable_end": 4, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false + "value": "AIhq5Xyb1Gga9Q10", + "value_start": 8, + "value_end": 24, + "variable": "secret", + "variable_start": 1, + "variable_end": 7, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.875, + "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY-password=Prl23Db#@", - "line_num": 11, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY.secret=AIhq5Xyb1Gga9Q19", + "line_num": 20, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "ANY-password", + "value": "AIhq5Xyb1Gga9Q19", + "value_start": 11, + "value_end": 27, + "variable": "ANY.secret", "variable_start": 0, - "variable_end": 12, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.75, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.974, + "ml_probability": 1.0, "line_data_list": [ { - "line": "master@98.76.54.32 password:Prl23Db#@", - "line_num": 14, - "path": "./tests/samples/doc_passwd_pair", + "line": "--secret=AIhq5Xyb1Gga9Q21", + "line_num": 22, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 28, - "value_end": 37, - "variable": "password", - "variable_start": 19, - "variable_end": 27, + "value": "AIhq5Xyb1Gga9Q21", + "value_start": 9, + "value_end": 25, + "variable": "secret", + "variable_start": 2, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "CMD Password", - "severity": "high", + "rule": "Secret", + "severity": "medium", "confidence": "moderate", - "ml_probability": 0.869, + "ml_probability": 1.0, "line_data_list": [ { - "line": "--Password Prl23Db#@", - "line_num": 15, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY_secret:AIhq5Xyb1Gga9Q22", + "line_num": 23, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", + "value": "AIhq5Xyb1Gga9Q22", "value_start": 11, - "value_end": 20, - "variable": "Password", - "variable_start": 2, + "value_end": 27, + "variable": "ANY_secret", + "variable_start": 0, "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.659, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_PW:Prl23Db#@", - "line_num": 17, - "path": "./tests/samples/doc_passwd_pair", + "line": "-Token:AIhq5Xyb1Gga9Q23", + "line_num": 24, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", + "value": "AIhq5Xyb1Gga9Q23", "value_start": 7, - "value_end": 16, - "variable": "ANY_PW", - "variable_start": 0, + "value_end": 23, + "variable": "Token", + "variable_start": 1, "variable_end": 6, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "API", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 1.0, "line_data_list": [ { - "line": "default password:Prl23Db#@", - "line_num": 18, - "path": "./tests/samples/doc_passwd_pair", + "line": "API Secret:AIhq5Xyb1Gga9Q24", + "line_num": 25, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 17, - "value_end": 26, - "variable": "password", - "variable_start": 8, - "variable_end": 16, + "value": "AIhq5Xyb1Gga9Q24", + "value_start": 11, + "value_end": 27, + "variable": "API Secret", + "variable_start": 0, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.967, + "ml_probability": 1.0, "line_data_list": [ { - "line": "\"password\":\"Prl23Db#@\"", - "line_num": 21, - "path": "./tests/samples/doc_passwd_pair", + "line": "API Secret:AIhq5Xyb1Gga9Q24", + "line_num": 25, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 12, - "value_end": 21, - "variable": "password", - "variable_start": 1, - "variable_end": 9, + "value": "AIhq5Xyb1Gga9Q24", + "value_start": 11, + "value_end": 27, + "variable": "Secret", + "variable_start": 4, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.678, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Passwd:Prl23Db#@ Prl23Db#@", - "line_num": 23, - "path": "./tests/samples/doc_passwd_pair", + "line": "access key:AIhq5Xyb1Gga9Q26", + "line_num": 27, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 7, - "value_end": 16, - "variable": "Passwd", - "variable_start": 0, - "variable_end": 6, + "value": "AIhq5Xyb1Gga9Q26", + "value_start": 11, + "value_end": 27, + "variable": "key", + "variable_start": 7, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.886, + "ml_probability": 1.0, "line_data_list": [ { - "line": "PW:Prl23Db#@,password:Prl23Db#@", - "line_num": 24, - "path": "./tests/samples/doc_passwd_pair", + "line": "Secret Key:AIhq5Xyb1Gga9Q27", + "line_num": 28, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 22, - "value_end": 31, - "variable": "password", - "variable_start": 13, - "variable_end": 21, + "value": "AIhq5Xyb1Gga9Q27", + "value_start": 11, + "value_end": 27, + "variable": "Key", + "variable_start": 7, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@,\ube44\ubc88:Prl23Db#@", - "line_num": 25, - "path": "./tests/samples/doc_passwd_pair", + "line": "Secret Key:AIhq5Xyb1Gga9Q27", + "line_num": 28, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "password", + "value": "AIhq5Xyb1Gga9Q27", + "value_start": 11, + "value_end": 27, + "variable": "Secret Key", "variable_start": 0, - "variable_end": 8, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.929, + "ml_probability": 1.0, "line_data_list": [ { - "line": "passwd=Prl23Db#@", - "line_num": 26, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY_key=AIhq5Xyb1Gga9Q29", + "line_num": 30, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 7, - "value_end": 16, - "variable": "passwd", + "value": "AIhq5Xyb1Gga9Q29", + "value_start": 8, + "value_end": 24, + "variable": "ANY_key", "variable_start": 0, - "variable_end": 6, + "variable_end": 7, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.97, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@, paasword:Prl23Db#@", - "line_num": 30, - "path": "./tests/samples/doc_passwd_pair", + "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", + "line_num": 31, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "password", + "value": "AIhq5Xyb1Gga9Q30", + "value_start": 14, + "value_end": 30, + "variable": "secret-ANYkey", "variable_start": 0, - "variable_end": 8, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@,ANYPassword:Prl23Db#@", + "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", "line_num": 31, - "path": "./tests/samples/doc_passwd_pair", + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "value": "AIhq5Xyb1Gga9Q30", + "value_start": 14, + "value_end": 30, + "variable": "secret-ANYkey", + "variable_start": 0, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.93, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@,ANYPassword:Prl23Db#@", - "line_num": 31, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY_id=AIhq5Xyb1Gga9Q31 ANY_token=AIhq5Xyb1Gga9Q31", + "line_num": 32, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 31, - "value_end": 40, - "variable": "ANYPassword", - "variable_start": 19, - "variable_end": 30, + "value": "AIhq5Xyb1Gga9Q31", + "value_start": 34, + "value_end": 50, + "variable": "ANY_token", + "variable_start": 24, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.77, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:Prl23Db#@,pwd=Prl23Db#@", - "line_num": 32, - "path": "./tests/samples/doc_passwd_pair", + "line": "access_token:AIhq5Xyb1Gga9Q33", + "line_num": 34, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", + "value": "AIhq5Xyb1Gga9Q33", + "value_start": 13, + "value_end": 29, + "variable": "access_token", "variable_start": 0, - "variable_end": 8, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.829, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:Prl23Db#@,pwd=Prl23Db#@", - "line_num": 32, - "path": "./tests/samples/doc_passwd_pair", + "line": "Authentication key:AIhq5Xyb1Gga9Q35", + "line_num": 36, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 23, - "value_end": 32, - "variable": "pwd", - "variable_start": 19, - "variable_end": 22, + "value": "AIhq5Xyb1Gga9Q35", + "value_start": 19, + "value_end": 35, + "variable": "Authentication key", + "variable_start": 0, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "CMD Password", - "severity": "high", + "rule": "Key", + "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 1.0, "line_data_list": [ { - "line": "-password \"Prl23Db#@\"", - "line_num": 33, - "path": "./tests/samples/doc_passwd_pair", + "line": "Authentication key:AIhq5Xyb1Gga9Q35", + "line_num": 36, + "path": "./tests/samples/doc_secret_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 11, - "value_end": 20, - "variable": "password", - "variable_start": 1, - "variable_end": 9, + "value": "AIhq5Xyb1Gga9Q35", + "value_start": 19, + "value_end": 35, + "variable": "key", + "variable_start": 15, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } @@ -4356,22 +3781,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.965, + "ml_probability": 0.999, "line_data_list": [ { - "line": "ANY_password:Prl23Db#@", - "line_num": 34, - "path": "./tests/samples/doc_passwd_pair", + "line": "master@98.76.54.32(pw:IhqSb1Gg)", + "line_num": 3, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "ANY_password", - "variable_start": 0, - "variable_end": 12, + "value": "IhqSb1Gg", + "value_start": 22, + "value_end": 30, + "variable": "pw", + "variable_start": 19, + "variable_end": 21, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4381,22 +3806,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.937, + "ml_probability": 0.887, "line_data_list": [ { - "line": "--password=Prl23Db#@", - "line_num": 37, - "path": "./tests/samples/doc_passwd_pair", + "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", + "line_num": 4, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 11, - "value_end": 20, - "variable": "password", - "variable_start": 2, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 42, + "value_end": 50, + "variable": "PW", + "variable_start": 39, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4406,22 +3831,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.969, + "ml_probability": 0.832, "line_data_list": [ { - "line": "root/Prl23Db#@,root password:Prl23Db#@", - "line_num": 38, - "path": "./tests/samples/doc_passwd_pair", + "line": "Password:master/IhqSb1Gg", + "line_num": 5, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 29, - "value_end": 38, - "variable": "password", - "variable_start": 20, - "variable_end": 28, + "value": "master/IhqSb1Gg", + "value_start": 9, + "value_end": 24, + "variable": "Password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.906890595608518, "valid": false } } @@ -4431,22 +3856,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.925, + "ml_probability": 0.999, "line_data_list": [ { - "line": "Prl23Db#@ username:Prl23Db#@,Prl23Db#@ password:Prl23Db#@", - "line_num": 40, - "path": "./tests/samples/doc_passwd_pair", + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (PW:IhqSb1Gg)", + "line_num": 6, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 48, - "value_end": 57, - "variable": "password", - "variable_start": 39, - "variable_end": 47, + "value": "IhqSb1Gg", + "value_start": 44, + "value_end": 52, + "variable": "PW", + "variable_start": 41, + "variable_end": 43, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4456,22 +3881,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.861, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Prl23Db#@:password:Prl23Db#@", - "line_num": 41, - "path": "./tests/samples/doc_passwd_pair", + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} password:IhqSb1Gg", + "line_num": 7, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 19, - "value_end": 28, + "value": "IhqSb1Gg", + "value_start": 49, + "value_end": 57, "variable": "password", - "variable_start": 10, - "variable_end": 18, + "variable_start": 40, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4481,22 +3906,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANYpassword=Prl23Db#@", - "line_num": 45, - "path": "./tests/samples/doc_passwd_pair", + "line": "ssh -P IhqSb1Gg gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", + "line_num": 11, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 12, - "value_end": 21, - "variable": "ANYpassword", - "variable_start": 0, - "variable_end": 11, + "value": "IhqSb1Gg", + "value_start": 62, + "value_end": 70, + "variable": "password", + "variable_start": 53, + "variable_end": 61, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4506,22 +3931,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.969, + "ml_probability": 0.999, "line_data_list": [ { - "line": "passwords:Prl23Db#@", - "line_num": 46, - "path": "./tests/samples/doc_passwd_pair", + "line": "gildong.hong@98.76.54.32 pwd:IhqSb1Gg", + "line_num": 15, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 10, - "value_end": 19, - "variable": "passwords", - "variable_start": 0, - "variable_end": 9, + "value": "IhqSb1Gg", + "value_start": 29, + "value_end": 37, + "variable": "pwd", + "variable_start": 25, + "variable_end": 28, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4531,22 +3956,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.986, + "ml_probability": 0.979, "line_data_list": [ { - "line": "password=>Prl23Db#@", - "line_num": 48, - "path": "./tests/samples/doc_passwd_pair", + "line": "\uacc4\uc815:master(PW:IhqSb1Gg)", + "line_num": 16, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 10, - "value_end": 19, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "value": "IhqSb1Gg", + "value_start": 13, + "value_end": 21, + "variable": "PW", + "variable_start": 10, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4556,247 +3981,247 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.674, + "ml_probability": 0.999, "line_data_list": [ { - "line": "# password: keep empty", - "line_num": 56, - "path": "./tests/samples/doc_passwd_pair", + "line": "98.76.54.32(pw:IhqSb1Gg)", + "line_num": 17, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "keep", - "value_start": 12, - "value_end": 16, - "variable": "password", - "variable_start": 2, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "pw", + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.5, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY-Token:AIhq5Xyb1Gga9Q0", - "line_num": 1, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32/pw:IhqSb1Gg", + "line_num": 19, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q0", - "value_start": 10, - "value_end": 25, - "variable": "ANY-Token", - "variable_start": 0, - "variable_end": 9, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "pw", + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.967, "line_data_list": [ { - "line": "token:AIhq5Xyb1Gga9Q2", - "line_num": 3, - "path": "./tests/samples/doc_secret_pair", + "line": "ID:gildong.hong@example.com mailto:{1}/pw:IhqSb1Gg", + "line_num": 20, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q2", - "value_start": 6, - "value_end": 21, - "variable": "token", - "variable_start": 0, - "variable_end": 5, + "value": "IhqSb1Gg", + "value_start": 42, + "value_end": 50, + "variable": "pw", + "variable_start": 39, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", - "line_num": 4, - "path": "./tests/samples/doc_secret_pair", + "line": "sftp gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", + "line_num": 22, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q3", - "value_start": 11, - "value_end": 26, - "variable": "KEY", - "variable_start": 7, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 45, + "value_end": 53, + "variable": "pw", + "variable_start": 42, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.996, "line_data_list": [ { - "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", - "line_num": 4, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", + "line_num": 23, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q3", - "value_start": 11, - "value_end": 26, - "variable": "SECRET KEY", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 40, + "value_end": 48, + "variable": "pw", + "variable_start": 37, + "variable_end": 39, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.806, "line_data_list": [ { - "line": "secret=AIhq5Xyb1Gga9Q4", - "line_num": 5, - "path": "./tests/samples/doc_secret_pair", + "line": "-id:gildong.hong@example.com mailto:{1} -pwd:IhqSb1Gg", + "line_num": 24, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q4", - "value_start": 7, - "value_end": 22, - "variable": "secret", - "variable_start": 0, - "variable_end": 6, + "value": "IhqSb1Gg", + "value_start": 45, + "value_end": 53, + "variable": "pwd", + "variable_start": 41, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "CMD Token", - "severity": "high", + "rule": "Password", + "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "--token AIhq5Xyb1Gga9Q5", - "line_num": 6, - "path": "./tests/samples/doc_secret_pair", + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", + "line_num": 25, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q5", - "value_start": 8, - "value_end": 23, - "variable": "token", - "variable_start": 2, - "variable_end": 7, + "value": "IhqSb1Gg", + "value_start": 50, + "value_end": 58, + "variable": "password", + "variable_start": 41, + "variable_end": 49, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.773557262275185, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "secret:AIhq5Xyb1Gga9Q6", - "line_num": 7, - "path": "./tests/samples/doc_secret_pair", + "line": "id:gildong.hong@example.com mailto:{1} password:IhqSb1Gg", + "line_num": 28, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q6", - "value_start": 7, - "value_end": 22, - "variable": "secret", - "variable_start": 0, - "variable_end": 6, + "value": "IhqSb1Gg", + "value_start": 48, + "value_end": 56, + "variable": "password", + "variable_start": 39, + "variable_end": 47, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_token=AIhq5Xyb1Gga9Q7", - "line_num": 8, - "path": "./tests/samples/doc_secret_pair", + "line": "ANY_password,default:IhqSb1Gg", + "line_num": 31, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q7", - "value_start": 10, - "value_end": 25, - "variable": "ANY_token", + "value": "IhqSb1Gg", + "value_start": 21, + "value_end": 29, + "variable": "ANY_password,default", "variable_start": 0, - "variable_end": 9, + "variable_end": 20, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "CMD Secret", - "severity": "high", + "rule": "Key", + "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "-secret AIhq5Xyb1Gga9Q10", - "line_num": 11, - "path": "./tests/samples/doc_secret_pair", + "line": "Key(ANYSecret):IhqSb1Gg", + "line_num": 32, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q10", - "value_start": 8, - "value_end": 24, - "variable": "secret", - "variable_start": 1, - "variable_end": 7, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "Key(ANYSecret)", + "variable_start": 0, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } @@ -4806,397 +4231,397 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "ANY.secret=AIhq5Xyb1Gga9Q19", - "line_num": 20, - "path": "./tests/samples/doc_secret_pair", + "line": "Key(ANYSecret):IhqSb1Gg", + "line_num": 32, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q19", - "value_start": 11, - "value_end": 27, - "variable": "ANY.secret", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "ANYSecret)", + "variable_start": 4, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "--secret=AIhq5Xyb1Gga9Q21", - "line_num": 22, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32 ANY_PW:IhqSb1Gg", + "line_num": 34, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q21", - "value_start": 9, - "value_end": 25, - "variable": "secret", - "variable_start": 2, - "variable_end": 8, + "value": "IhqSb1Gg", + "value_start": 19, + "value_end": 27, + "variable": "ANY_PW", + "variable_start": 12, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.998, "line_data_list": [ { - "line": "ANY_secret:AIhq5Xyb1Gga9Q22", - "line_num": 23, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32(ID/PW:IhqSb1Gg)", + "line_num": 36, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q22", - "value_start": 11, - "value_end": 27, - "variable": "ANY_secret", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 18, + "value_end": 26, + "variable": "PW", + "variable_start": 15, + "variable_end": 17, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.984, "line_data_list": [ { - "line": "-Token:AIhq5Xyb1Gga9Q23", - "line_num": 24, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32 (pwd:IhqSb1Gg)", + "line_num": 38, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q23", - "value_start": 7, - "value_end": 23, - "variable": "Token", - "variable_start": 1, - "variable_end": 6, + "value": "IhqSb1Gg", + "value_start": 30, + "value_end": 38, + "variable": "pwd", + "variable_start": 26, + "variable_end": 29, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "API", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "API Secret:AIhq5Xyb1Gga9Q24", - "line_num": 25, - "path": "./tests/samples/doc_secret_pair", + "line": "password for master:IhqSb1Gg", + "line_num": 43, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q24", - "value_start": 11, - "value_end": 27, - "variable": "API Secret", + "value": "IhqSb1Gg", + "value_start": 20, + "value_end": 28, + "variable": "password for master", "variable_start": 0, - "variable_end": 10, + "variable_end": 19, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "API Secret:AIhq5Xyb1Gga9Q24", - "line_num": 25, - "path": "./tests/samples/doc_secret_pair", + "line": "id:xxxx(ANYpw:IhqSb1Ga)", + "line_num": 46, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q24", - "value_start": 11, - "value_end": 27, - "variable": "Secret", - "variable_start": 4, - "variable_end": 10, + "value": "IhqSb1Ga", + "value_start": 14, + "value_end": 22, + "variable": "ANYpw", + "variable_start": 8, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "access key:AIhq5Xyb1Gga9Q26", - "line_num": 27, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32,pw:IhqSb1Gg", + "line_num": 47, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q26", - "value_start": 11, - "value_end": 27, - "variable": "key", - "variable_start": 7, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 28, + "value_end": 36, + "variable": "pw", + "variable_start": 25, + "variable_end": 27, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.998, "line_data_list": [ { - "line": "Secret Key:AIhq5Xyb1Gga9Q27", - "line_num": 28, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32:xxxx(PW:IhqSb1Gg)", + "line_num": 51, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q27", - "value_start": 11, - "value_end": 27, - "variable": "Key", - "variable_start": 7, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 20, + "value_end": 28, + "variable": "PW", + "variable_start": 17, + "variable_end": 19, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "Secret Key:AIhq5Xyb1Gga9Q27", - "line_num": 28, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32 PW:IhqSb1Gg", + "line_num": 56, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q27", - "value_start": 11, - "value_end": 27, - "variable": "Secret Key", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 28, + "value_end": 36, + "variable": "PW", + "variable_start": 25, + "variable_end": 27, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_key=AIhq5Xyb1Gga9Q29", - "line_num": 30, - "path": "./tests/samples/doc_secret_pair", + "line": "ANY_user:xxxx ANY_pwd:IhqSb1Gg", + "line_num": 61, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q29", - "value_start": 8, - "value_end": 24, - "variable": "ANY_key", - "variable_start": 0, - "variable_end": 7, + "value": "IhqSb1Gg", + "value_start": 22, + "value_end": 30, + "variable": "ANY_pwd", + "variable_start": 14, + "variable_end": 21, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", - "line_num": 31, - "path": "./tests/samples/doc_secret_pair", + "line": "Acount name:xxxx Initial Password:IhqSb1Gg", + "line_num": 62, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q30", - "value_start": 14, - "value_end": 30, - "variable": "secret-ANYkey", - "variable_start": 0, - "variable_end": 13, + "value": "IhqSb1Gg", + "value_start": 34, + "value_end": 42, + "variable": "Password", + "variable_start": 25, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.995, "line_data_list": [ { - "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", - "line_num": 31, - "path": "./tests/samples/doc_secret_pair", + "line": "Access wifi:xxxx(PW:IhqSb1Gg)", + "line_num": 63, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q30", - "value_start": 14, - "value_end": 30, - "variable": "secret-ANYkey", - "variable_start": 0, - "variable_end": 13, + "value": "IhqSb1Gg", + "value_start": 20, + "value_end": 28, + "variable": "PW", + "variable_start": 17, + "variable_end": 19, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.996, "line_data_list": [ { - "line": "ANY_id=AIhq5Xyb1Gga9Q31 ANY_token=AIhq5Xyb1Gga9Q31", - "line_num": 32, - "path": "./tests/samples/doc_secret_pair", + "line": "-User:master -PasswordANY:IhqSb1Gg", + "line_num": 66, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q31", - "value_start": 34, - "value_end": 50, - "variable": "ANY_token", - "variable_start": 24, - "variable_end": 33, + "value": "IhqSb1Gg", + "value_start": 26, + "value_end": 34, + "variable": "PasswordANY", + "variable_start": 14, + "variable_end": 25, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "access_token:AIhq5Xyb1Gga9Q33", - "line_num": 34, - "path": "./tests/samples/doc_secret_pair", + "line": "password(default:IhqSb1Gg)", + "line_num": 68, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q33", - "value_start": 13, - "value_end": 29, - "variable": "access_token", + "value": "IhqSb1Gg", + "value_start": 17, + "value_end": 25, + "variable": "password(default", "variable_start": 0, - "variable_end": 12, + "variable_end": 16, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Auth", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 0.999, "line_data_list": [ { - "line": "Authentication key:AIhq5Xyb1Gga9Q35", - "line_num": 36, - "path": "./tests/samples/doc_secret_pair", + "line": "master@98.76.54.32(pw:IhqSb1Gg)", + "line_num": 73, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q35", - "value_start": 19, - "value_end": 35, - "variable": "Authentication key", - "variable_start": 0, - "variable_end": 18, + "value": "IhqSb1Gg", + "value_start": 22, + "value_end": 30, + "variable": "pw", + "variable_start": 19, + "variable_end": 21, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Authentication key:AIhq5Xyb1Gga9Q35", - "line_num": 36, - "path": "./tests/samples/doc_secret_pair", + "line": "master@98.76.54.32,PW:IhqSb1Gg", + "line_num": 74, + "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "AIhq5Xyb1Gga9Q35", - "value_start": 19, - "value_end": 35, - "variable": "key", - "variable_start": 15, - "variable_end": 18, + "value": "IhqSb1Gg", + "value_start": 22, + "value_end": 30, + "variable": "PW", + "variable_start": 19, + "variable_end": 21, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } @@ -5206,19 +4631,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 1.0, "line_data_list": [ { - "line": "master@98.76.54.32(pw:IhqSb1Gg)", - "line_num": 3, + "line": "98.76.54.32 pw:IhqSb1Gg", + "line_num": 75, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 22, - "value_end": 30, + "value_start": 15, + "value_end": 23, "variable": "pw", - "variable_start": 19, - "variable_end": 21, + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5231,19 +4656,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.968, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", - "line_num": 4, + "line": "config:xxxx,PW:IhqSb1Gg", + "line_num": 78, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 42, - "value_end": 50, + "value_start": 15, + "value_end": 23, "variable": "PW", - "variable_start": 39, - "variable_end": 41, + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5256,22 +4681,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:master/IhqSb1Gg", - "line_num": 5, + "line": "scp gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", + "line_num": 82, "path": "./tests/samples/doc_various", "info": "FILE|RAW", - "value": "master/IhqSb1Gg", - "value_start": 9, - "value_end": 24, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, + "value": "IhqSb1Gg", + "value_start": 43, + "value_end": 51, + "variable": "pw", + "variable_start": 40, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } @@ -5281,19 +4706,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 0.999, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (PW:IhqSb1Gg)", - "line_num": 6, + "line": "id:gildong.hong@xxx.com mailto:{1} pw:IhqSb1Gg", + "line_num": 83, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 44, - "value_end": 52, - "variable": "PW", - "variable_start": 41, - "variable_end": 43, + "value_start": 38, + "value_end": 46, + "variable": "pw", + "variable_start": 35, + "variable_end": 37, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5309,16 +4734,16 @@ "ml_probability": 1.0, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} password:IhqSb1Gg", - "line_num": 7, + "line": "gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", + "line_num": 84, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 49, - "value_end": 57, - "variable": "password", - "variable_start": 40, - "variable_end": 48, + "value_start": 39, + "value_end": 47, + "variable": "pw", + "variable_start": 36, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5334,16 +4759,16 @@ "ml_probability": 1.0, "line_data_list": [ { - "line": "ssh -P IhqSb1Gg gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", - "line_num": 11, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1},pw:IhqSb1Gg", + "line_num": 85, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 62, - "value_end": 70, - "variable": "password", - "variable_start": 53, - "variable_end": 61, + "value_start": 43, + "value_end": 51, + "variable": "pw", + "variable_start": 40, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5356,19 +4781,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.999, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 pwd:IhqSb1Gg", - "line_num": 15, + "line": "(ssh gildong.hong@98.76.54.32 mailto{1}) pwd:IhqSb1Gg", + "line_num": 87, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 29, - "value_end": 37, + "value_start": 45, + "value_end": 53, "variable": "pwd", - "variable_start": 25, - "variable_end": 28, + "variable_start": 41, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5381,19 +4806,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.934, + "ml_probability": 1.0, "line_data_list": [ { - "line": "\uacc4\uc815:master(PW:IhqSb1Gg)", - "line_num": 16, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1}, pw:IhqSb1Gg", + "line_num": 90, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 13, - "value_end": 21, - "variable": "PW", - "variable_start": 10, - "variable_end": 12, + "value_start": 44, + "value_end": 52, + "variable": "pw", + "variable_start": 41, + "variable_end": 43, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5406,19 +4831,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.998, "line_data_list": [ { - "line": "98.76.54.32(pw:IhqSb1Gg)", - "line_num": 17, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (pwd:IhqSb1Gg)", + "line_num": 93, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, + "value_start": 45, + "value_end": 53, + "variable": "pwd", + "variable_start": 41, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5431,19 +4856,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32/pw:IhqSb1Gg", - "line_num": 19, + "line": "gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", + "line_num": 94, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, + "value_start": 46, + "value_end": 54, + "variable": "password", + "variable_start": 37, + "variable_end": 45, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5456,44 +4881,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.99, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ID:gildong.hong@example.com mailto:{1}/pw:IhqSb1Gg", - "line_num": 20, + "line": "gildong.hong@98.76.54.32 mailto:{1} Password:IhqSb1Gg", + "line_num": 96, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 42, - "value_end": 50, - "variable": "pw", - "variable_start": 39, - "variable_end": 41, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.887, - "line_data_list": [ - { - "line": "ID:gildong.hong@any.example.com mailto:{1} PWD:IhqSb1Gg", - "line_num": 21, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 47, - "value_end": 55, - "variable": "PWD", - "variable_start": 43, - "variable_end": 46, + "value_start": 45, + "value_end": 53, + "variable": "Password", + "variable_start": 36, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5506,19 +4906,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.991, + "ml_probability": 0.997, "line_data_list": [ { - "line": "sftp gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", - "line_num": 22, + "line": "gildong.hong@98.76.54.32 mailto:{1} (pass:IhqSb1Gg)", + "line_num": 97, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pw", - "variable_start": 42, - "variable_end": 44, + "value_start": 42, + "value_end": 50, + "variable": "pass", + "variable_start": 37, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5531,19 +4931,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.956, + "ml_probability": 1.0, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", - "line_num": 23, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", + "line_num": 100, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 40, - "value_end": 48, + "value_start": 43, + "value_end": 51, "variable": "pw", - "variable_start": 37, - "variable_end": 39, + "variable_start": 40, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5556,18 +4956,18 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": 1.0, "line_data_list": [ { - "line": "-id:gildong.hong@example.com mailto:{1} -pwd:IhqSb1Gg", - "line_num": 24, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pass:IhqSb1Gg", + "line_num": 101, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", "value_start": 45, "value_end": 53, - "variable": "pwd", - "variable_start": 41, + "variable": "pass", + "variable_start": 40, "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", @@ -5581,19 +4981,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", - "line_num": 25, + "line": "id:gildong.hong@xxx.com mailto:{1}/password:IhqSb1Gg", + "line_num": 102, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 50, - "value_end": 58, + "value_start": 44, + "value_end": 52, "variable": "password", - "variable_start": 41, - "variable_end": 49, + "variable_start": 35, + "variable_end": 43, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5606,19 +5006,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "id:gildong.hong@example.com mailto:{1} password:IhqSb1Gg", - "line_num": 28, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1}/password:IhqSb1Gg", + "line_num": 104, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 48, - "value_end": 56, + "value_start": 49, + "value_end": 57, "variable": "password", - "variable_start": 39, - "variable_end": 47, + "variable_start": 40, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5631,19 +5031,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.987, "line_data_list": [ { - "line": "ANY_password,default:IhqSb1Gg", - "line_num": 31, + "line": "-ANYID:gildong.hong@example.com mailto:{1} -pw:IhqSb1Gg", + "line_num": 105, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 21, - "value_end": 29, - "variable": "ANY_password,default", - "variable_start": 0, - "variable_end": 20, + "value_start": 47, + "value_end": 55, + "variable": "pw", + "variable_start": 44, + "variable_end": 46, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5653,22 +5053,22 @@ ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 0.997, "line_data_list": [ { - "line": "Key(ANYSecret):IhqSb1Gg", - "line_num": 32, + "line": "ID:gildong.hong@xxxx.net mailto:{1} pw:IhqSb1Gg", + "line_num": 106, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "Key(ANYSecret)", - "variable_start": 0, - "variable_end": 14, + "value_start": 39, + "value_end": 47, + "variable": "pw", + "variable_start": 36, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5678,22 +5078,22 @@ ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 0.999, "line_data_list": [ { - "line": "Key(ANYSecret):IhqSb1Gg", - "line_num": 32, + "line": "http://98.76.54.32:xxx(pw:IhqSb1Gg)", + "line_num": 108, "path": "./tests/samples/doc_various", "info": "FILE|RAW", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "ANYSecret)", - "variable_start": 4, - "variable_end": 14, + "value_start": 26, + "value_end": 34, + "variable": "pw", + "variable_start": 23, + "variable_end": 25, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5706,48 +5106,48 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.996, "line_data_list": [ { - "line": "98.76.54.32 ANY_PW:IhqSb1Gg", - "line_num": 34, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 19, - "value_end": 27, - "variable": "ANY_PW", - "variable_start": 12, - "variable_end": 18, + "line": "Password: \"Dw7^&ndgf", + "line_num": 16, + "path": "./tests/samples/drawio", + "info": "FILE|MXFILE", + "value": "Df34D<345&>gf", + "value_start": 14, + "value_end": 27, + "variable": "textpassword", + "variable_start": 0, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 2.2311074754931477, "valid": false } } @@ -5781,2182 +5181,2166 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.87, "line_data_list": [ { - "line": "password for master:IhqSb1Gg", - "line_num": 43, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 20, - "value_end": 28, - "variable": "password for master", + "line": "pass: Dsfgh%$d<>s&", + "line_num": 34, + "path": "./tests/samples/drawio", + "info": "FILE|MXFILE", + "value": "Dsfgh%$d<>s&", + "value_start": 6, + "value_end": 18, + "variable": "pass", "variable_start": 0, - "variable_end": 19, + "variable_end": 4, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 1.9245614587540076, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.981, + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "id:xxxx(ANYpw:IhqSb1Ga)", - "line_num": 46, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "IhqSb1Ga", - "value_start": 14, - "value_end": 22, - "variable": "ANYpw", - "variable_start": 8, - "variable_end": 13, + "line": "page2 secret is ce49dba1-e4fe-b2a7-4ffa-132bcd819474", + "line_num": 45, + "path": "./tests/samples/drawio", + "info": "FILE|MXFILE", + "value": "ce49dba1-e4fe-b2a7-4ffa-132bcd819474", + "value_start": 16, + "value_end": 52, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.3348200572472178, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, + "rule": "Dropbox API secret (long term)", + "severity": "high", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32,pw:IhqSb1Gg", - "line_num": 47, - "path": "./tests/samples/doc_various", + "line": "var g = '7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ'", + "line_num": 1, + "path": "./tests/samples/dropbox_api_secret_long_term", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 28, - "value_end": 36, - "variable": "pw", - "variable_start": 25, - "variable_end": 27, + "value": "7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ", + "value_start": 9, + "value_end": 73, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.89361507332541, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.981, + "rule": "Dropbox App secret", + "severity": "info", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "98.76.54.32:xxxx(PW:IhqSb1Gg)", - "line_num": 51, - "path": "./tests/samples/doc_various", + "line": "var app_unique_val_s = 'wpv1jq9xwanbn3n';", + "line_num": 1, + "path": "./tests/samples/dropbox_app_secret", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 20, - "value_end": 28, - "variable": "PW", - "variable_start": 17, - "variable_end": 19, + "value": "wpv1jq9xwanbn3n", + "value_start": 24, + "value_end": 39, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.456564762130954, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Dropbox OAuth2 API Access Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": null, "line_data_list": [ { - "line": "\uacc4\uc815/Password-xxxx:master/IhqSb1Gg", - "line_num": 55, - "path": "./tests/samples/doc_various", + "line": "var dropbox = 'sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc';", + "line_num": 1, + "path": "./tests/samples/dropbox_oauth_token", "info": "FILE|RAW", - "value": "master/IhqSb1Gg", - "value_start": 17, - "value_end": 32, - "variable": "Password-xxxx", - "variable_start": 3, - "variable_end": 16, + "value": "sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc", + "value_start": 15, + "value_end": 153, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, - "valid": false + "entropy": 5.395844179446958, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Dynatrace API Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 PW:IhqSb1Gg", - "line_num": 56, - "path": "./tests/samples/doc_various", + "line": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", + "line_num": 1, + "path": "./tests/samples/dynatrace_api.hs", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 28, - "value_end": 36, - "variable": "PW", - "variable_start": 25, - "variable_end": 27, + "value": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", + "value_start": 0, + "value_end": 96, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.80819150678678, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Facebook Access Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": null, "line_data_list": [ { - "line": "ANY_user:xxxx ANY_pwd:IhqSb1Gg", - "line_num": 61, - "path": "./tests/samples/doc_various", + "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", + "line_num": 1, + "path": "./tests/samples/facebook_key", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 22, - "value_end": 30, - "variable": "ANY_pwd", - "variable_start": 14, - "variable_end": 21, + "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", + "value_start": 28, + "value_end": 115, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.936120692057913, + "valid": true } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "Acount name:xxxx Initial Password:IhqSb1Gg", - "line_num": 62, - "path": "./tests/samples/doc_various", + "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", + "line_num": 1, + "path": "./tests/samples/facebook_key", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 34, - "value_end": 42, - "variable": "Password", - "variable_start": 25, - "variable_end": 33, + "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", + "value_start": 28, + "value_end": 115, + "variable": "GI_REO_GI_FACEBOOK_TOKEN", + "variable_start": 0, + "variable_end": 24, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.936120692057913, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Facebook App Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": null, "line_data_list": [ { - "line": "Access wifi:xxxx(PW:IhqSb1Gg)", - "line_num": 63, - "path": "./tests/samples/doc_various", + "line": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", + "line_num": 2, + "path": "./tests/samples/facebook_key", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 20, - "value_end": 28, - "variable": "PW", - "variable_start": 17, - "variable_end": 19, + "value": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", + "value_start": 0, + "value_end": 44, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.208909927092422, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Firebase Domain", + "severity": "info", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": null, "line_data_list": [ { - "line": "-User:master -PasswordANY:IhqSb1Gg", - "line_num": 66, - "path": "./tests/samples/doc_various", + "line": "test-app-domain-42.firebaseapp.com", + "line_num": 1, + "path": "./tests/samples/firebase_domain", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 26, + "value": "test-app-domain-42.firebaseapp.com", + "value_start": 0, "value_end": 34, - "variable": "PasswordANY", - "variable_start": 14, - "variable_end": 25, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.4347510262969525, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Firebase Domain", + "severity": "info", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": null, "line_data_list": [ { - "line": "password(default:IhqSb1Gg)", - "line_num": 68, - "path": "./tests/samples/doc_various", + "line": "test2.io.firebaseio.com", + "line_num": 2, + "path": "./tests/samples/firebase_domain", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 17, - "value_end": 25, - "variable": "password(default", - "variable_start": 0, - "variable_end": 16, + "value": "test2.io.firebaseio.com", + "value_start": 0, + "value_end": 23, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.1394163745499943, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.7, + "rule": "Github Classic Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "98.76.54.32(ID/PW:master/IhqSb1Gg)", - "line_num": 70, - "path": "./tests/samples/doc_various", + "line": "ghp_00000000000000000000000000000004WZ4EQ # classic", + "line_num": 1, + "path": "./tests/samples/github_classic_token", "info": "FILE|RAW", - "value": "master/IhqSb1Gg", - "value_start": 18, - "value_end": 33, - "variable": "PW", - "variable_start": 15, - "variable_end": 17, + "value": "ghp_00000000000000000000000000000004WZ4EQ", + "value_start": 0, + "value_end": 41, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 1.4322437698226886, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.988, + "rule": "Github Fine-granted Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "master@98.76.54.32(pw:IhqSb1Gg)", - "line_num": 73, - "path": "./tests/samples/doc_various", + "line": "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", + "line_num": 2, + "path": "./tests/samples/github_fine_granted_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 22, - "value_end": 30, - "variable": "pw", - "variable_start": 19, - "variable_end": 21, + "value": "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", + "value_start": 0, + "value_end": 93, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 5.255374790203283, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Github Old Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 1.0, "line_data_list": [ { - "line": "master@98.76.54.32,PW:IhqSb1Gg", - "line_num": 74, - "path": "./tests/samples/doc_various", + "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line_num": 1, + "path": "./tests/samples/github_key.groovy", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 22, - "value_end": 30, - "variable": "PW", - "variable_start": 19, - "variable_end": 21, + "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", + "value_start": 23, + "value_end": 63, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.246439344671015, + "valid": true } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32 pw:IhqSb1Gg", - "line_num": 75, - "path": "./tests/samples/doc_various", + "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line_num": 1, + "path": "./tests/samples/github_key.groovy", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, + "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", + "value_start": 23, + "value_end": 63, + "variable": "GITHUB_ACCESS_TOKEN", + "variable_start": 0, + "variable_end": 19, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.246439344671015, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "Gitlab Incoming Email Token", + "severity": "info", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "config:xxxx,PW:IhqSb1Gg", - "line_num": 78, - "path": "./tests/samples/doc_various", + "line": "var email_t = '7e4v6v5j2nepcc8f5zvatgl9g';", + "line_num": 1, + "path": "./tests/samples/gitlab_email_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", + "value": "7e4v6v5j2nepcc8f5zvatgl9g", "value_start": 15, - "value_end": 23, - "variable": "PW", - "variable_start": 12, - "variable_end": 14, + "value_end": 40, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.133660689688186, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.997, + "rule": "Gitlab Feed Token", + "severity": "info", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "scp gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", - "line_num": 82, - "path": "./tests/samples/doc_various", + "line": "feed_n = 'o9aEaH32LN618KhF7e_L'", + "line_num": 1, + "path": "./tests/samples/gitlab_feed_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 43, - "value_end": 51, - "variable": "pw", - "variable_start": 40, - "variable_end": 42, + "value": "o9aEaH32LN618KhF7e_L", + "value_start": 10, + "value_end": 30, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 3.905831690142994, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.994, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "id:gildong.hong@xxx.com mailto:{1} pw:IhqSb1Gg", - "line_num": 83, - "path": "./tests/samples/doc_various", + "line": "glpat-8d5ri2n9g85LAnC9YW85 # Personal access token, Impersonation token, Project access token, Group access token", + "line_num": 2, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 38, - "value_end": 46, - "variable": "pw", - "variable_start": 35, - "variable_end": 37, + "value": "glpat-8d5ri2n9g85LAnC9YW85", + "value_start": 0, + "value_end": 26, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.0191930522498036, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", - "line_num": 84, - "path": "./tests/samples/doc_various", + "line": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret", + "line_num": 3, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 39, - "value_end": 47, - "variable": "pw", - "variable_start": 36, - "variable_end": 38, + "value": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc", + "value_start": 0, + "value_end": 70, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.9590403170005777, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1},pw:IhqSb1Gg", - "line_num": 85, - "path": "./tests/samples/doc_various", + "line": "gldt-9BeUoeWu2V9uUS3uLoMy # Deploy token", + "line_num": 4, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 43, - "value_end": 51, - "variable": "pw", - "variable_start": 40, - "variable_end": 42, + "value": "gldt-9BeUoeWu2V9uUS3uLoMy", + "value_start": 0, + "value_end": 25, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 3.947906442097196, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.981, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "(ssh gildong.hong@98.76.54.32 mailto{1}) pwd:IhqSb1Gg", - "line_num": 87, - "path": "./tests/samples/doc_various", + "line": "glrt-2CR8_eVxiio-1QmzPZwa # Runner authentication token", + "line_num": 5, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pwd", - "variable_start": 41, - "variable_end": 44, + "value": "glrt-2CR8_eVxiio-1QmzPZwa", + "value_start": 0, + "value_end": 25, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 4.006593447001756, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1}, pw:IhqSb1Gg", - "line_num": 90, - "path": "./tests/samples/doc_various", + "line": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", + "line_num": 6, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 44, - "value_end": 52, - "variable": "pw", - "variable_start": 41, - "variable_end": 43, + "value": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", + "value_start": 0, + "value_end": 31, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.0736527424503515, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.984, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (pwd:IhqSb1Gg)", - "line_num": 93, - "path": "./tests/samples/doc_various", + "line": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL # CI/CD Job token", + "line_num": 7, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pwd", - "variable_start": 41, - "variable_end": 44, + "value": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL", + "value_start": 0, + "value_end": 28, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.0208877148903928, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.997, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", - "line_num": 94, - "path": "./tests/samples/doc_various", + "line": "glptt-33276248c9748113e978392e5c074b7f974f8683 # Trigger token", + "line_num": 8, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 46, - "value_end": 54, - "variable": "password", - "variable_start": 37, - "variable_end": 45, + "value": "glptt-33276248c9748113e978392e5c074b7f974f8683", + "value_start": 0, + "value_end": 46, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.8494857514609033, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 mailto:{1} Password:IhqSb1Gg", - "line_num": 96, - "path": "./tests/samples/doc_various", + "line": "glft-Aafqn5A31G-2VipZMh28 # Feed token", + "line_num": 9, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "Password", - "variable_start": 36, - "variable_end": 44, + "value": "glft-Aafqn5A31G-2VipZMh28", + "value_start": 0, + "value_end": 25, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 4.032347694592746, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.97, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 mailto:{1} (pass:IhqSb1Gg)", - "line_num": 97, - "path": "./tests/samples/doc_various", + "line": "glimt-1jpqzsnw2n71om0r9kgt06os3 # Incoming mail token", + "line_num": 10, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 42, - "value_end": 50, - "variable": "pass", - "variable_start": 37, - "variable_end": 41, + "value": "glimt-1jpqzsnw2n71om0r9kgt06os3", + "value_start": 0, + "value_end": 31, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.278254493922782, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", - "line_num": 100, - "path": "./tests/samples/doc_various", + "line": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg # GitLab agent for Kubernetes token", + "line_num": 11, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 43, - "value_end": 51, - "variable": "pw", - "variable_start": 40, - "variable_end": 42, + "value": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg", + "value_start": 0, + "value_end": 58, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 5.022276693534148, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pass:IhqSb1Gg", - "line_num": 101, - "path": "./tests/samples/doc_various", + "line": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies", + "line_num": 12, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pass", - "variable_start": 40, - "variable_end": 44, + "value": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2", + "value_start": 0, + "value_end": 48, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.0144608760283615, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "id:gildong.hong@xxx.com mailto:{1}/password:IhqSb1Gg", - "line_num": 102, - "path": "./tests/samples/doc_various", + "line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens", + "line_num": 13, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 44, - "value_end": 52, - "variable": "password", - "variable_start": 35, - "variable_end": 43, + "value": "glsoat-971om0ecn5A386r9k481", + "value_start": 0, + "value_end": 27, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.106377316818028, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1}/password:IhqSb1Gg", - "line_num": 104, - "path": "./tests/samples/doc_various", + "line": "glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token", + "line_num": 14, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 49, - "value_end": 57, - "variable": "password", - "variable_start": 40, - "variable_end": 48, + "value": "glffct-AnRWYdo3Si_Xm2Q6n7zu", + "value_start": 0, + "value_end": 27, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.021776853294165, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.994, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "-ANYID:gildong.hong@example.com mailto:{1} -pw:IhqSb1Gg", - "line_num": 105, - "path": "./tests/samples/doc_various", + "line": "GR1348941jG6xeSsmN8DFVKoyBYu2 # Runner registration token", + "line_num": 17, + "path": "./tests/samples/gitlab_prefix_token", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 47, - "value_end": 55, - "variable": "pw", - "variable_start": 44, - "variable_end": 46, + "value": "GR1348941jG6xeSsmN8DFVKoyBYu2", + "value_start": 0, + "value_end": 29, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.582118926162054, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Google API Key", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": null, "line_data_list": [ { - "line": "ID:gildong.hong@xxxx.net mailto:{1} pw:IhqSb1Gg", - "line_num": 106, - "path": "./tests/samples/doc_various", + "line": "AIzaGiReoG-CrackleCrackle12315618_12315", + "line_num": 1, + "path": "./tests/samples/google_api_key.toml", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 39, - "value_end": 47, - "variable": "pw", - "variable_start": 36, - "variable_end": 38, + "value": "AIzaGiReoG-CrackleCrackle12315618_12315", + "value_start": 0, + "value_end": 39, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.165196181720608, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Google Multi", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": null, "line_data_list": [ { - "line": "http://98.76.54.32:xxx(pw:IhqSb1Gg)", - "line_num": 108, - "path": "./tests/samples/doc_various", + "line": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", + "line_num": 2, + "path": "./tests/samples/google_multi", "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 26, - "value_end": 34, - "variable": "pw", - "variable_start": 23, - "variable_end": 25, + "value": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", + "value_start": 0, + "value_end": 72, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 4.531537327540734, + "valid": true + } + }, + { + "line": "4L2QMyTm6Rr0o46ytGiReoG1", + "line_num": 4, + "path": "./tests/samples/google_multi", + "info": "FILE|RAW", + "value": "4L2QMyTm6Rr0o46ytGiReoG1", + "value_start": 0, + "value_end": 24, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.084962500721156, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Google Multi", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": null, "line_data_list": [ { - "line": "Password: \"Dw7^&ndgf", - "line_num": 16, - "path": "./tests/samples/drawio", - "info": "FILE|MXFILE", - "value": "Df34D<345&>gf", - "value_start": 14, - "value_end": 27, - "variable": "textpassword", - "variable_start": 0, - "variable_end": 12, + "line": "google_oauth_key = \"ya29.gi_reo_gi_crackle_ln22\"", + "line_num": 1, + "path": "./tests/samples/google_oauth_key", + "info": "FILE|RAW", + "value": "ya29.gi_reo_gi_crackle_ln22", + "value_start": 20, + "value_end": 47, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2311074754931477, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.1797273164975133, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.98, + "rule": "Grafana Access Policy Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "pass: Dsfgh%$d<>s&", - "line_num": 34, - "path": "./tests/samples/drawio", - "info": "FILE|MXFILE", - "value": "Dsfgh%$d<>s&", - "value_start": 6, - "value_end": 18, - "variable": "pass", - "variable_start": 0, - "variable_end": 4, + "line": "grafana_policy = 'glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19'", + "line_num": 1, + "path": "./tests/samples/grafana_access_policy_token", + "info": "FILE|RAW", + "value": "glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19", + "value_start": 18, + "value_end": 130, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.9245614587540076, - "valid": false + "entropy": 5.097632476604023, + "valid": true } } ] }, { - "rule": "UUID", - "severity": "info", + "rule": "Grafana Provisioned API Key", + "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "page2 secret is ce49dba1-e4fe-b2a7-4ffa-132bcd819474", - "line_num": 45, - "path": "./tests/samples/drawio", - "info": "FILE|MXFILE", - "value": "ce49dba1-e4fe-b2a7-4ffa-132bcd819474", - "value_start": 16, - "value_end": 52, + "line": "grafana = 'eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0='", + "line_num": 1, + "path": "./tests/samples/grafana_provisioned_api_key", + "info": "FILE|RAW", + "value": "eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0=", + "value_start": 11, + "value_end": 107, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.3348200572472178, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.815313051140994, + "valid": false } } ] }, { - "rule": "Dropbox API secret (long term)", + "rule": "Grafana Service Account Token", "severity": "high", - "confidence": "weak", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "var g = '7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ'", + "line": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", "line_num": 1, - "path": "./tests/samples/dropbox_api_secret_long_term", + "path": "./tests/samples/grafana_service_accounts", "info": "FILE|RAW", - "value": "7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ", - "value_start": 9, - "value_end": 73, + "value": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", + "value_start": 0, + "value_end": 46, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.89361507332541, + "entropy": 4.52211252299684, "valid": true } } ] }, { - "rule": "Dropbox App secret", - "severity": "info", - "confidence": "weak", + "rule": "Groq API Key", + "severity": "high", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "var app_unique_val_s = 'wpv1jq9xwanbn3n';", + "line": "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", "line_num": 1, - "path": "./tests/samples/dropbox_app_secret", + "path": "./tests/samples/groq_api_key", "info": "FILE|RAW", - "value": "wpv1jq9xwanbn3n", - "value_start": 24, - "value_end": 39, + "value": "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", + "value_start": 0, + "value_end": 56, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.456564762130954, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.096509298449433, "valid": true } } ] }, { - "rule": "Dropbox OAuth2 API Access Token", + "rule": "Groq API Key", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "var dropbox = 'sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc';", - "line_num": 1, - "path": "./tests/samples/dropbox_oauth_token", + "line": "url/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?part", + "line_num": 2, + "path": "./tests/samples/groq_api_key", "info": "FILE|RAW", - "value": "sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc", - "value_start": 15, - "value_end": 153, + "value": "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", + "value_start": 4, + "value_end": 60, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.395844179446958, + "entropy": 5.096509298449433, "valid": true } } ] }, { - "rule": "Dynatrace API Token", + "rule": "Hashicorp Terraform Token", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", + "line": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", "line_num": 1, - "path": "./tests/samples/dynatrace_api.hs", + "path": "./tests/samples/hashicorp", "info": "FILE|RAW", - "value": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", + "value": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", "value_start": 0, - "value_end": 96, + "value_end": 90, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.80819150678678, + "entropy": 5.348551883097512, "valid": true } } ] }, { - "rule": "Github Old Token", + "rule": "Hashicorp Vault Token", "severity": "high", - "confidence": "moderate", - "ml_probability": 0.953, + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "\\ngit_token = \"gireogicracklecrackle1231567190113413981\"\\n\\n", - "line_num": 1, - "path": "./tests/samples/encoded_data", - "info": "FILE|BASE64|RAW", - "value": "gireogicracklecrackle1231567190113413981", - "value_start": 15, - "value_end": 55, + "line": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", + "line_num": 2, + "path": "./tests/samples/hashicorp", + "info": "FILE|RAW", + "value": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", + "value_start": 0, + "value_end": 94, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.97402442086502, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.34632109047266, "valid": true } } ] }, { - "rule": "Token", - "severity": "medium", + "rule": "Heroku API Key", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.953, + "ml_probability": null, "line_data_list": [ { - "line": "\\ngit_token = \"gireogicracklecrackle1231567190113413981\"\\n\\n", + "line": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", "line_num": 1, - "path": "./tests/samples/encoded_data", - "info": "FILE|BASE64|RAW", - "value": "gireogicracklecrackle1231567190113413981", - "value_start": 15, - "value_end": 55, - "variable": "git_token", - "variable_start": 2, - "variable_end": 11, + "path": "./tests/samples/heroku_api.toml", + "info": "FILE|RAW", + "value": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", + "value_start": 0, + "value_end": 37, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE36_CHARS", - "entropy": 3.97402442086502, + "entropy": 3.48037367471734, "valid": true } } ] }, { - "rule": "Facebook Access Token", + "rule": "Hugging Face User Access Token", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", + "line": "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", "line_num": 1, - "path": "./tests/samples/facebook_key", + "path": "./tests/samples/huggingface", "info": "FILE|RAW", - "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", - "value_start": 28, - "value_end": 115, + "value": "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", + "value_start": 0, + "value_end": 37, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.936120692057913, + "entropy": 4.561768477310237, "valid": true } } ] }, { - "rule": "Token", - "severity": "medium", + "rule": "Hugging Face User Access Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": null, "line_data_list": [ { - "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", - "line_num": 1, - "path": "./tests/samples/facebook_key", + "line": "url/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/part", + "line_num": 2, + "path": "./tests/samples/huggingface", "info": "FILE|RAW", - "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", - "value_start": 28, - "value_end": 115, - "variable": "GI_REO_GI_FACEBOOK_TOKEN", - "variable_start": 0, - "variable_end": 24, + "value": "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", + "value_start": 4, + "value_end": 41, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.936120692057913, + "entropy": 4.636224896287628, "valid": true } } ] }, { - "rule": "Facebook App Token", + "rule": "Hugging Face User Access Token", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", - "line_num": 2, - "path": "./tests/samples/facebook_key", + "line": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", + "line_num": 6, + "path": "./tests/samples/huggingface", "info": "FILE|RAW", - "value": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", + "value": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", "value_start": 0, - "value_end": 44, + "value_end": 37, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE36_CHARS", - "entropy": 3.208909927092422, + "entropy": 3.034378196565712, "valid": true } } ] }, { - "rule": "Firebase Domain", - "severity": "info", - "confidence": "moderate", + "rule": "Instagram Access Token", + "severity": "high", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "test-app-domain-42.firebaseapp.com", + "line": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", "line_num": 1, - "path": "./tests/samples/firebase_domain", + "path": "./tests/samples/instagram_access_token", "info": "FILE|RAW", - "value": "test-app-domain-42.firebaseapp.com", + "value": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", "value_start": 0, - "value_end": 34, + "value_end": 162, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.4347510262969525, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.231644837540698, "valid": true } } ] }, { - "rule": "Firebase Domain", - "severity": "info", + "rule": "Password", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, + "ml_probability": 0.991, "line_data_list": [ { - "line": "test2.io.firebaseio.com", - "line_num": 2, - "path": "./tests/samples/firebase_domain", + "line": "+ \"password\": \"dkajco1\"", + "line_num": 10, + "path": "./tests/samples/iso_ir_111.patch", "info": "FILE|RAW", - "value": "test2.io.firebaseio.com", - "value_start": 0, + "value": "dkajco1", + "value_start": 16, "value_end": 23, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.1394163745499943, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.8073549220576046, + "valid": false } } ] }, { - "rule": "Github Classic Token", + "rule": "Jfrog Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "ghp_00000000000000000000000000000004WZ4EQ # classic", + "line": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", "line_num": 1, - "path": "./tests/samples/github_classic_token", + "path": "./tests/samples/jfrog_p", "info": "FILE|RAW", - "value": "ghp_00000000000000000000000000000004WZ4EQ", + "value": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", "value_start": 0, - "value_end": 41, + "value_end": 64, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.4322437698226886, - "valid": false + "entropy": 5.288909765557392, + "valid": true } } ] }, { - "rule": "Github Fine-granted Token", + "rule": "Jfrog Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "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", + "line": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", "line_num": 2, - "path": "./tests/samples/github_fine_granted_token", + "path": "./tests/samples/jfrog_p", "info": "FILE|RAW", - "value": "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", + "value": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", "value_start": 0, - "value_end": 93, + "value_end": 73, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.255374790203283, + "entropy": 5.353940312186131, "valid": true } } ] }, { - "rule": "Github Old Token", - "severity": "high", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Jira 2FA", + "severity": "info", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line": "WXFES7QNTET5DQYC", "line_num": 1, - "path": "./tests/samples/github_key.groovy", + "path": "./tests/samples/jira_2fa", "info": "FILE|RAW", - "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", - "value_start": 23, - "value_end": 63, + "value": "WXFES7QNTET5DQYC", + "value_start": 0, + "value_end": 16, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.246439344671015, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.625, + "valid": false } } ] }, { - "rule": "Token", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Jira / Confluence PAT token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line": "TP: https://www.example.com/api/verification/version2322/token/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", "line_num": 1, - "path": "./tests/samples/github_key.groovy", + "path": "./tests/samples/jira_confluence_pat", "info": "FILE|RAW", - "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", - "value_start": 23, - "value_end": 63, - "variable": "GITHUB_ACCESS_TOKEN", - "variable_start": 0, - "variable_end": 19, + "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", + "value_start": 63, + "value_end": 107, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.246439344671015, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.606936732175321, "valid": true } } ] }, { - "rule": "Gitlab Incoming Email Token", - "severity": "info", - "confidence": "weak", + "rule": "Jira / Confluence PAT token", + "severity": "high", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "var email_t = '7e4v6v5j2nepcc8f5zvatgl9g';", - "line_num": 1, - "path": "./tests/samples/gitlab_email_token", + "line": "TP: \"image/png\": \"iVBORx09VIskhxhCe7sh03R1dnENPiB66xQSIZjEYN13vafX/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ/hZwUteHsmN+z+aoEAAAAvL+Q5FSQGyqIuYrdkYaQZuW1TvI=\\n\",", + "line_num": 2, + "path": "./tests/samples/jira_confluence_pat", "info": "FILE|RAW", - "value": "7e4v6v5j2nepcc8f5zvatgl9g", - "value_start": 15, - "value_end": 40, + "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", + "value_start": 67, + "value_end": 111, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.133660689688186, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.606936732175321, "valid": true } } ] }, { - "rule": "Gitlab Feed Token", - "severity": "info", - "confidence": "weak", + "rule": "JSON Web Token", + "severity": "medium", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "feed_n = 'o9aEaH32LN618KhF7e_L'", + "line": "detected: eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", "line_num": 1, - "path": "./tests/samples/gitlab_feed_token", + "path": "./tests/samples/json_web_token", "info": "FILE|RAW", - "value": "o9aEaH32LN618KhF7e_L", + "value": "eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", "value_start": 10, - "value_end": 30, + "value_end": 75, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.905831690142994, - "valid": false + "entropy": 4.7909636301034935, + "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.997, "line_data_list": [ { - "line": "glpat-8d5ri2n9g85LAnC9YW85 # Personal access token, Impersonation token, Project access token, Group access token", - "line_num": 2, - "path": "./tests/samples/gitlab_prefix_token", + "line": "prKeyValid=LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", + "line_num": 1, + "path": "./tests/samples/key.hs", "info": "FILE|RAW", - "value": "glpat-8d5ri2n9g85LAnC9YW85", - "value_start": 0, - "value_end": 26, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", + "value_start": 11, + "value_end": 335, + "variable": "prKeyValid", + "variable_start": 0, + "variable_end": 10, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.0191930522498036, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.428808109703675, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret", - "line_num": 3, - "path": "./tests/samples/gitlab_prefix_token", + "line": "secret_looks_like_linux_path_1=\"/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF\"", + "line_num": 2, + "path": "./tests/samples/key.hs", "info": "FILE|RAW", - "value": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc", - "value_start": 0, - "value_end": 70, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path_1", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.9590403170005777, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.834183719779189, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "gldt-9BeUoeWu2V9uUS3uLoMy # Deploy token", - "line_num": 4, - "path": "./tests/samples/gitlab_prefix_token", + "line": "secret_looks_like_linux_path_2=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF\"", + "line_num": 3, + "path": "./tests/samples/key.hs", "info": "FILE|RAW", - "value": "gldt-9BeUoeWu2V9uUS3uLoMy", - "value_start": 0, - "value_end": 25, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path_2", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.947906442097196, - "valid": false + "entropy": 4.784183719779188, + "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "glrt-2CR8_eVxiio-1QmzPZwa # Runner authentication token", - "line_num": 5, - "path": "./tests/samples/gitlab_prefix_token", - "info": "FILE|RAW", - "value": "glrt-2CR8_eVxiio-1QmzPZwa", - "value_start": 0, - "value_end": 25, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "secret_looks_like_linux_path_3=\"VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=\"", + "line_num": 4, + "path": "./tests/samples/key.hs", + "info": "FILE|RAW", + "value": "VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path_3", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.006593447001756, - "valid": false + "entropy": 4.834183719779189, + "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.999, "line_data_list": [ { - "line": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", - "line_num": 6, - "path": "./tests/samples/gitlab_prefix_token", + "line": "secret_looks_like_linux_path__=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE\"", + "line_num": 5, + "path": "./tests/samples/key.hs", "info": "FILE|RAW", - "value": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", - "value_start": 0, - "value_end": 31, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path__", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.0736527424503515, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.8530559073332755, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL # CI/CD Job token", + "line": "\"https://example.com/api/js?key=dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB&bug=true\"", "line_num": 7, - "path": "./tests/samples/gitlab_prefix_token", + "path": "./tests/samples/key.hs", "info": "FILE|RAW", - "value": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL", - "value_start": 0, - "value_end": 28, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB", + "value_start": 32, + "value_end": 87, + "variable": "key", + "variable_start": 28, + "variable_end": 31, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.0208877148903928, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.962822440640042, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "glptt-33276248c9748113e978392e5c074b7f974f8683 # Trigger token", - "line_num": 8, - "path": "./tests/samples/gitlab_prefix_token", + "line": "$key = 'gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", + "line_num": 1, + "path": "./tests/samples/key.php", "info": "FILE|RAW", - "value": "glptt-33276248c9748113e978392e5c074b7f974f8683", - "value_start": 0, - "value_end": 46, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", + "value_start": 8, + "value_end": 64, + "variable": "$key", + "variable_start": 0, + "variable_end": 4, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.8494857514609033, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.9677201004745, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "API", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.999, "line_data_list": [ { - "line": "glft-Aafqn5A31G-2VipZMh28 # Feed token", - "line_num": 9, - "path": "./tests/samples/gitlab_prefix_token", - "info": "FILE|RAW", - "value": "glft-Aafqn5A31G-2VipZMh28", - "value_start": 0, - "value_end": 25, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"", + "line_num": 1, + "path": "./tests/samples/key_value.json", + "info": "FILE|STRUCT|KEY_VALUE:`api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"`", + "value": "QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF", + "value_start": 11, + "value_end": 46, + "variable": "api_key", + "variable_start": 0, + "variable_end": 7, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.032347694592746, + "entropy": 4.332592430684724, "valid": false } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.999, "line_data_list": [ { - "line": "glimt-1jpqzsnw2n71om0r9kgt06os3 # Incoming mail token", - "line_num": 10, - "path": "./tests/samples/gitlab_prefix_token", - "info": "FILE|RAW", - "value": "glimt-1jpqzsnw2n71om0r9kgt06os3", - "value_start": 0, - "value_end": 31, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"", + "line_num": 1, + "path": "./tests/samples/key_value.json", + "info": "FILE|STRUCT|KEY_VALUE:`api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"`", + "value": "QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF", + "value_start": 11, + "value_end": 46, + "variable": "api_key", + "variable_start": 0, + "variable_end": 7, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.278254493922782, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.332592430684724, + "valid": false } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "MailChimp API Key", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg # GitLab agent for Kubernetes token", - "line_num": 11, - "path": "./tests/samples/gitlab_prefix_token", + "line": "mailchimp = \"LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36\"", + "line_num": 1, + "path": "./tests/samples/mailchimp_key", "info": "FILE|RAW", - "value": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg", - "value_start": 0, - "value_end": 58, + "value": "LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36", + "value_start": 13, + "value_end": 50, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.022276693534148, + "entropy": 4.615822531364292, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "MailGun API Key", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies", - "line_num": 12, - "path": "./tests/samples/gitlab_prefix_token", + "line": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", + "line_num": 1, + "path": "./tests/samples/mailgun_key.hs", "info": "FILE|RAW", - "value": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2", + "value": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", "value_start": 0, - "value_end": 48, + "value_end": 36, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.0144608760283615, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.484377779059832, + "valid": false } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "AWS Client ID", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens", - "line_num": 13, - "path": "./tests/samples/gitlab_prefix_token", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 45, + "path": "./tests/samples/multifile.patch", "info": "FILE|RAW", - "value": "glsoat-971om0ecn5A386r9k481", - "value_start": 0, - "value_end": 27, + "value": "AKIAQWADE5R42RDZ4JEM", + "value_start": 11, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.106377316818028, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.6841837197791887, + "valid": false } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "AWS Multi", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token", - "line_num": 14, - "path": "./tests/samples/gitlab_prefix_token", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 45, + "path": "./tests/samples/multifile.patch", "info": "FILE|RAW", - "value": "glffct-AnRWYdo3Si_Xm2Q6n7zu", - "value_start": 0, - "value_end": 27, + "value": "AKIAQWADE5R42RDZ4JEM", + "value_start": 11, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.021776853294165, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.6841837197791887, + "valid": false } - } - ] - }, - { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "GR1348941jG6xeSsmN8DFVKoyBYu2 # Runner registration token", - "line_num": 17, - "path": "./tests/samples/gitlab_prefix_token", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 46, + "path": "./tests/samples/multifile.patch", "info": "FILE|RAW", - "value": "GR1348941jG6xeSsmN8DFVKoyBYu2", - "value_start": 0, - "value_end": 29, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.582118926162054, + "entropy": 4.784183719779189, "valid": true } } ] }, { - "rule": "Google API Key", - "severity": "high", + "rule": "Token", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, + "ml_probability": 0.998, "line_data_list": [ { - "line": "AIzaGiReoG-CrackleCrackle12315618_12315", - "line_num": 1, - "path": "./tests/samples/google_api_key.toml", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 46, + "path": "./tests/samples/multifile.patch", "info": "FILE|RAW", - "value": "AIzaGiReoG-CrackleCrackle12315618_12315", - "value_start": 0, - "value_end": 39, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, + "variable": "token", + "variable_start": 3, + "variable_end": 8, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.165196181720608, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.784183719779189, "valid": true } } ] }, { - "rule": "Google Multi", + "rule": "AWS Client ID", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", - "line_num": 2, - "path": "./tests/samples/google_multi", - "info": "FILE|RAW", - "value": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", - "value_start": 0, - "value_end": 72, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.531537327540734, - "valid": true - } - }, - { - "line": "4L2QMyTm6Rr0o46ytGiReoG1", - "line_num": 4, - "path": "./tests/samples/google_multi", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 8, + "path": "./tests/samples/multiline.patch", "info": "FILE|RAW", - "value": "4L2QMyTm6Rr0o46ytGiReoG1", - "value_start": 0, - "value_end": 24, + "value": "AKIAQWADE5R42RDZ4JEM", + "value_start": 11, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.084962500721156, + "entropy": 3.6841837197791887, "valid": false } } ] }, { - "rule": "Google Multi", + "rule": "AWS Multi", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", - "line_num": 18, - "path": "./tests/samples/google_multi", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 8, + "path": "./tests/samples/multiline.patch", "info": "FILE|RAW", - "value": "194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com", - "value_start": 6, - "value_end": 78, + "value": "AKIAQWADE5R42RDZ4JEM", + "value_start": 11, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.531537327540734, - "valid": true + "entropy": 3.6841837197791887, + "valid": false } }, { - "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", - "line_num": 18, - "path": "./tests/samples/google_multi", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 9, + "path": "./tests/samples/multiline.patch", "info": "FILE|RAW", - "value": "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", - "value_start": 90, - "value_end": 125, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.436181130262396, - "valid": false + "entropy": 4.784183719779189, + "valid": true } } ] }, { - "rule": "Google OAuth Secret", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Token", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.998, "line_data_list": [ { - "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", - "line_num": 18, - "path": "./tests/samples/google_multi", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 9, + "path": "./tests/samples/multiline.patch", "info": "FILE|RAW", - "value": "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", - "value_start": 90, - "value_end": 125, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, + "variable": "token", + "variable_start": 3, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.436181130262396, - "valid": false + "entropy": 4.784183719779189, + "valid": true } } ] }, { - "rule": "Google OAuth Access Token", - "severity": "high", + "rule": "Key", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, + "ml_probability": 0.999, "line_data_list": [ { - "line": "google_oauth_key = \"ya29.gi_reo_gi_crackle_ln22\"", + "line": "key_multi = \"KJHfdjs8767gr54534wsFHGf5hJKhK\nU7yguyuyFHGf5==\"; ", "line_num": 1, - "path": "./tests/samples/google_oauth_key", - "info": "FILE|RAW", - "value": "ya29.gi_reo_gi_crackle_ln22", - "value_start": 20, - "value_end": 47, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "path": "./tests/samples/nonce.py", + "info": "FILE|STRUCT|STRUCT:3|KEYWORD:`key_multi = \"KJHfdjs8767gr54534wsFHGf5hJKhK\nU7yguyuyFHGf5==\"; `", + "value": "KJHfdjs8767gr54534wsFHGf5hJKhK\nU7yguyuyFHGf5==", + "value_start": 13, + "value_end": 59, + "variable": "key_multi", + "variable_start": 0, + "variable_end": 9, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.1797273164975133, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.321431532864092, + "valid": false } } ] }, { - "rule": "Grafana Access Policy Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "grafana_policy = 'glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19'", + "line": "key_wrap = \"KJHhJKhKU7yguyuyfrtsdESffhjgkhYTfdjs8Gf5jlli==\"; ", "line_num": 1, - "path": "./tests/samples/grafana_access_policy_token", - "info": "FILE|RAW", - "value": "glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19", - "value_start": 18, - "value_end": 130, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "path": "./tests/samples/nonce.py", + "info": "FILE|STRUCT|STRUCT:2|KEYWORD:`key_wrap = \"KJHhJKhKU7yguyuyfrtsdESffhjgkhYTfdjs8Gf5jlli==\"; `", + "value": "KJHhJKhKU7yguyuyfrtsdESffhjgkhYTfdjs8Gf5jlli==", + "value_start": 12, + "value_end": 58, + "variable": "key_wrap", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.097632476604023, - "valid": true + "entropy": 4.482816239080333, + "valid": false } } ] }, { - "rule": "Grafana Provisioned API Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Nonce", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "grafana = 'eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0='", + "line": "nonce = \"bsfcvir57nt40rydvtbhs8lzbgljmet5\"; ", "line_num": 1, - "path": "./tests/samples/grafana_provisioned_api_key", - "info": "FILE|RAW", - "value": "eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0=", - "value_start": 11, - "value_end": 107, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "path": "./tests/samples/nonce.py", + "info": "FILE|STRUCT|STRUCT:0|KEYWORD:`nonce = \"bsfcvir57nt40rydvtbhs8lzbgljmet5\"; `", + "value": "bsfcvir57nt40rydvtbhs8lzbgljmet5", + "value_start": 9, + "value_end": 41, + "variable": "nonce", + "variable_start": 0, + "variable_end": 5, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.815313051140994, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.390319531114783, + "valid": true } } ] }, { - "rule": "Grafana Service Account Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", - "line_num": 1, - "path": "./tests/samples/grafana_service_accounts", - "info": "FILE|RAW", - "value": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", - "value_start": 0, - "value_end": 46, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "password: F1lT3ReDw17hQoT3s", + "line_num": 2, + "path": "./tests/samples/nonce.py", + "info": "FILE|STRUCT|STRUCT:1|STRING:secure_yaml|RAW", + "value": "F1lT3ReDw17hQoT3s", + "value_start": 10, + "value_end": 27, + "variable": "password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.52211252299684, - "valid": true + "entropy": 3.734521664779752, + "valid": false } } ] }, { - "rule": "Groq API Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.999, "line_data_list": [ { - "line": "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", - "line_num": 1, - "path": "./tests/samples/groq_api_key", + "line": "key_wrap = 'KJHhJKhKU7yguyuyfrtsdESffhjgkhYT\\", + "line_num": 7, + "path": "./tests/samples/nonce.py", "info": "FILE|RAW", - "value": "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", - "value_start": 0, - "value_end": 56, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "KJHhJKhKU7yguyuyfrtsdESffhjgkhYT", + "value_start": 12, + "value_end": 44, + "variable": "key_wrap", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.096509298449433, - "valid": true + "entropy": 4.116729296672174, + "valid": false } } ] }, { - "rule": "Groq API Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "url/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?part", - "line_num": 2, - "path": "./tests/samples/groq_api_key", + "line": "key_multi = '''KJHfdjs8767gr54534wsFHGf5hJKhK", + "line_num": 11, + "path": "./tests/samples/nonce.py", "info": "FILE|RAW", - "value": "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", - "value_start": 4, - "value_end": 60, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "KJHfdjs8767gr54534wsFHGf5hJKhK", + "value_start": 15, + "value_end": 45, + "variable": "key_multi", + "variable_start": 0, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.096509298449433, - "valid": true + "entropy": 4.123231428797621, + "valid": false } } ] }, { - "rule": "Hashicorp Terraform Token", + "rule": "NuGet API key", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", + "line": "k = 'oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam'", "line_num": 1, - "path": "./tests/samples/hashicorp", + "path": "./tests/samples/nuget_api_key", "info": "FILE|RAW", - "value": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", - "value_start": 0, - "value_end": 90, + "value": "oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam", + "value_start": 5, + "value_end": 51, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.348551883097512, + "entropy": 4.561286684176785, "valid": true } } ] }, { - "rule": "Hashicorp Vault Token", + "rule": "OpenAI Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", + "line": "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", "line_num": 2, - "path": "./tests/samples/hashicorp", + "path": "./tests/samples/open_ai_token", "info": "FILE|RAW", - "value": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", + "value": "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", "value_start": 0, - "value_end": 94, + "value_end": 51, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.34632109047266, + "entropy": 5.1150270509100295, "valid": true } } ] }, { - "rule": "Heroku API Key", + "rule": "OpenAI Token", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", - "line_num": 1, - "path": "./tests/samples/heroku_api.toml", + "line": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", + "line_num": 3, + "path": "./tests/samples/open_ai_token", "info": "FILE|RAW", - "value": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", + "value": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", "value_start": 0, - "value_end": 37, + "value_end": 56, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.48037367471734, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.086469255159773, "valid": true } } ] }, { - "rule": "Hugging Face User Access Token", - "severity": "high", + "rule": "Password", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, + "ml_probability": 1.0, "line_data_list": [ { - "line": "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", + "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", "line_num": 1, - "path": "./tests/samples/huggingface", + "path": "./tests/samples/passwd.groovy", "info": "FILE|RAW", - "value": "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", - "value_start": 0, - "value_end": 37, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "cAc48k1Zd7", + "value_start": 20, + "value_end": 30, + "variable": "gi_reo_gi_passwd", + "variable_start": 0, + "variable_end": 16, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.561768477310237, - "valid": true + "entropy": 3.121928094887362, + "valid": false } } ] }, { - "rule": "Hugging Face User Access Token", - "severity": "high", + "rule": "Password", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, + "ml_probability": 1.0, "line_data_list": [ { - "line": "url/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/part", - "line_num": 2, - "path": "./tests/samples/huggingface", + "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", + "line_num": 1, + "path": "./tests/samples/passwd.groovy", "info": "FILE|RAW", - "value": "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", - "value_start": 4, - "value_end": 41, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "cAc48k1Zd7", + "value_start": 58, + "value_end": 68, + "variable": "password_confirmation", + "variable_start": 33, + "variable_end": 54, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.636224896287628, - "valid": true + "entropy": 3.121928094887362, + "valid": false } } ] }, { - "rule": "Hugging Face User Access Token", - "severity": "high", + "rule": "Password", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", - "line_num": 6, - "path": "./tests/samples/huggingface", - "info": "FILE|RAW", - "value": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", - "value_start": 0, - "value_end": 37, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.034378196565712, - "valid": true - } - } - ] - }, - { - "rule": "Instagram Access Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "ml_probability": 0.995, "line_data_list": [ { - "line": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", + "line": "password = \"cackle!\"; ", "line_num": 1, - "path": "./tests/samples/instagram_access_token", - "info": "FILE|RAW", - "value": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", - "value_start": 0, - "value_end": 162, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "path": "./tests/samples/password.gradle", + "info": "FILE|STRUCT|STRUCT:0|KEYWORD:`password = \"cackle!\"; `", + "value": "cackle!", + "value_start": 12, + "value_end": 19, + "variable": "password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.231644837540698, - "valid": true + "entropy": 2.120589933192232, + "valid": false } } ] @@ -7965,12 +7349,12 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.991, "line_data_list": [ { "line": "+ \"password\": \"dkajco1\"", - "line_num": 10, - "path": "./tests/samples/iso_ir_111.patch", + "line_num": 9, + "path": "./tests/samples/password.patch", "info": "FILE|RAW", "value": "dkajco1", "value_start": 16, @@ -7987,1334 +7371,604 @@ ] }, { - "rule": "Jfrog Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", + "line": "password = \"MYPSWRD!@#$%^&*\"", "line_num": 1, - "path": "./tests/samples/jfrog_p", + "path": "./tests/samples/password.tfvars", "info": "FILE|RAW", - "value": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", - "value_start": 0, - "value_end": 64, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.288909765557392, - "valid": true - } - } - ] - }, - { - "rule": "Jfrog Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ - { - "line": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", - "line_num": 2, - "path": "./tests/samples/jfrog_p", - "info": "FILE|RAW", - "value": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", - "value_start": 0, - "value_end": 73, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "MYPSWRD!@#$%^&*", + "value_start": 12, + "value_end": 27, + "variable": "password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.353940312186131, - "valid": true + "entropy": 1.8232156112839757, + "valid": false } } ] }, { - "rule": "Jira 2FA", - "severity": "info", - "confidence": "weak", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.995, "line_data_list": [ { - "line": "WXFES7QNTET5DQYC", - "line_num": 1, - "path": "./tests/samples/jira_2fa", + "line": "my_pw: nCzx8A8#!", + "line_num": 2, + "path": "./tests/samples/password_TRUE", "info": "FILE|RAW", - "value": "WXFES7QNTET5DQYC", - "value_start": 0, + "value": "nCzx8A8#!", + "value_start": 7, "value_end": 16, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "variable": "my_pw", + "variable_start": 0, + "variable_end": 5, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.625, + "entropy": 2.2432750011217983, "valid": false } } ] }, { - "rule": "Jira / Confluence PAT token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.827, "line_data_list": [ { - "line": "TP: https://www.example.com/api/verification/version2322/token/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", - "line_num": 1, - "path": "./tests/samples/jira_confluence_pat", + "line": "val password: String = \"exord13Paw64\", // scala", + "line_num": 3, + "path": "./tests/samples/password_TRUE", "info": "FILE|RAW", - "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", - "value_start": 63, - "value_end": 107, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "exord13Paw64", + "value_start": 24, + "value_end": 36, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.606936732175321, + "iterator": "BASE36_CHARS", + "entropy": 3.2862156256610597, "valid": true } } ] }, { - "rule": "Jira / Confluence PAT token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.875, "line_data_list": [ { - "line": "TP: \"image/png\": \"iVBORx09VIskhxhCe7sh03R1dnENPiB66xQSIZjEYN13vafX/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ/hZwUteHsmN+z+aoEAAAAvL+Q5FSQGyqIuYrdkYaQZuW1TvI=\\n\",", - "line_num": 2, - "path": "./tests/samples/jira_confluence_pat", + "line": "if passworsd != \"x6s7djtEa\": # __ne__ separator", + "line_num": 6, + "path": "./tests/samples/password_TRUE", "info": "FILE|RAW", - "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", - "value_start": 67, - "value_end": 111, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "x6s7djtEa", + "value_start": 17, + "value_end": 26, + "variable": "passworsd", + "variable_start": 3, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.606936732175321, - "valid": true + "entropy": 3.169925001442312, + "valid": false } } ] }, { - "rule": "JSON Web Token", + "rule": "Password", "severity": "medium", - "confidence": "strong", - "ml_probability": null, + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "detected: eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", - "line_num": 1, - "path": "./tests/samples/json_web_token", + "line": "password=2bkJgtJDiLcq1t", + "line_num": 7, + "path": "./tests/samples/password_TRUE", "info": "FILE|RAW", - "value": "eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", - "value_start": 10, - "value_end": 75, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "2bkJgtJDiLcq1t", + "value_start": 9, + "value_end": 23, + "variable": "password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.7909636301034935, - "valid": true + "entropy": 3.521640636343319, + "valid": false } } ] }, { - "rule": "Key", - "severity": "medium", + "rule": "CMD Password", + "severity": "high", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "prKeyValid=LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", - "line_num": 1, - "path": "./tests/samples/key.hs", + "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", + "line_num": 8, + "path": "./tests/samples/password_TRUE", "info": "FILE|RAW", - "value": "LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", - "value_start": 11, - "value_end": 335, - "variable": "prKeyValid", - "variable_start": 0, - "variable_end": 10, + "value": "nCzx8A8#!", + "value_start": 46, + "value_end": 55, + "variable": "passin", + "variable_start": 33, + "variable_end": 39, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.428808109703675, - "valid": true + "entropy": 2.2432750011217983, + "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret_looks_like_linux_path_1=\"/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF\"", - "line_num": 2, - "path": "./tests/samples/key.hs", + "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", + "line_num": 8, + "path": "./tests/samples/password_TRUE", "info": "FILE|RAW", - "value": "/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path_1", - "variable_start": 0, - "variable_end": 30, + "value": "nCzx8A8#!", + "value_start": 46, + "value_end": 55, + "variable": "pass", + "variable_start": 41, + "variable_end": 45, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.834183719779189, - "valid": true + "entropy": 2.2432750011217983, + "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret_looks_like_linux_path_2=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF\"", - "line_num": 3, - "path": "./tests/samples/key.hs", + "line": "MYSQL_DATABASE_USER=CRED;MYSQL_DATABASE_PASSWORD=2IWJD88FH4Y;", + "line_num": 12, + "path": "./tests/samples/password_TRUE", "info": "FILE|RAW", - "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path_2", - "variable_start": 0, - "variable_end": 30, + "value": "2IWJD88FH4Y", + "value_start": 49, + "value_end": 60, + "variable": "MYSQL_DATABASE_PASSWORD", + "variable_start": 25, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779188, - "valid": true + "entropy": 3.2776134368191165, + "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.991, "line_data_list": [ { - "line": "secret_looks_like_linux_path_3=\"VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=\"", - "line_num": 4, - "path": "./tests/samples/key.hs", + "line": "+ \"password\": \"dkajco1\"", + "line_num": 10, + "path": "./tests/samples/password_utf16.patch", "info": "FILE|RAW", - "value": "VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path_3", - "variable_start": 0, - "variable_end": 30, + "value": "dkajco1", + "value_start": 16, + "value_end": 23, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.834183719779189, - "valid": true + "entropy": 2.8073549220576046, + "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.882, "line_data_list": [ { - "line": "secret_looks_like_linux_path__=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE\"", - "line_num": 5, - "path": "./tests/samples/key.hs", + "line": "+ \"password\": \"dkajc\u00f61\"", + "line_num": 9, + "path": "./tests/samples/password_western.patch", "info": "FILE|RAW", - "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path__", - "variable_start": 0, - "variable_end": 30, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.8530559073332755, - "valid": true - } - } - ] - }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ - { - "line": "\"https://example.com/api/js?key=dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB&bug=true\"", - "line_num": 7, - "path": "./tests/samples/key.hs", - "info": "FILE|RAW", - "value": "dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB", - "value_start": 32, - "value_end": 87, - "variable": "key", - "variable_start": 28, - "variable_end": 31, + "value": "dkajc\u00f61", + "value_start": 16, + "value_end": 23, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.962822440640042, - "valid": true + "entropy": 2.4063042189065182, + "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.981, "line_data_list": [ { - "line": "$key = 'gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", + "line": "password = \"cackle_!\"", "line_num": 1, - "path": "./tests/samples/key.php", - "info": "FILE|RAW", - "value": "gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", - "value_start": 8, - "value_end": 64, - "variable": "$key", + "path": "./tests/samples/passwords.tar", + "info": "FILE|BZIP2:./tests/samples/passwords.tar|TAR:./password|RAW", + "value": "cackle_!", + "value_start": 12, + "value_end": 20, + "variable": "password", "variable_start": 0, - "variable_end": 4, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.9677201004745, - "valid": true + "entropy": 2.0, + "valid": false } } ] }, { - "rule": "API", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.982, "line_data_list": [ { - "line": "api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"", + "line": "password = \"cackle_1!\"", "line_num": 1, - "path": "./tests/samples/key_value.json", - "info": "FILE|STRUCT|KEY_VALUE:`api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"`", - "value": "QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF", - "value_start": 11, - "value_end": 46, - "variable": "api_key", + "path": "./tests/samples/passwords.tar", + "info": "FILE|BZIP2:./tests/samples/passwords.tar|TAR:./1/password|RAW", + "value": "cackle_1!", + "value_start": 12, + "value_end": 21, + "variable": "password", "variable_start": 0, - "variable_end": 7, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.332592430684724, + "entropy": 2.2432750011217983, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.982, "line_data_list": [ { - "line": "api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"", + "line": "password = \"cackle_2!\"", "line_num": 1, - "path": "./tests/samples/key_value.json", - "info": "FILE|STRUCT|KEY_VALUE:`api_key = \"QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF\"`", - "value": "QMEFk2TZGlkGcOkG-R9UwV1ZmlNkWEYvQzF", - "value_start": 11, - "value_end": 46, - "variable": "api_key", + "path": "./tests/samples/passwords.tar", + "info": "FILE|BZIP2:./tests/samples/passwords.tar|TAR:./1/2/password|RAW", + "value": "cackle_2!", + "value_start": 12, + "value_end": 21, + "variable": "password", "variable_start": 0, - "variable_end": 7, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.332592430684724, + "entropy": 2.2432750011217983, "valid": false } } ] }, { - "rule": "MailChimp API Key", + "rule": "PayPal Braintree Access Token", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "mailchimp = \"LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36\"", + "line": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", "line_num": 1, - "path": "./tests/samples/mailchimp_key", + "path": "./tests/samples/paypal_key", "info": "FILE|RAW", - "value": "LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36", - "value_start": 13, - "value_end": 50, + "value": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", + "value_start": 0, + "value_end": 73, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.615822531364292, + "iterator": "BASE36_CHARS", + "entropy": 4.125814952938168, "valid": true } } ] }, { - "rule": "MailGun API Key", + "rule": "PEM Private Key", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", + "line": "-----BEGIN RSA PRIVATE KEY-----", "line_num": 1, - "path": "./tests/samples/mailgun_key.hs", - "info": "FILE|RAW", - "value": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "-----BEGIN RSA PRIVATE KEY-----", "value_start": 0, - "value_end": 36, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.484377779059832, + "entropy": 2.529698260800009, "valid": false } - } - ] - }, - { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", - "line_num": 45, - "path": "./tests/samples/multifile.patch", - "info": "FILE|RAW", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "line": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", + "line_num": 2, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.388924717191689, + "valid": true } - } - ] - }, - { - "rule": "AWS Multi", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", - "line_num": 45, - "path": "./tests/samples/multifile.patch", - "info": "FILE|RAW", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "line": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", + "line_num": 3, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.213332901823974, + "valid": true } }, { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", - "line_num": 46, - "path": "./tests/samples/multifile.patch", - "info": "FILE|RAW", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, + "line": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", + "line_num": 4, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, + "entropy": 5.325046388609145, "valid": true } - } - ] - }, - { - "rule": "Token", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ + }, { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", - "line_num": 46, - "path": "./tests/samples/multifile.patch", - "info": "FILE|RAW", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, - "variable": "token", - "variable_start": 3, - "variable_end": 8, + "line": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", + "line_num": 5, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", + "value_start": 0, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, + "entropy": 5.267278500114892, "valid": true } - } - ] - }, - { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", - "line_num": 8, - "path": "./tests/samples/multiline.patch", - "info": "FILE|RAW", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "line": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", + "line_num": 6, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.293594289588576, + "valid": true } - } - ] - }, - { - "rule": "AWS Multi", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", - "line_num": 8, - "path": "./tests/samples/multiline.patch", - "info": "FILE|RAW", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "line": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", + "line_num": 7, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.405307776373749, + "valid": true } }, { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", - "line_num": 9, - "path": "./tests/samples/multiline.patch", - "info": "FILE|RAW", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, + "line": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", + "line_num": 8, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, + "entropy": 5.372541658009629, "valid": true } - } - ] - }, - { - "rule": "Token", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ + }, { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", "line_num": 9, - "path": "./tests/samples/multiline.patch", - "info": "FILE|RAW", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, - "variable": "token", - "variable_start": 3, - "variable_end": 8, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", + "value_start": 0, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, + "entropy": 5.308663329427087, "valid": true } - } - ] - }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.99, - "line_data_list": [ + }, { - "line": "key_multi = \"KJHfdjs8767gr54534wsFHGf5hJKhK\nU7yguyuyFHGf5==\"; ", - "line_num": 1, - "path": "./tests/samples/nonce.py", - "info": "FILE|STRUCT|STRUCT:3|KEYWORD:`key_multi = \"KJHfdjs8767gr54534wsFHGf5hJKhK\nU7yguyuyFHGf5==\"; `", - "value": "KJHfdjs8767gr54534wsFHGf5hJKhK\nU7yguyuyFHGf5==", - "value_start": 13, - "value_end": 59, - "variable": "key_multi", - "variable_start": 0, - "variable_end": 9, + "line": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", + "line_num": 10, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", + "value_start": 0, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.321431532864092, - "valid": false + "entropy": 5.425173236956998, + "valid": true } - } - ] - }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, - "line_data_list": [ + }, { - "line": "key_wrap = \"KJHhJKhKU7yguyuyfrtsdESffhjgkhYTfdjs8Gf5jlli==\"; ", - "line_num": 1, - "path": "./tests/samples/nonce.py", - "info": "FILE|STRUCT|STRUCT:2|KEYWORD:`key_wrap = \"KJHhJKhKU7yguyuyfrtsdESffhjgkhYTfdjs8Gf5jlli==\"; `", - "value": "KJHhJKhKU7yguyuyfrtsdESffhjgkhYTfdjs8Gf5jlli==", - "value_start": 12, - "value_end": 58, - "variable": "key_wrap", - "variable_start": 0, - "variable_end": 8, + "line": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", + "line_num": 11, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", + "value_start": 0, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.482816239080333, - "valid": false + "entropy": 5.107555270017291, + "valid": true } - } - ] - }, - { - "rule": "Nonce", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ + }, { - "line": "nonce = \"bsfcvir57nt40rydvtbhs8lzbgljmet5\"; ", - "line_num": 1, - "path": "./tests/samples/nonce.py", - "info": "FILE|STRUCT|STRUCT:0|KEYWORD:`nonce = \"bsfcvir57nt40rydvtbhs8lzbgljmet5\"; `", - "value": "bsfcvir57nt40rydvtbhs8lzbgljmet5", - "value_start": 9, - "value_end": 41, - "variable": "nonce", - "variable_start": 0, - "variable_end": 5, + "line": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", + "line_num": 12, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", + "value_start": 0, + "value_end": 52, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.390319531114783, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.070538035407179, "valid": true } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ + }, { - "line": "password: F1lT3ReDw17hQoT3s", - "line_num": 2, - "path": "./tests/samples/nonce.py", - "info": "FILE|STRUCT|STRUCT:1|STRING:secure_yaml|RAW", - "value": "F1lT3ReDw17hQoT3s", - "value_start": 10, - "value_end": 27, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "line": "-----END RSA PRIVATE KEY-----", + "line_num": 13, + "path": "./tests/samples/pem_key", + "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "value": "-----END RSA PRIVATE KEY-----", + "value_start": 0, + "value_end": 29, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.734521664779752, + "entropy": 2.3783727041337137, "valid": false } } ] }, { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "rule": "PEM Private Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "key_wrap = 'KJHhJKhKU7yguyuyfrtsdESffhjgkhYT\\", - "line_num": 7, - "path": "./tests/samples/nonce.py", - "info": "FILE|RAW", - "value": "KJHhJKhKU7yguyuyfrtsdESffhjgkhYT", - "value_start": 12, - "value_end": 44, - "variable": "key_wrap", - "variable_start": 0, - "variable_end": 8, + "line": "-----BEGIN RSA PRIVATE KEY-----", + "line_num": 1, + "path": "./tests/samples/pem_key", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", + "value": "-----BEGIN RSA PRIVATE KEY-----", + "value_start": 0, + "value_end": 31, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.116729296672174, - "valid": false - } - } - ] - }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, - "line_data_list": [ - { - "line": "key_multi = '''KJHfdjs8767gr54534wsFHGf5hJKhK", - "line_num": 11, - "path": "./tests/samples/nonce.py", - "info": "FILE|RAW", - "value": "KJHfdjs8767gr54534wsFHGf5hJKhK", - "value_start": 15, - "value_end": 45, - "variable": "key_multi", - "variable_start": 0, - "variable_end": 9, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.123231428797621, - "valid": false - } - } - ] - }, - { - "rule": "NuGet API key", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "k = 'oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam'", - "line_num": 1, - "path": "./tests/samples/nuget_api_key", - "info": "FILE|RAW", - "value": "oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam", - "value_start": 5, - "value_end": 51, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.561286684176785, - "valid": true - } - } - ] - }, - { - "rule": "OpenAI Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ - { - "line": "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", - "line_num": 2, - "path": "./tests/samples/open_ai_token", - "info": "FILE|RAW", - "value": "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", - "value_start": 0, - "value_end": 51, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.1150270509100295, - "valid": true - } - } - ] - }, - { - "rule": "OpenAI Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ - { - "line": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", - "line_num": 3, - "path": "./tests/samples/open_ai_token", - "info": "FILE|RAW", - "value": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", - "value_start": 0, - "value_end": 56, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.086469255159773, - "valid": true - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.996, - "line_data_list": [ - { - "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", - "line_num": 1, - "path": "./tests/samples/passwd.groovy", - "info": "FILE|RAW", - "value": "cAc48k1Zd7", - "value_start": 20, - "value_end": 30, - "variable": "gi_reo_gi_passwd", - "variable_start": 0, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.121928094887362, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ - { - "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", - "line_num": 1, - "path": "./tests/samples/passwd.groovy", - "info": "FILE|RAW", - "value": "cAc48k1Zd7", - "value_start": 58, - "value_end": 68, - "variable": "password_confirmation", - "variable_start": 33, - "variable_end": 54, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.121928094887362, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.995, - "line_data_list": [ - { - "line": "password = \"cackle!\"; ", - "line_num": 1, - "path": "./tests/samples/password.gradle", - "info": "FILE|STRUCT|STRUCT:0|KEYWORD:`password = \"cackle!\"; `", - "value": "cackle!", - "value_start": 12, - "value_end": 19, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.120589933192232, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, - "line_data_list": [ - { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 9, - "path": "./tests/samples/password.patch", - "info": "FILE|RAW", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ - { - "line": "password = \"MYPSWRD!@#$%^&*\"", - "line_num": 1, - "path": "./tests/samples/password.tfvars", - "info": "FILE|RAW", - "value": "MYPSWRD!@#$%^&*", - "value_start": 12, - "value_end": 27, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.8232156112839757, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.989, - "line_data_list": [ - { - "line": "my_pw: nCzx8A8#!", - "line_num": 2, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "nCzx8A8#!", - "value_start": 7, - "value_end": 16, - "variable": "my_pw", - "variable_start": 0, - "variable_end": 5, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, - "line_data_list": [ - { - "line": "val password: String = \"exord13Paw64\", // scala", - "line_num": 3, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "exord13Paw64", - "value_start": 24, - "value_end": 36, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.2862156256610597, - "valid": true - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.687, - "line_data_list": [ - { - "line": "if passworsd == \"q4c1a2oPd\": # __eq__ separator", - "line_num": 5, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "q4c1a2oPd", - "value_start": 17, - "value_end": 26, - "variable": "passworsd", - "variable_start": 3, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.169925001442312, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.992, - "line_data_list": [ - { - "line": "if passworsd != \"x6s7djtEa\": # __ne__ separator", - "line_num": 6, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "x6s7djtEa", - "value_start": 17, - "value_end": 26, - "variable": "passworsd", - "variable_start": 3, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.169925001442312, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ - { - "line": "password=2bkJgtJDiLcq1t", - "line_num": 7, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "2bkJgtJDiLcq1t", - "value_start": 9, - "value_end": 23, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.521640636343319, - "valid": false - } - } - ] - }, - { - "rule": "CMD Password", - "severity": "high", - "confidence": "moderate", - "ml_probability": 0.976, - "line_data_list": [ - { - "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", - "line_num": 8, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "nCzx8A8#!", - "value_start": 46, - "value_end": 55, - "variable": "passin", - "variable_start": 33, - "variable_end": 39, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.976, - "line_data_list": [ - { - "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", - "line_num": 8, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "nCzx8A8#!", - "value_start": 46, - "value_end": 55, - "variable": "pass", - "variable_start": 41, - "variable_end": 45, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ - { - "line": "MYSQL_DATABASE_USER=CRED;MYSQL_DATABASE_PASSWORD=2IWJD88FH4Y;", - "line_num": 12, - "path": "./tests/samples/password_TRUE", - "info": "FILE|RAW", - "value": "2IWJD88FH4Y", - "value_start": 49, - "value_end": 60, - "variable": "MYSQL_DATABASE_PASSWORD", - "variable_start": 25, - "variable_end": 48, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.2776134368191165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, - "line_data_list": [ - { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 10, - "path": "./tests/samples/password_utf16.patch", - "info": "FILE|RAW", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.959, - "line_data_list": [ - { - "line": "+ \"password\": \"dkajc\u00f61\"", - "line_num": 9, - "path": "./tests/samples/password_western.patch", - "info": "FILE|RAW", - "value": "dkajc\u00f61", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4063042189065182, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.952, - "line_data_list": [ - { - "line": "password = \"cackle_!\"", - "line_num": 1, - "path": "./tests/samples/passwords.tar", - "info": "FILE|BZIP2:./tests/samples/passwords.tar|TAR:./password|RAW", - "value": "cackle_!", - "value_start": 12, - "value_end": 20, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.0, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.953, - "line_data_list": [ - { - "line": "password = \"cackle_1!\"", - "line_num": 1, - "path": "./tests/samples/passwords.tar", - "info": "FILE|BZIP2:./tests/samples/passwords.tar|TAR:./1/password|RAW", - "value": "cackle_1!", - "value_start": 12, - "value_end": 21, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.953, - "line_data_list": [ - { - "line": "password = \"cackle_2!\"", - "line_num": 1, - "path": "./tests/samples/passwords.tar", - "info": "FILE|BZIP2:./tests/samples/passwords.tar|TAR:./1/2/password|RAW", - "value": "cackle_2!", - "value_start": 12, - "value_end": 21, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, - "valid": false - } - } - ] - }, - { - "rule": "PayPal Braintree Access Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ - { - "line": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", - "line_num": 1, - "path": "./tests/samples/paypal_key", - "info": "FILE|RAW", - "value": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", - "value_start": 0, - "value_end": 73, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.125814952938168, - "valid": true - } - } - ] - }, - { - "rule": "PEM Private Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ - { - "line": "-----BEGIN RSA PRIVATE KEY-----", - "line_num": 1, - "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", - "value": "-----BEGIN RSA PRIVATE KEY-----", - "value_start": 0, - "value_end": 31, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.529698260800009, + "entropy": 2.529698260800009, "valid": false } }, @@ -9322,7 +7976,7 @@ "line": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", "line_num": 2, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", "value_start": 0, "value_end": 76, @@ -9339,7 +7993,7 @@ "line": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", "line_num": 3, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", "value_start": 0, "value_end": 76, @@ -9356,7 +8010,7 @@ "line": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", "line_num": 4, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", "value_start": 0, "value_end": 76, @@ -9373,7 +8027,7 @@ "line": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", "line_num": 5, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", "value_start": 0, "value_end": 76, @@ -9390,7 +8044,7 @@ "line": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", "line_num": 6, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", "value_start": 0, "value_end": 76, @@ -9407,7 +8061,7 @@ "line": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", "line_num": 7, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", "value_start": 0, "value_end": 76, @@ -9424,7 +8078,7 @@ "line": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", "line_num": 8, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", "value_start": 0, "value_end": 76, @@ -9441,7 +8095,7 @@ "line": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", "line_num": 9, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", "value_start": 0, "value_end": 76, @@ -9458,7 +8112,7 @@ "line": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", "line_num": 10, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", "value_start": 0, "value_end": 76, @@ -9475,7 +8129,7 @@ "line": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", "line_num": 11, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", "value_start": 0, "value_end": 76, @@ -9492,7 +8146,7 @@ "line": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", "line_num": 12, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", "value_start": 0, "value_end": 52, @@ -9509,7 +8163,7 @@ "line": "-----END RSA PRIVATE KEY-----", "line_num": 13, "path": "./tests/samples/pem_key", - "info": "FILE|BZIP2:./tests/samples/pem_key|RAW", + "info": "FILE|GZIP:./tests/samples/pem_key|RAW", "value": "-----END RSA PRIVATE KEY-----", "value_start": 0, "value_end": 29, @@ -9531,13 +8185,13 @@ "ml_probability": null, "line_data_list": [ { - "line": "-----BEGIN RSA PRIVATE KEY-----", - "line_num": 1, + "line": "str value = \"-----BEGIN RSA PRIVATE KEY-----\\n\" +", + "line_num": 2, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", + "info": "FILE|RAW", "value": "-----BEGIN RSA PRIVATE KEY-----", - "value_start": 0, - "value_end": 31, + "value_start": 13, + "value_end": 44, "variable": null, "variable_start": -2, "variable_end": -2, @@ -9548,206 +8202,239 @@ } }, { - "line": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", - "line_num": 2, - "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", - "value_start": 0, - "value_end": 76, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.388924717191689, - "valid": true - } - }, - { - "line": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", + "line": "\"MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+ \\n\"", "line_num": 3, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", - "value_start": 0, - "value_end": 76, + "info": "FILE|RAW", + "value": "MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+", + "value_start": 1, + "value_end": 103, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.213332901823974, + "entropy": 5.429600283437102, "valid": true } }, { - "line": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", + "line": "\t+ \"WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o\\r \\n\"", "line_num": 4, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", - "value_start": 0, - "value_end": 76, + "info": "FILE|RAW", + "value": "WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o", + "value_start": 4, + "value_end": 104, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.325046388609145, + "entropy": 5.307627100346911, "valid": true } }, { - "line": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", + "line": "\" CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr \"", "line_num": 5, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", - "value_start": 0, - "value_end": 76, + "info": "FILE|RAW", + "value": "CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr", + "value_start": 3, + "value_end": 102, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.267278500114892, + "entropy": 5.391947595190542, "valid": true } }, { - "line": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", + "line": "\t\t\"9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC \\\\", "line_num": 6, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", - "value_start": 0, - "value_end": 76, + "info": "FILE|RAW", + "value": "9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC", + "value_start": 3, + "value_end": 86, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.293594289588576, + "entropy": 5.410712925114302, "valid": true } }, { - "line": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", + "line": "\"\"\" mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV \"\"\" +", "line_num": 7, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", - "value_start": 0, - "value_end": 76, + "info": "FILE|RAW", + "value": "mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV", + "value_start": 4, + "value_end": 90, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.405307776373749, + "entropy": 5.417032341684991, "valid": true } }, { - "line": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", + "line": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B\\r\\n", "line_num": 8, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", + "info": "FILE|RAW", + "value": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B", "value_start": 0, - "value_end": 76, + "value_end": 106, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.372541658009629, + "entropy": 5.497697548960291, "valid": true } }, { - "line": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", + "line": "\"amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB\\\\", "line_num": 9, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", - "value_start": 0, - "value_end": 76, + "info": "FILE|RAW", + "value": "amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB", + "value_start": 1, + "value_end": 110, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.308663329427087, + "entropy": 5.30959588168204, "valid": true } }, { - "line": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", + "line": "Uaxk9J5Th8BXPyC1mclPMS7J\\\\\\\\ngMuobiFdIpryq51pvHkCQQDInvDaKI24Ho+cj6SCKnEO4kbjh/yx1XGwNmY0ld1i\\\\r5micHFiMI7/IcVZ4\\n", "line_num": 10, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", + "info": "FILE|RAW", + "value": "Uaxk9J5Th8BXPyC1mclPMS7J", "value_start": 0, - "value_end": 76, + "value_end": 24, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.425173236956998, - "valid": true + "entropy": 4.418295834054489, + "valid": false } }, { - "line": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", + "line": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----\"\"\";", "line_num": 11, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", + "info": "FILE|RAW", + "value": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----", "value_start": 0, - "value_end": 76, + "value_end": 59, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.107555270017291, + "entropy": 3.872106351098176, + "valid": false + } + } + ] + }, + { + "rule": "PEM Private Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "char pk[] = \"\\\\n-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----\\n\";", + "line_num": 14, + "path": "./tests/samples/pem_key", + "info": "FILE|RAW", + "value": "-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----", + "value_start": 16, + "value_end": 262, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.884128060579623, "valid": true } - }, + } + ] + }, + { + "rule": "PEM Private Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", - "line_num": 12, + "line": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", + "line_num": 27, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", + "info": "FILE|RAW", + "value": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", "value_start": 0, - "value_end": 52, + "value_end": 47, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.070538035407179, + "entropy": 3.0185646866544076, + "valid": false + } + }, + { + "line": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", + "line_num": 28, + "path": "./tests/samples/pem_key", + "info": "FILE|RAW", + "value": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", + "value_start": 0, + "value_end": 120, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE36_CHARS", + "entropy": 3.2083460372948154, "valid": true } }, { - "line": "-----END RSA PRIVATE KEY-----", - "line_num": 13, + "line": "-----END LOW ENTROPY PRIVATE KEY-----", + "line_num": 29, "path": "./tests/samples/pem_key", - "info": "FILE|GZIP:./tests/samples/pem_key|RAW", - "value": "-----END RSA PRIVATE KEY-----", + "info": "FILE|RAW", + "value": "-----END LOW ENTROPY PRIVATE KEY-----", "value_start": 0, - "value_end": 29, + "value_end": 37, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.3783727041337137, + "entropy": 2.6977683083639423, "valid": false } } @@ -9760,13 +8447,13 @@ "ml_probability": null, "line_data_list": [ { - "line": "str value = \"-----BEGIN RSA PRIVATE KEY-----\\n\" +", - "line_num": 2, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "-----BEGIN RSA PRIVATE KEY-----", - "value_start": 13, - "value_end": 44, + "line": "-----BEGIN RSA PRIVATE KEY-----", + "line_num": 1, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "-----BEGIN RSA PRIVATE KEY-----", + "value_start": 0, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, @@ -9777,240 +8464,257 @@ } }, { - "line": "\"MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+ \\n\"", + "line": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", + "line_num": 2, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", + "value_start": 0, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.388924717191689, + "valid": true + } + }, + { + "line": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", "line_num": 3, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+", - "value_start": 1, - "value_end": 103, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.429600283437102, + "entropy": 5.213332901823974, "valid": true } }, { - "line": "\t+ \"WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o\\r \\n\"", + "line": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", "line_num": 4, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o", - "value_start": 4, - "value_end": 104, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.307627100346911, + "entropy": 5.325046388609145, "valid": true } }, { - "line": "\" CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr \"", + "line": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", "line_num": 5, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr", - "value_start": 3, - "value_end": 102, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.391947595190542, + "entropy": 5.267278500114892, "valid": true } }, { - "line": "\t\t\"9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC \\\\", + "line": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", "line_num": 6, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC", - "value_start": 3, - "value_end": 86, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.410712925114302, + "entropy": 5.293594289588576, "valid": true } }, { - "line": "\"\"\" mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV \"\"\" +", + "line": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", "line_num": 7, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV", - "value_start": 4, - "value_end": 90, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.417032341684991, + "entropy": 5.405307776373749, "valid": true } }, { - "line": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B\\r\\n", + "line": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", "line_num": 8, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B", + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", "value_start": 0, - "value_end": 106, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.497697548960291, + "entropy": 5.372541658009629, "valid": true } }, { - "line": "\"amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB\\\\", + "line": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", "line_num": 9, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB", - "value_start": 1, - "value_end": 110, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", + "value_start": 0, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.30959588168204, + "entropy": 5.308663329427087, "valid": true } }, { - "line": "Uaxk9J5Th8BXPyC1mclPMS7J\\\\\\\\ngMuobiFdIpryq51pvHkCQQDInvDaKI24Ho+cj6SCKnEO4kbjh/yx1XGwNmY0ld1i\\\\r5micHFiMI7/IcVZ4\\n", + "line": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", "line_num": 10, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "Uaxk9J5Th8BXPyC1mclPMS7J", + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", "value_start": 0, - "value_end": 24, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.418295834054489, - "valid": false + "entropy": 5.425173236956998, + "valid": true } }, { - "line": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----\"\"\";", + "line": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", "line_num": 11, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----", + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", "value_start": 0, - "value_end": 59, + "value_end": 76, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.872106351098176, - "valid": false + "entropy": 5.107555270017291, + "valid": true } - } - ] - }, - { - "rule": "PEM Private Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "char pk[] = \"\\\\n-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----\\n\";", - "line_num": 14, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----", - "value_start": 16, - "value_end": 262, + "line": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", + "line_num": 12, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", + "value_start": 0, + "value_end": 52, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.884128060579623, + "entropy": 5.070538035407179, "valid": true } - } - ] - }, - { - "rule": "PEM Private Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", - "line_num": 27, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", + "line": "-----END RSA PRIVATE KEY-----", + "line_num": 13, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "value": "-----END RSA PRIVATE KEY-----", "value_start": 0, - "value_end": 47, + "value_end": 29, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0185646866544076, + "entropy": 2.3783727041337137, "valid": false } - }, + } + ] + }, + { + "rule": "PayPal Braintree Access Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", - "line_num": 28, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", + "line": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", + "line_num": 1, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:.git/paypal_key|RAW", + "value": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", "value_start": 0, - "value_end": 120, + "value_end": 73, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE36_CHARS", - "entropy": 3.2083460372948154, + "entropy": 4.125814952938168, "valid": true } - }, + } + ] + }, + { + "rule": "Jfrog Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "-----END LOW ENTROPY PRIVATE KEY-----", - "line_num": 29, - "path": "./tests/samples/pem_key", - "info": "FILE|RAW", - "value": "-----END LOW ENTROPY PRIVATE KEY-----", + "line": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", + "line_num": 1, + "path": "./tests/samples/pem_key.apk", + "info": "FILE|ZIP:3.zip|ZIP:2.zip|ZIP:2|RAW", + "value": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", "value_start": 0, - "value_end": 37, + "value_end": 64, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.6977683083639423, - "valid": false + "entropy": 5.288909765557392, + "valid": true } } ] @@ -10024,8 +8728,8 @@ { "line": "-----BEGIN RSA PRIVATE KEY-----", "line_num": 1, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "-----BEGIN RSA PRIVATE KEY-----", "value_start": 0, "value_end": 31, @@ -10041,8 +8745,8 @@ { "line": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", "line_num": 2, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", "value_start": 0, "value_end": 76, @@ -10058,8 +8762,8 @@ { "line": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", "line_num": 3, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", "value_start": 0, "value_end": 76, @@ -10075,8 +8779,8 @@ { "line": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", "line_num": 4, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", "value_start": 0, "value_end": 76, @@ -10092,8 +8796,8 @@ { "line": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", "line_num": 5, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", "value_start": 0, "value_end": 76, @@ -10109,8 +8813,8 @@ { "line": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", "line_num": 6, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", "value_start": 0, "value_end": 76, @@ -10126,8 +8830,8 @@ { "line": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", "line_num": 7, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", "value_start": 0, "value_end": 76, @@ -10143,8 +8847,8 @@ { "line": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", "line_num": 8, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", "value_start": 0, "value_end": 76, @@ -10160,8 +8864,8 @@ { "line": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", "line_num": 9, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", "value": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", "value_start": 0, "value_end": 76, @@ -10170,554 +8874,975 @@ "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.308663329427087, - "valid": true + "entropy": 5.308663329427087, + "valid": true + } + }, + { + "line": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", + "line_num": 10, + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", + "value": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", + "value_start": 0, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.425173236956998, + "valid": true + } + }, + { + "line": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", + "line_num": 11, + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", + "value": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", + "value_start": 0, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.107555270017291, + "valid": true + } + }, + { + "line": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", + "line_num": 12, + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", + "value": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", + "value_start": 0, + "value_end": 52, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.070538035407179, + "valid": true + } + }, + { + "line": "-----END RSA PRIVATE KEY-----", + "line_num": 13, + "path": "./tests/samples/pem_key.zip", + "info": "FILE|ZIP:pem_key|RAW", + "value": "-----END RSA PRIVATE KEY-----", + "value_start": 0, + "value_end": 29, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.3783727041337137, + "valid": false + } + } + ] + }, + { + "rule": "Picatic API Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "sk_live_gireogicracklegireogicrackle1231", + "line_num": 1, + "path": "./tests/samples/picatic_key", + "info": "FILE|RAW", + "value": "sk_live_gireogicracklegireogicrackle1231", + "value_start": 0, + "value_end": 40, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE36_CHARS", + "entropy": 3.48760529131298, + "valid": true + } + } + ] + }, + { + "rule": "Stripe Credentials", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "sk_live_gireogicracklegireogicrackle1231", + "line_num": 1, + "path": "./tests/samples/picatic_key", + "info": "FILE|RAW", + "value": "sk_live_gireogicracklegireogicrackle1231", + "value_start": 0, + "value_end": 40, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE36_CHARS", + "entropy": 3.48760529131298, + "valid": true + } + } + ] + }, + { + "rule": "PyPi API Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", + "line_num": 1, + "path": "./tests/samples/pypi_token", + "info": "FILE|RAW", + "value": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", + "value_start": 0, + "value_end": 179, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.493434473754406, + "valid": true + } + } + ] + }, + { + "rule": "Salesforce Credentials", + "severity": "medium", + "confidence": "weak", + "ml_probability": null, + "line_data_list": [ + { + "line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", + "line_num": 2, + "path": "./tests/samples/salesfoce", + "info": "FILE|RAW", + "value": "00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", + "value_start": 8, + "value_end": 120, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.076545709916438, + "valid": true + } + } + ] + }, + { + "rule": "Salt", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "{\\\"salt8\\\":\\\"4b9a6d8b638eb0c6\\\"}", + "line_num": 1, + "path": "./tests/samples/salt.py", + "info": "FILE|STRUCT|STRUCT:3|STRING:json_escaped|RAW", + "value": "4b9a6d8b638eb0c6", + "value_start": 13, + "value_end": 29, + "variable": "salt8", + "variable_start": 3, + "variable_end": 8, + "entropy_validation": { + "iterator": "BASE36_CHARS", + "entropy": 3.2806390622295662, + "valid": true + } + } + ] + }, + { + "rule": "Salt", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "salt1 = b\"\\x23!\\xae2389x&543@\"", + "line_num": 1, + "path": "./tests/samples/salt.py", + "info": "FILE|RAW", + "value": "\\x23!\\xae2389x&543@", + "value_start": 10, + "value_end": 29, + "variable": "salt1", + "variable_start": 0, + "variable_end": 5, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.5242742202043824, + "valid": false + } + } + ] + }, + { + "rule": "Salt", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.998, + "line_data_list": [ + { + "line": "salt3 = u\"\\u0020827634876\"", + "line_num": 3, + "path": "./tests/samples/salt.py", + "info": "FILE|RAW", + "value": "\\u0020827634876", + "value_start": 10, + "value_end": 25, + "variable": "salt3", + "variable_start": 0, + "variable_end": 5, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.7961053890903864, + "valid": false } - }, + } + ] + }, + { + "rule": "Salt", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.995, + "line_data_list": [ { - "line": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", - "line_num": 10, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", - "value": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", - "value_start": 0, - "value_end": 76, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "salt4 = {\"salt5\": \"my124%#$@s\\x04clt\\0\"}", + "line_num": 4, + "path": "./tests/samples/salt.py", + "info": "FILE|RAW", + "value": "my124%#$@s\\x04clt\\0", + "value_start": 19, + "value_end": 38, + "variable": "salt5", + "variable_start": 10, + "variable_end": 15, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.425173236956998, - "valid": true + "entropy": 2.6959504039350857, + "valid": false } - }, + } + ] + }, + { + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.834, + "line_data_list": [ { - "line": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", - "line_num": 11, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", - "value": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", - "value_start": 0, - "value_end": 76, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "Password = WeR15tr0n6", + "line_num": 1, + "path": "./tests/samples/sample.docx", + "info": "FILE|GZIP:./tests/samples/sample.docx|DOCX", + "value": "WeR15tr0n6", + "value_start": 11, + "value_end": 21, + "variable": "Password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.107555270017291, - "valid": true + "entropy": 3.321928094887362, + "valid": false } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", - "line_num": 12, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", - "value": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", - "value_start": 0, - "value_end": 52, + "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84", + "line_num": 1, + "path": "./tests/samples/sample.docx", + "info": "FILE|DOCX", + "value": "bace4d11-a001-be1a-c3fe-9829474b5d84", + "value_start": 11, + "value_end": 47, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.070538035407179, + "iterator": "BASE36_CHARS", + "entropy": 3.4770260427684327, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "-----END RSA PRIVATE KEY-----", - "line_num": 13, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:cred/pem_key.zip|ZIP:key.pem|RAW", - "value": "-----END RSA PRIVATE KEY-----", - "value_start": 0, - "value_end": 29, + "line": "Default footer bace4119-f002-bdef-dafe-9129474bcd89", + "line_num": 2, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/footer1.xml|RAW", + "value": "bace4119-f002-bdef-dafe-9129474bcd89", + "value_start": 1649, + "value_end": 1685, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.3783727041337137, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.3585631953659214, + "valid": true } } ] }, { - "rule": "PayPal Braintree Access Token", - "severity": "high", + "rule": "UUID", + "severity": "info", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", - "line_num": 1, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:.git/paypal_key|RAW", - "value": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", - "value_start": 0, - "value_end": 73, + "line": "Default footer bace4119-f002-bdef-dafe-9129474bcd89", + "line_num": 2, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/footer2.xml|RAW", + "value": "bace4119-f002-bdef-dafe-9129474bcd89", + "value_start": 1649, + "value_end": 1685, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE36_CHARS", - "entropy": 4.125814952938168, + "entropy": 3.3585631953659214, "valid": true } } ] }, { - "rule": "Jfrog Token", - "severity": "high", + "rule": "UUID", + "severity": "info", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", - "line_num": 1, - "path": "./tests/samples/pem_key.apk", - "info": "FILE|ZIP:3.zip|ZIP:2.zip|ZIP:2|RAW", - "value": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", - "value_start": 0, - "value_end": 64, + "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", + "line_num": 2, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/document.xml|RAW", + "value": "bace4d11-a002-be1a-c3fe-9829474b5d84", + "value_start": 1913, + "value_end": 1949, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.288909765557392, + "iterator": "BASE36_CHARS", + "entropy": 3.51161250104167, "valid": true } } ] }, { - "rule": "PEM Private Key", - "severity": "high", + "rule": "UUID", + "severity": "info", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "-----BEGIN RSA PRIVATE KEY-----", - "line_num": 1, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "-----BEGIN RSA PRIVATE KEY-----", - "value_start": 0, - "value_end": 31, + "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", + "line_num": 2, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/document.xml|RAW", + "value": "bace4d11-a003-be2a-c3fe-9829474b5d84", + "value_start": 14444, + "value_end": 14480, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.529698260800009, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.5325815983239885, + "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", + "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", "line_num": 2, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "MIICXAIBAAKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0FPqri0cb2JZfXJ/DgYSF6vUp", - "value_start": 0, - "value_end": 76, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/document.xml|RAW", + "value": "bace4d11-b003-be1a-c3fe-9829474b5d84", + "value_start": 4417, + "value_end": 4453, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.388924717191689, + "iterator": "BASE36_CHARS", + "entropy": 3.4979951400507514, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", - "line_num": 3, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "wmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/3j+skZ6UtW+5u09lHNsj6tQ5", - "value_start": 0, - "value_end": 76, + "line": " PAGE 2 Second page header bace4d19-b002-beda-cafe-0929375bcd82", + "line_num": 2, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/header1.xml|RAW", + "value": "bace4d19-b002-beda-cafe-0929375bcd82", + "value_start": 1318, + "value_end": 1354, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.213332901823974, + "iterator": "BASE36_CHARS", + "entropy": 3.4487052091947135, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", - "line_num": 4, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "1s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQABAoGAFijko56+qGyN8M0RVyaRAXz++xTqHBLh", - "value_start": 0, - "value_end": 76, + "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", + "line_num": 2, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/document.xml|RAW", + "value": "bace4d19-c001-b3e2-eac1-9129474bcd84", + "value_start": 8850, + "value_end": 8886, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.325046388609145, + "iterator": "BASE36_CHARS", + "entropy": 3.3103593761017662, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", - "line_num": 5, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "3tx4VgMtrQ+WEgCjhoTwo23KMBAuJGSYnRmoBZM3lMfTKevIkAidPExvYCdm5dYq3XToLkkLv5L2", - "value_start": 0, - "value_end": 76, + "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", + "line_num": 2, + "path": "./tests/samples/sample.docx", + "info": "FILE|ZIP:word/document.xml|RAW", + "value": "bace4d19-c001-b3e2-eac1-9129474bcd84", + "value_start": 13449, + "value_end": 13485, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.267278500114892, + "iterator": "BASE36_CHARS", + "entropy": 3.3103593761017662, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", - "line_num": 6, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "pIIVOFMDG+KESnAFV7l2c+cnzRMW0+b6f8mR1CJzZuxVLL6Q02fvLi55/mbSYxECQQDeAw6fiIQX", - "value_start": 0, - "value_end": 76, + "line": "New page first line bace4d19-b001-b3e2-eac1-9129474bcd84", + "line_num": 4, + "path": "./tests/samples/sample.docx", + "info": "FILE|DOCX", + "value": "bace4d19-b001-b3e2-eac1-9129474bcd84", + "value_start": 20, + "value_end": 56, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.293594289588576, + "iterator": "BASE36_CHARS", + "entropy": 3.3103593761017662, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", - "line_num": 7, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "GukBI4eMZZt4nscy2o12KyYner3VpoeE+Np2q+Z3pvAMd/aNzQ/W9WaI+NRfcxUJrmfPwIGm63il", - "value_start": 0, - "value_end": 76, + "line": "Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881", + "line_num": 6, + "path": "./tests/samples/sample.docx", + "info": "FILE|DOCX", + "value": "b5c6471d-a2b2-b4ef-ca5e-9121476bc881", + "value_start": 13, + "value_end": 49, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.405307776373749, + "iterator": "BASE36_CHARS", + "entropy": 3.421470487212877, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", - "line_num": 8, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "AkEAxCL5HQb2bQr4ByorcMWm/hEP2MZzROV73yF41hPsRC9m66KrheO9HPTJuo3/9s5p+sqGxOlF", - "value_start": 0, - "value_end": 76, + "line": "Third page header bace4d19-b003-beda-cafe-0929375bcd82", + "line_num": 10, + "path": "./tests/samples/sample.docx", + "info": "FILE|DOCX", + "value": "bace4d19-b003-beda-cafe-0929375bcd82", + "value_start": 18, + "value_end": 54, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.372541658009629, + "iterator": "BASE36_CHARS", + "entropy": 3.4696743064770326, "valid": true } - }, + } + ] + }, + { + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ { - "line": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", - "line_num": 9, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "L0NDt4SkosjgGwJAFklyR1uZ/wPJjj611cdBcztlPdqoxssQGnh85BzCj/u3WqBpE2vjvyyvyI5k", - "value_start": 0, - "value_end": 76, + "line": "first_page_header bace4d11-f001-beea-c3fe-9829474b5d84", + "line_num": 11, + "path": "./tests/samples/sample.docx", + "info": "FILE|DOCX", + "value": "bace4d11-f001-beea-c3fe-9829474b5d84", + "value_start": 18, + "value_end": 54, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.308663329427087, + "iterator": "BASE36_CHARS", + "entropy": 3.4979951400507514, "valid": true } - }, + } + ] + }, + { + "rule": "Token", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.977, + "line_data_list": [ { - "line": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", - "line_num": 10, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "X6zk7S0ljKtt2jny2+00VsBerQJBAJGC1Mg5Oydo5NwD6BiROrPxGo2bpTbu/fhrT8ebHkTz2epl", - "value_start": 0, - "value_end": 76, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "TokenRequest", + "line_num": 9, + "path": "./tests/samples/sample.html", + "info": "FILE|RAW", + "value": "g1re0g1T0keN3zWx", + "value_start": 40, + "value_end": 56, + "variable": "token", + "variable_start": 28, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.425173236956998, - "valid": true + "entropy": 3.5, + "valid": false } - }, + } + ] + }, + { + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, + "line_data_list": [ { - "line": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", - "line_num": 11, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "U9VQQSQzY1oZMVX8i1m5WUTLPz2yLJIBQVdXqhMCQBGoiuSoSjafUhV7i1cEGpb88h5NBYZzWXGZ", - "value_start": 0, - "value_end": 76, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": " placeholder=\"Your password: "g1re0g1Pa5$w0Rd"\"", + "line_num": 16, + "path": "./tests/samples/sample.html", + "info": "FILE|RAW", + "value": "g1re0g1Pa5$w0Rd", + "value_start": 38, + "value_end": 53, + "variable": "Your password", + "variable_start": 17, + "variable_end": 30, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.2464312225679506, + "valid": false + } + } + ] + }, + { + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.998, + "line_data_list": [ + { + "line": " ", + "line_num": 21, + "path": "./tests/samples/sample.html", + "info": "FILE|RAW", + "value": "g1re0g2Pa5$w0Rd", + "value_start": 39, + "value_end": 54, + "variable": "password", + "variable_start": 30, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.107555270017291, - "valid": true + "entropy": 3.379764555901284, + "valid": false } - }, + } + ] + }, + { + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.835, + "line_data_list": [ { - "line": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", - "line_num": 12, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "37sJ5QsW+sJyoNde3xH8vdXhzU7eT82D6X/scw9RZz+/6rCJ4p0=", - "value_start": 0, - "value_end": 52, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "A2 ID:master,PW:dipPr10Gg!", + "line_num": 1, + "path": "./tests/samples/sample.ods", + "info": "FILE|SheetAny:A2", + "value": "dipPr10Gg!", + "value_start": 16, + "value_end": 26, + "variable": "PW", + "variable_start": 13, + "variable_end": 15, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.070538035407179, - "valid": true + "entropy": 2.989735285398626, + "valid": false } - }, + } + ] + }, + { + "rule": "AWS Client ID", + "severity": "high", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ { - "line": "-----END RSA PRIVATE KEY-----", - "line_num": 13, - "path": "./tests/samples/pem_key.zip", - "info": "FILE|ZIP:pem_key|RAW", - "value": "-----END RSA PRIVATE KEY-----", - "value_start": 0, - "value_end": 29, + "line": "AKIAGIREOGIAXLSX4BT5userhostloginpassword\ud64d\uae38\ub3d9\uc804192.168.0.1adminH0NgGi1d0nGroot127.0.0.1rootiMr00TA1 password is w3Ry5tR0nGA2 ID:master,PW:dipPr10Gg!B3 192.168.0.1 master/NBd@126t!\uc8fc\uc778 FNAT-CC0TG_old10.53.51.17192.168.101.96377710.53.51.17192.168.101.9 63777 \uc8fc\uc778 FNAT-CC0TG_oldpassword:\u25a1 \ubb38\uc758 \ub0b4\uc6a9 : \u203b Error Stack Trace\ub3c4 \ud568\uaed8 \ucca8\ubd80 \ubd80\ud0c1\ub4dc\ub9bd\ub2c8\ub2e4.12345F16 224.52.124.93 root/A0dM1Nka", + "line_num": 2, + "path": "./tests/samples/sample.ods", + "info": "FILE|ZIP:content.xml|RAW", + "value": "AKIAGIREOGIAXLSX4BT5", + "value_start": 7621, + "value_end": 7641, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.3783727041337137, + "entropy": 3.6464393446710153, "valid": false } } ] }, { - "rule": "Picatic API Key", + "rule": "AWS Client ID", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "sk_live_gireogicracklegireogicrackle1231", + "line": "AwsAccessKey:AKIAGIREOGIAWSKEY123", "line_num": 1, - "path": "./tests/samples/picatic_key", - "info": "FILE|RAW", - "value": "sk_live_gireogicracklegireogicrackle1231", - "value_start": 0, - "value_end": 40, + "path": "./tests/samples/sample.pdf", + "info": "FILE|PDF:1|BASE64|RAW", + "value": "AKIAGIREOGIAWSKEY123", + "value_start": 13, + "value_end": 33, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.48760529131298, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.546439344671015, + "valid": false } } ] }, { - "rule": "Stripe Credentials", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.977, "line_data_list": [ { - "line": "sk_live_gireogicracklegireogicrackle1231", + "line": "AwsAccessKey:AKIAGIREOGIAWSKEY123", "line_num": 1, - "path": "./tests/samples/picatic_key", - "info": "FILE|RAW", - "value": "sk_live_gireogicracklegireogicrackle1231", - "value_start": 0, - "value_end": 40, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "path": "./tests/samples/sample.pdf", + "info": "FILE|PDF:1|BASE64|RAW", + "value": "AKIAGIREOGIAWSKEY123", + "value_start": 13, + "value_end": 33, + "variable": "AwsAccessKey", + "variable_start": 0, + "variable_end": 12, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.48760529131298, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.546439344671015, + "valid": false } } ] }, { - "rule": "PyPi API Token", + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "password = Xdj@jcN834b", + "line_num": 1, + "path": "./tests/samples/sample.pdf", + "info": "FILE|PDF:1|RAW", + "value": "Xdj@jcN834b", + "value_start": 11, + "value_end": 22, + "variable": "password", + "variable_start": 0, + "variable_end": 8, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.963119653306635, + "valid": false + } + } + ] + }, + { + "rule": "Github Classic Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", + "line": "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", "line_num": 1, - "path": "./tests/samples/pypi_token", - "info": "FILE|RAW", - "value": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", + "path": "./tests/samples/sample.pdf", + "info": "FILE|PDF:1|RAW", + "value": "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", "value_start": 0, - "value_end": 179, + "value_end": 40, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.493434473754406, + "entropy": 4.838879892515179, "valid": true } } ] }, { - "rule": "Salesforce Credentials", - "severity": "medium", - "confidence": "weak", + "rule": "UUID", + "severity": "info", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", + "line": " Click to edit the title text format<footer><number><date/time>", "line_num": 2, - "path": "./tests/samples/salesfoce", - "info": "FILE|RAW", - "value": "00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", - "value_start": 8, - "value_end": 120, + "path": "./tests/samples/sample.pptx", + "info": "FILE|ZIP:ppt/slideMasters/slideMaster1.xml|RAW", + "value": "1B26FE4F-8819-409F-9556-40447A77EBF2", + "value_start": 3868, + "value_end": 3904, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.076545709916438, + "iterator": "HEX_CHARS", + "entropy": 3.342171793538618, "valid": true } } ] }, { - "rule": "Salt", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "{\\\"salt8\\\":\\\"4b9a6d8b638eb0c6\\\"}", - "line_num": 1, - "path": "./tests/samples/salt.py", - "info": "FILE|STRUCT|STRUCT:3|STRING:json_escaped|RAW", - "value": "4b9a6d8b638eb0c6", - "value_start": 13, - "value_end": 29, - "variable": "salt8", - "variable_start": 3, - "variable_end": 8, + "line": " Footer<#>", + "line_num": 2, + "path": "./tests/samples/sample.pptx", + "info": "FILE|ZIP:ppt/slideLayouts/slideLayout1.xml|RAW", + "value": "42F61B0C-09B2-455B-8854-E1D3A3979B74", + "value_start": 2610, + "value_end": 2646, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.2806390622295662, + "iterator": "HEX_CHARS", + "entropy": 3.5535506956063068, "valid": true } } ] }, { - "rule": "Salt", - "severity": "medium", + "rule": "AWS Client ID", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": null, "line_data_list": [ { - "line": "salt1 = b\"\\x23!\\xae2389x&543@\"", - "line_num": 1, - "path": "./tests/samples/salt.py", - "info": "FILE|RAW", - "value": "\\x23!\\xae2389x&543@", - "value_start": 10, - "value_end": 29, - "variable": "salt1", - "variable_start": 0, - "variable_end": 5, + "line": " Follow the white rabbitAKIAGIREOGIPPTX1Y45X", + "line_num": 2, + "path": "./tests/samples/sample.pptx", + "info": "FILE|ZIP:ppt/slides/slide1.xml|RAW", + "value": "AKIAGIREOGIPPTX1Y45X", + "value_start": 2403, + "value_end": 2423, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.5242742202043824, + "entropy": 3.6841837197791887, "valid": false } } ] }, { - "rule": "Salt", + "rule": "Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.97, - "line_data_list": [ - { - "line": "salt3 = u\"\\u0020827634876\"", - "line_num": 3, - "path": "./tests/samples/salt.py", - "info": "FILE|RAW", - "value": "\\u0020827634876", - "value_start": 10, - "value_end": 25, - "variable": "salt3", + "confidence": "moderate", + "ml_probability": 0.981, + "line_data_list": [ + { + "line": "password = \"WeR15tr0n6\"; ", + "line_num": 1, + "path": "./tests/samples/sample.py", + "info": "FILE|STRUCT|STRUCT:0|KEYWORD:`password = \"WeR15tr0n6\"; `", + "value": "WeR15tr0n6", + "value_start": 12, + "value_end": 22, + "variable": "password", "variable_start": 0, - "variable_end": 5, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.7961053890903864, + "entropy": 3.321928094887362, "valid": false } } ] }, { - "rule": "Salt", - "severity": "medium", + "rule": "AWS Client ID", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.897, + "ml_probability": null, "line_data_list": [ { - "line": "salt4 = {\"salt5\": \"my124%#$@s\\x04clt\\0\"}", - "line_num": 4, - "path": "./tests/samples/salt.py", - "info": "FILE|RAW", - "value": "my124%#$@s\\x04clt\\0", - "value_start": 19, - "value_end": 38, - "variable": "salt5", - "variable_start": 10, - "variable_end": 15, + "line": "{http://schemas.openxmlformats.org/spreadsheetml/2006/main}t : AKIAGIREOGIAXLSX4BT5", + "line_num": 1, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|ZIP:xl/sharedStrings.xml|XML", + "value": "AKIAGIREOGIAXLSX4BT5", + "value_start": 63, + "value_end": 83, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.6959504039350857, + "entropy": 3.6464393446710153, "valid": false } } @@ -10727,22 +9852,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.933, + "ml_probability": 0.969, "line_data_list": [ { - "line": "Password = WeR15tr0n6", + "line": "{http://schemas.openxmlformats.org/spreadsheetml/2006/main}t : A2 ID:master,PW:dipPr10Gg!", "line_num": 1, - "path": "./tests/samples/sample.docx", - "info": "FILE|GZIP:./tests/samples/sample.docx|DOCX", - "value": "WeR15tr0n6", - "value_start": 11, - "value_end": 21, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|ZIP:xl/sharedStrings.xml|XML", + "value": "dipPr10Gg!", + "value_start": 79, + "value_end": 89, + "variable": "PW", + "variable_start": 76, + "variable_end": 78, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.321928094887362, + "entropy": 2.989735285398626, "valid": false } } @@ -10755,369 +9880,419 @@ "ml_probability": null, "line_data_list": [ { - "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84", - "line_num": 1, - "path": "./tests/samples/sample.docx", - "info": "FILE|DOCX", - "value": "bace4d11-a001-be1a-c3fe-9829474b5d84", - "value_start": 11, - "value_end": 47, + "line": "", + "line_num": 2, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|ZIP:xl/workbook.xml|RAW", + "value": "7626C862-2A13-11E5-B345-FEFF819CDC9F", + "value_start": 1015, + "value_end": 1051, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.4770260427684327, + "iterator": "HEX_CHARS", + "entropy": 3.4770260427684323, "valid": true } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", + "rule": "SendGrid API Key", + "severity": "high", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "Default footer bace4119-f002-bdef-dafe-9129474bcd89", - "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/footer1.xml|RAW", - "value": "bace4119-f002-bdef-dafe-9129474bcd89", - "value_start": 1649, - "value_end": 1685, + "line": "SG.gireogigireogigi.gireogigireogigi", + "line_num": 1, + "path": "./tests/samples/sendgrid_api_key", + "info": "FILE|RAW", + "value": "SG.gireogigireogigi.gireogigireogigi", + "value_start": 0, + "value_end": 36, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.3585631953659214, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.3705246708692047, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", + "rule": "Shopify Token", + "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "Default footer bace4119-f002-bdef-dafe-9129474bcd89", - "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/footer2.xml|RAW", - "value": "bace4119-f002-bdef-dafe-9129474bcd89", - "value_start": 1649, - "value_end": 1685, + "line": " \"shopyfy_k\": \"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\",", + "line_num": 1, + "path": "./tests/samples/shopify_token", + "info": "FILE|RAW", + "value": "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", + "value_start": 18, + "value_end": 56, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE36_CHARS", - "entropy": 3.3585631953659214, + "entropy": 3.6658566472141003, "valid": true } } ] }, { - "rule": "UUID", - "severity": "info", + "rule": "Slack Token", + "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", - "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/document.xml|RAW", - "value": "bace4d11-a002-be1a-c3fe-9829474b5d84", - "value_start": 1913, - "value_end": 1949, + "line": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", + "line_num": 1, + "path": "./tests/samples/slack_token.hs", + "info": "FILE|RAW", + "value": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", + "value_start": 0, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.51161250104167, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.029574370937287, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", + "rule": "Slack Webhook", + "severity": "medium", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", - "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/document.xml|RAW", - "value": "bace4d11-a003-be2a-c3fe-9829474b5d84", - "value_start": 14444, - "value_end": 14480, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": " \"hook\": \"https://hooks.slack.com/services/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\",", + "line_num": 1, + "path": "./tests/samples/slack_webhook.template", + "info": "FILE|RAW", + "value": "/T1029384756/B102984756/sjsbfzowhhqbsgftrvajxzpg", + "value_start": 45, + "value_end": 93, + "variable": "hooks.slack.com/services", + "variable_start": 21, + "variable_end": 45, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.5325815983239885, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.761842188131013, "valid": true } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", + "rule": "Azure Secret Value", + "severity": "high", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", - "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/document.xml|RAW", - "value": "bace4d11-b003-be1a-c3fe-9829474b5d84", - "value_start": 4417, - "value_end": 4453, + "line": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", + "line_num": 1, + "path": "./tests/samples/small.pdf", + "info": "FILE|PDF:1|RAW", + "value": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", + "value_start": 0, + "value_end": 40, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.4979951400507514, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.620007704961091, "valid": true } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.976, "line_data_list": [ { - "line": " PAGE 2 Second page header bace4d19-b002-beda-cafe-0929375bcd82", + "line": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'SqLpa5sW0rD';", + "line_num": 1, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 72, + "value_end": 83, + "variable": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY", + "variable_start": 0, + "variable_end": 70, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.995, + "line_data_list": [ + { + "line": "'create user name identified by 'SqLpa5sW0rD' --", "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/header1.xml|RAW", - "value": "bace4d19-b002-beda-cafe-0929375bcd82", - "value_start": 1318, - "value_end": 1354, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "create user name identified by", + "variable_start": 1, + "variable_end": 31, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.986, + "line_data_list": [ + { + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", + "line_num": 3, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.4487052091947135, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.99, "line_data_list": [ { - "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", - "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/document.xml|RAW", - "value": "bace4d19-c001-b3e2-eac1-9129474bcd84", - "value_start": 8850, - "value_end": 8886, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "\uff1a`CREATE USER 'haproxy'@'%' IDENTIFIED BY 'SqLpa5sW0rD';`", + "line_num": 4, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE USER 'haproxy'@'%' IDENTIFIED BY", + "variable_start": 2, + "variable_end": 41, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.3103593761017662, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.986, "line_data_list": [ { - "line": "First line bace4d11-a001-be1a-c3fe-9829474b5d84second line bace4d11-a002-be1a-c3fe-9829474b5d84Innner cell bace4d11-b003-be1a-c3fe-9829474b5d84New page first line bace4d19-b001-b3e2-eac1-9129474bcd84Next page section bace4d19-c001-b3e2-eac1-9129474bcd84Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881next line in section bace4d19-c001-b3e2-eac1-9129474bcd84last page bace4d11-a003-be2a-c3fe-9829474b5d84", - "line_num": 2, - "path": "./tests/samples/sample.docx", - "info": "FILE|ZIP:word/document.xml|RAW", - "value": "bace4d19-c001-b3e2-eac1-9129474bcd84", - "value_start": 13449, - "value_end": 13485, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", + "line_num": 5, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.3103593761017662, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "New page first line bace4d19-b001-b3e2-eac1-9129474bcd84", - "line_num": 4, - "path": "./tests/samples/sample.docx", - "info": "FILE|DOCX", - "value": "bace4d19-b001-b3e2-eac1-9129474bcd84", - "value_start": 20, - "value_end": 56, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "expected_statement = \"\"\"CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", + "line_num": 6, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 65, + "value_end": 76, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 24, + "variable_end": 63, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.3103593761017662, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "Section R2C2 b5c6471d-a2b2-b4ef-ca5e-9121476bc881", - "line_num": 6, - "path": "./tests/samples/sample.docx", - "info": "FILE|DOCX", - "value": "b5c6471d-a2b2-b4ef-ca5e-9121476bc881", - "value_start": 13, - "value_end": 49, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", + "line_num": 8, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 41, + "value_end": 52, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 0, + "variable_end": 39, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.421470487212877, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "Third page header bace4d19-b003-beda-cafe-0929375bcd82", - "line_num": 10, - "path": "./tests/samples/sample.docx", - "info": "FILE|DOCX", - "value": "bace4d19-b003-beda-cafe-0929375bcd82", - "value_start": 18, - "value_end": 54, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "PASSWORD", + "variable_start": 26, + "variable_end": 34, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.4696743064770326, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "first_page_header bace4d11-f001-beea-c3fe-9829474b5d84", - "line_num": 11, - "path": "./tests/samples/sample.docx", - "info": "FILE|DOCX", - "value": "bace4d11-f001-beea-c3fe-9829474b5d84", - "value_start": 18, - "value_end": 54, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "ALTER LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 36, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.4979951400507514, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Token", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.996, + "confidence": "weak", + "ml_probability": 0.979, "line_data_list": [ { - "line": "TokenRequest", - "line_num": 9, - "path": "./tests/samples/sample.html", + "line": "ALTER ROLE postgres PASSWORD 'SqLpa5sW0rD'; SELECT pg_reload_conf()\"", + "line_num": 10, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "g1re0g1T0keN3zWx", - "value_start": 40, - "value_end": 56, - "variable": "token", - "variable_start": 28, - "variable_end": 33, + "value": "SqLpa5sW0rD", + "value_start": 30, + "value_end": 41, + "variable": "ALTER ROLE postgres PASSWORD", + "variable_start": 0, + "variable_end": 28, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.5, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "confidence": "weak", + "ml_probability": 0.998, "line_data_list": [ { - "line": " placeholder=\"Your password: "g1re0g1Pa5$w0Rd"\"", - "line_num": 16, - "path": "./tests/samples/sample.html", + "line": "ALTER USER username WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 11, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "g1re0g1Pa5$w0Rd", - "value_start": 38, - "value_end": 53, - "variable": "Your password", - "variable_start": 17, - "variable_end": 30, + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "ALTER USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.2464312225679506, + "entropy": 3.459431618637298, "valid": false } } @@ -11127,448 +10302,473 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": " ", - "line_num": 21, - "path": "./tests/samples/sample.html", + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "g1re0g2Pa5$w0Rd", + "value": "SqLpa5sW0rD", "value_start": 39, - "value_end": 54, - "variable": "password", - "variable_start": 30, - "variable_end": 38, + "value_end": 50, + "variable": "PASSWORD", + "variable_start": 27, + "variable_end": 35, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.379764555901284, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.923, + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "A2 ID:master,PW:dipPr10Gg!", - "line_num": 1, - "path": "./tests/samples/sample.ods", - "info": "FILE|SheetAny:A2", - "value": "dipPr10Gg!", - "value_start": 16, - "value_end": 26, - "variable": "PW", - "variable_start": 13, - "variable_end": 15, + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "CREATE LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 37, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "AKIAGIREOGIAXLSX4BT5userhostloginpassword\ud64d\uae38\ub3d9\uc804192.168.0.1adminH0NgGi1d0nGroot127.0.0.1rootiMr00TA1 password is w3Ry5tR0nGA2 ID:master,PW:dipPr10Gg!B3 192.168.0.1 master/NBd@126t!\uc8fc\uc778 FNAT-CC0TG_old10.53.51.17192.168.101.96377710.53.51.17192.168.101.9 63777 \uc8fc\uc778 FNAT-CC0TG_oldpassword:\u25a1 \ubb38\uc758 \ub0b4\uc6a9 : \u203b Error Stack Trace\ub3c4 \ud568\uaed8 \ucca8\ubd80 \ubd80\ud0c1\ub4dc\ub9bd\ub2c8\ub2e4.12345F16 224.52.124.93 root/A0dM1Nka", - "line_num": 2, - "path": "./tests/samples/sample.ods", - "info": "FILE|ZIP:content.xml|RAW", - "value": "AKIAGIREOGIAXLSX4BT5", - "value_start": 7621, - "value_end": 7641, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "CREATE USER chuck WITH PASSWORD 'SqLpa5sW0rD' SUPERUSER;", + "line_num": 13, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "CREATE USER chuck WITH PASSWORD", + "variable_start": 0, + "variable_end": 31, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6464393446710153, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "AwsAccessKey:AKIAGIREOGIAWSKEY123", - "line_num": 1, - "path": "./tests/samples/sample.pdf", - "info": "FILE|PDF:1|BASE64|RAW", - "value": "AKIAGIREOGIAWSKEY123", - "value_start": 13, - "value_end": 33, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD 'SqLpa5sW0rD' NOSUPERUSER;", + "line_num": 14, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 47, + "value_end": 58, + "variable": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD", + "variable_start": 0, + "variable_end": 45, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.546439344671015, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", + "confidence": "weak", "ml_probability": 1.0, "line_data_list": [ { - "line": "password = Xdj@jcN834b", - "line_num": 1, - "path": "./tests/samples/sample.pdf", - "info": "FILE|PDF:1|RAW", - "value": "Xdj@jcN834b", - "value_start": 11, - "value_end": 22, - "variable": "password", + "line": "CREATE USER myuser WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 15, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "CREATE USER myuser WITH PASSWORD", "variable_start": 0, - "variable_end": 8, + "variable_end": 32, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Github Classic Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "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", - "line_num": 1, - "path": "./tests/samples/sample.pdf", - "info": "FILE|PDF:1|RAW", - "value": "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", - "value_start": 0, - "value_end": 40, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "CREATE USER username WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 16, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 36, + "value_end": 47, + "variable": "CREATE USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 34, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.838879892515179, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.971, "line_data_list": [ { - "line": " Click to edit the title text format<footer><number><date/time>", - "line_num": 2, - "path": "./tests/samples/sample.pptx", - "info": "FILE|ZIP:ppt/slideMasters/slideMaster1.xml|RAW", - "value": "1B26FE4F-8819-409F-9556-40447A77EBF2", - "value_start": 3868, - "value_end": 3904, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "ALTER USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 17, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 49, + "value_end": 60, + "variable": "ALTER USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 47, "entropy_validation": { - "iterator": "HEX_CHARS", - "entropy": 3.342171793538618, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.84, "line_data_list": [ { - "line": " Footer<#>", - "line_num": 2, - "path": "./tests/samples/sample.pptx", - "info": "FILE|ZIP:ppt/slideLayouts/slideLayout1.xml|RAW", - "value": "42F61B0C-09B2-455B-8854-E1D3A3979B74", - "value_start": 2610, - "value_end": 2646, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "ALTER USER 'super_user'@'10.10.10.%' identified by 'SqLpa5sW0rD';", + "line_num": 18, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "ALTER USER 'super_user'@'10.10.10.%' identified by", + "variable_start": 0, + "variable_end": 50, "entropy_validation": { - "iterator": "HEX_CHARS", - "entropy": 3.5535506956063068, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.981, "line_data_list": [ { - "line": " Follow the white rabbitAKIAGIREOGIPPTX1Y45X", - "line_num": 2, - "path": "./tests/samples/sample.pptx", - "info": "FILE|ZIP:ppt/slides/slide1.xml|RAW", - "value": "AKIAGIREOGIPPTX1Y45X", - "value_start": 2403, - "value_end": 2423, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "ALTER USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 19, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "ALTER USER username IDENTIFIED BY", + "variable_start": 0, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.991, + "confidence": "weak", + "ml_probability": 0.998, "line_data_list": [ { - "line": "password = \"WeR15tr0n6\"; ", - "line_num": 1, - "path": "./tests/samples/sample.py", - "info": "FILE|STRUCT|STRUCT:0|KEYWORD:`password = \"WeR15tr0n6\"; `", - "value": "WeR15tr0n6", - "value_start": 12, - "value_end": 22, - "variable": "password", + "line": "CREATE USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 20, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "CREATE USER username IDENTIFIED BY", "variable_start": 0, - "variable_end": 8, + "variable_end": 34, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.321928094887362, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.997, "line_data_list": [ { - "line": "{http://schemas.openxmlformats.org/spreadsheetml/2006/main}t : AKIAGIREOGIAXLSX4BT5", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|ZIP:xl/sharedStrings.xml|XML", - "value": "AKIAGIREOGIAXLSX4BT5", - "value_start": 63, - "value_end": 83, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "CREATE USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 21, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 50, + "value_end": 61, + "variable": "CREATE USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6464393446710153, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.976, + "confidence": "weak", + "ml_probability": 0.994, "line_data_list": [ { - "line": "{http://schemas.openxmlformats.org/spreadsheetml/2006/main}t : A2 ID:master,PW:dipPr10Gg!", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|ZIP:xl/sharedStrings.xml|XML", - "value": "dipPr10Gg!", + "line": "mysql -u root -pdbadmin -e \"CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';\"\u2013 ", + "line_num": 22, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", "value_start": 79, - "value_end": 89, - "variable": "PW", - "variable_start": 76, - "variable_end": 78, + "value_end": 90, + "variable": "CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY", + "variable_start": 28, + "variable_end": 77, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "-c \"CREATE ROLE scram_test login password 'SqLpa5sW0rD'\"", + "line_num": 23, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE ROLE scram_test login password", + "variable_start": 4, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "UUID", - "severity": "info", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.999, "line_data_list": [ { - "line": "", - "line_num": 2, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|ZIP:xl/workbook.xml|RAW", - "value": "7626C862-2A13-11E5-B345-FEFF819CDC9F", - "value_start": 1015, - "value_end": 1051, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "CREATE ROLE app_admin WITH LOGIN PASSWORD SqLpa5sW0rD;", + "line_num": 24, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 42, + "value_end": 53, + "variable": "CREATE ROLE app_admin WITH LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 41, "entropy_validation": { - "iterator": "HEX_CHARS", - "entropy": 3.4770260427684323, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "SendGrid API Key", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.999, "line_data_list": [ { - "line": "SG.gireogigireogigi.gireogigireogigi", - "line_num": 1, - "path": "./tests/samples/sendgrid_api_key", + "line": "CREATE ROLE flask_admin_geo LOGIN PASSWORD 'SqLpa5sW0rD';", + "line_num": 25, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "SG.gireogigireogigi.gireogigireogigi", - "value_start": 0, - "value_end": 36, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 44, + "value_end": 55, + "variable": "CREATE ROLE flask_admin_geo LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.3705246708692047, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Shopify Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.904, "line_data_list": [ { - "line": " \"shopyfy_k\": \"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\",", - "line_num": 1, - "path": "./tests/samples/shopify_token", + "line": "create role forum_example_graph_demo login password 'SqLpa5sW0rD';", + "line_num": 26, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "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", - "value_start": 18, - "value_end": 56, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 53, + "value_end": 64, + "variable": "create role forum_example_graph_demo login password", + "variable_start": 0, + "variable_end": 51, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.6658566472141003, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Slack Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.956, "line_data_list": [ { - "line": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", - "line_num": 1, - "path": "./tests/samples/slack_token.hs", + "line": "create role forum_example_graph login password 'SqLpa5sW0rD';", + "line_num": 27, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", - "value_start": 0, - "value_end": 31, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 48, + "value_end": 59, + "variable": "create role forum_example_graph login password", + "variable_start": 0, + "variable_end": 46, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.029574370937287, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Slack Webhook", + "rule": "SQL Password", "severity": "medium", - "confidence": "strong", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 0.814, "line_data_list": [ { - "line": " \"hook\": \"https://hooks.slack.com/services/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\",", - "line_num": 1, - "path": "./tests/samples/slack_webhook.template", + "line": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD('SqLpa5sW0rD');", + "line_num": 28, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "/T1029384756/B102984756/sjsbfzowhhqbsgftrvajxzpg", - "value_start": 45, - "value_end": 93, - "variable": "hooks.slack.com/services", - "variable_start": 21, - "variable_end": 45, + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD", + "variable_start": 0, + "variable_end": 50, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.761842188131013, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Azure Secret Value", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.852, "line_data_list": [ { - "line": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", - "line_num": 1, - "path": "./tests/samples/small.pdf", - "info": "FILE|PDF:1|RAW", - "value": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", - "value_start": 0, - "value_end": 40, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "insert into mysql.user values(PASSWORD('SqLpa5sW0rD') );", + "line_num": 29, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 40, + "value_end": 51, + "variable": "insert into mysql.user values(PASSWORD", + "variable_start": 0, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.620007704961091, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] @@ -11902,7 +11102,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.995, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd81", @@ -11927,7 +11127,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.962, + "ml_probability": 0.974, "line_data_list": [ { "line": "secret : 5EcRe7_r0", @@ -11952,7 +11152,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.939, "line_data_list": [ { "line": "key : AK1AGIREOGIAWSKEY555", @@ -11977,7 +11177,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 0.901, "line_data_list": [ { "line": "password : Pas1wrD0", @@ -12002,7 +11202,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.995, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd82", @@ -12027,7 +11227,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { "line": "key : SDFHBH2398SG5VF62VZVQFG2TYGVF9WYSGR", @@ -12052,7 +11252,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { "line": "key : 3TJDSLKGDFG4MTB34UHWYYSDFHKSDKJH34S", @@ -12077,7 +11277,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.991, + "ml_probability": 0.898, "line_data_list": [ { "line": "password : Pas1wrD2", @@ -12102,7 +11302,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.995, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd83", @@ -12127,7 +11327,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.63, + "ml_probability": 0.717, "line_data_list": [ { "line": "key : 0284-8946-3216-4010", @@ -12148,36 +11348,11 @@ } ] }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.733, - "line_data_list": [ - { - "line": "key : 3216-4010-0284-8946", - "line_num": 37, - "path": "./tests/samples/table.html", - "info": "FILE|HTML", - "value": "3216-4010-0284-8946", - "value_start": 6, - "value_end": 25, - "variable": "key", - "variable_start": 0, - "variable_end": 3, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.655635011093181, - "valid": false - } - } - ] - }, { "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.944, "line_data_list": [ { "line": "password : Pas1wrD3", @@ -12202,7 +11377,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.996, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd85", @@ -12227,7 +11402,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.994, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd86", @@ -12252,7 +11427,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.994, "line_data_list": [ { "line": "secret : 5EcRe7_r4", @@ -12277,7 +11452,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 0.987, "line_data_list": [ { "line": "key : 741852-321654-963852-654913", @@ -12302,7 +11477,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.97, + "ml_probability": 0.871, "line_data_list": [ { "line": "key : 184824-202847-623730-837462", @@ -12327,7 +11502,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.987, "line_data_list": [ { "line": "password : Pas1wrD4", @@ -12352,7 +11527,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.995, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd87", @@ -12377,7 +11552,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.995, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd88", @@ -12402,7 +11577,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.984, + "ml_probability": 0.995, "line_data_list": [ { "line": "secret : 5EcRe7_r5", @@ -12427,7 +11602,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.988, "line_data_list": [ { "line": "key : 321654-741852-963852-654980", @@ -12452,7 +11627,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.987, "line_data_list": [ { "line": "key : 321654-741852-963852-654981", @@ -12477,7 +11652,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.992, "line_data_list": [ { "line": "password : Pas1wrD5", @@ -12502,7 +11677,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.994, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd89", @@ -12527,7 +11702,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.995, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd80", @@ -12552,7 +11727,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.994, "line_data_list": [ { "line": "key : 321654-963852-654987-741851", @@ -12577,7 +11752,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.994, "line_data_list": [ { "line": "key : 321654-963852-654987-741853", @@ -12602,7 +11777,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.998, "line_data_list": [ { "line": "password : Pas1wrD67", @@ -12627,7 +11802,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.994, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd11", @@ -12652,7 +11827,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.995, "line_data_list": [ { "line": "token : bace4d19-fa7e-beer-care-9129474bcd22", @@ -12677,7 +11852,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "key : 654987-321654-963852-741851", @@ -12702,7 +11877,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "key : 654987-321654-963852-741852", @@ -12727,7 +11902,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "key : 654987-321654-963852-741853", @@ -12802,7 +11977,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "password : 0dm1nk0", @@ -12852,7 +12027,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.997, "line_data_list": [ { "line": "password : Cr3DeHTbIal", @@ -12902,7 +12077,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.997, "line_data_list": [ { "line": "token : H72gsdv2dswPneHduwhfd", @@ -13227,7 +12402,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.997, "line_data_list": [ { "line": "gi_reo_gi_token = \"G1Re06G1BdgNseiJDN21Z094M\"", @@ -13252,7 +12427,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.994, "line_data_list": [ { "line": "Token-> DemoToken: Nxs094M3ed2s1Re0F4M3ed2GZ8M= <- for User : demo", @@ -13352,7 +12527,7 @@ "rule": "URL Credentials", "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "url: mongodb://jrfdeg:dh3sjr8b@prod-best-sec.example.com:32768/architecture", @@ -13427,7 +12602,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.999, "line_data_list": [ { "line": "39084?Credential=546DFS64N90P3AW7DX&key=3487263-2384579834-234732875-345&hasToBefound=2", @@ -13477,7 +12652,7 @@ "rule": "URL Credentials", "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.998, "line_data_list": [ { "line": "email_as_login = \"smtps://example@gmail.com:FnD83JZs@smtp.gmail.com:465\";", @@ -13502,7 +12677,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "url3d = \"https://localhost.com/013948?26timestamp%3D1395782596%26token%3Dh1d3Me4ch534d801sl3jdk%26version%3D3.14%26si\";", @@ -13702,7 +12877,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { "line": "password : cackle!", diff --git a/tests/data/doc.json b/tests/data/doc.json index 6ec34afef..f2adaf3b5 100644 --- a/tests/data/doc.json +++ b/tests/data/doc.json @@ -266,6 +266,31 @@ } ] }, + { + "rule": "DOC_CREDENTIALS", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.991, + "line_data_list": [ + { + "line": "\"AwsAccessKey\": \"AKIAGIREOGIAWSKEY123\",", + "line_num": 2, + "path": "./tests/samples/aws_multi.json", + "info": "FILE|RAW", + "value": "AKIAGIREOGIAWSKEY123", + "value_start": 21, + "value_end": 41, + "variable": "AwsAccessKey", + "variable_start": 5, + "variable_end": 17, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.546439344671015, + "valid": false + } + } + ] + }, { "rule": "AWS Client ID", "severity": "high", @@ -337,7 +362,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.979, + "ml_probability": 1.0, "line_data_list": [ { "line": "\"AwsAccessKey2\": \"AKIAGIREOGIAWSKEY555\",", @@ -400,31 +425,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.979, - "line_data_list": [ - { - "line": "\"AwsSecretKey\":\"CrackleGiReoGi123CrackleGiReoGi123AWSkey\",", - "line_num": 4, - "path": "./tests/samples/aws_multi.json", - "info": "FILE|RAW", - "value": "CrackleGiReoGi123CrackleGiReoGi123AWSkey", - "value_start": 20, - "value_end": 60, - "variable": "AwsSecretKey", - "variable_start": 5, - "variable_end": 17, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.012814895472355, - "valid": false - } - } - ] - }, { "rule": "AWS Client ID", "severity": "high", @@ -479,7 +479,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.993, + "ml_probability": 0.931, "line_data_list": [ { "line": "\"unicode_url\": \"https://iufurvyh.google.com/v1/projects/29182364324/clients?key=HrPioECfMsa602sfDyhzzIWok\\u0026amp;alt=json\\u003c/a\\u003e\\u003c/p\\u003e\\n\"", @@ -596,7 +596,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.997, + "ml_probability": 1.0, "line_data_list": [ { "line": "\"SecretAccessKey\" : \"RMkMm8niUJ1iuhyugy3fFt5rtrf7GFQ9xz1\",", @@ -721,7 +721,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 1.0, + "ml_probability": 0.807, "line_data_list": [ { "line": "AWS_MWS_KEY = \"amzn.mws.c1dg4haz-6xd6-4gqi-vna2-ed3whf71x9k6\"", @@ -1071,7 +1071,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.993, + "ml_probability": 1.0, "line_data_list": [ { "line": "\"Bitbucket Repository Access Token\" : \"ATCTT3xFfGN0zXtbKHz2POF86xa-2aBiYC4o_T3-myk01bmFVluUIFtGm_VFQwLizp4o1FKw-AMZhtdA0NzizshnA8WzRdfgv6GeTyowCD101oqKbJ4nx9DFs", @@ -1363,7 +1363,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "my password is 237dg546fs9", @@ -1384,6 +1384,31 @@ } ] }, + { + "rule": "DOC_CREDENTIALS", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.999, + "line_data_list": [ + { + "line": "Activation key : ZAQWS-XCDER-VBGTR-FRTGU-KLMNX", + "line_num": 2, + "path": "./tests/samples/doc_credentials_p", + "info": "FILE|RAW", + "value": "ZAQWS-XCDER-VBGTR-FRTGU-KLMNX", + "value_start": 17, + "value_end": 46, + "variable": "key", + "variable_start": 11, + "variable_end": 14, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.8170564612422706, + "valid": false + } + } + ] + }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -1652,31 +1677,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.918, - "line_data_list": [ - { - "line": "id:master,password:dipPr14Gg!", - "line_num": 5, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr14Gg!", - "value_start": 19, - "value_end": 29, - "variable": "password", - "variable_start": 10, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -1811,31 +1811,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.936, - "line_data_list": [ - { - "line": "id:master password:dipPr16Gg!", - "line_num": 7, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr16Gg!", - "value_start": 19, - "value_end": 29, - "variable": "password", - "variable_start": 10, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -1903,31 +1878,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.958, - "line_data_list": [ - { - "line": "user:master password:dipPr17Gg!", - "line_num": 8, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr17Gg!", - "value_start": 21, - "value_end": 31, - "variable": "password", - "variable_start": 12, - "variable_end": 20, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -1995,31 +1945,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.938, - "line_data_list": [ - { - "line": "username:master,password:dipPr19Gg!", - "line_num": 10, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr19Gg!", - "value_start": 25, - "value_end": 35, - "variable": "password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2154,31 +2079,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.646, - "line_data_list": [ - { - "line": "ANYid:master,password:dipPr111Gg!", - "line_num": 12, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr111Gg!", - "value_start": 22, - "value_end": 33, - "variable": "password", - "variable_start": 13, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.7126753349281376, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2313,31 +2213,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.933, - "line_data_list": [ - { - "line": "user id:master password:dipPr113Gg!", - "line_num": 14, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr113Gg!", - "value_start": 24, - "value_end": 35, - "variable": "password", - "variable_start": 15, - "variable_end": 23, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2405,31 +2280,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.924, - "line_data_list": [ - { - "line": "user:master,password:dipPr114Gg!", - "line_num": 15, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr114Gg!", - "value_start": 21, - "value_end": 32, - "variable": "password", - "variable_start": 12, - "variable_end": 20, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2498,35 +2348,10 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.941, - "line_data_list": [ - { - "line": "user=master,password=dipPr115Gg!", - "line_num": 16, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr115Gg!", - "value_start": 21, - "value_end": 32, - "variable": "password", - "variable_start": 12, - "variable_end": 20, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "ID_PAIR_PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { "line": "user=master,password=dipPr115Gg!", @@ -2589,31 +2414,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.901, - "line_data_list": [ - { - "line": "username=master password=dipPr116Gg!", - "line_num": 17, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr116Gg!", - "value_start": 25, - "value_end": 36, - "variable": "password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2681,31 +2481,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.749, - "line_data_list": [ - { - "line": "User name:master Password:dipPr117Gg!", - "line_num": 18, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr117Gg!", - "value_start": 26, - "value_end": 37, - "variable": "Password", - "variable_start": 17, - "variable_end": 25, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2773,31 +2548,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.831, - "line_data_list": [ - { - "line": "username=master,password=dipPr118Gg!", - "line_num": 19, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr118Gg!", - "value_start": 25, - "value_end": 36, - "variable": "password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2865,31 +2615,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.938, - "line_data_list": [ - { - "line": "--user=master --password=dipPr119Gg!", - "line_num": 20, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr119Gg!", - "value_start": 25, - "value_end": 36, - "variable": "password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -2957,31 +2682,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.695, - "line_data_list": [ - { - "line": "user=master passwd=dipPr120Gg!", - "line_num": 21, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr120Gg!", - "value_start": 19, - "value_end": 30, - "variable": "passwd", - "variable_start": 12, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -3091,31 +2791,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.992, - "line_data_list": [ - { - "line": "account:dipPr121Gg! password:dipPr121Gg!", - "line_num": 22, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr121Gg!", - "value_start": 29, - "value_end": 40, - "variable": "password", - "variable_start": 20, - "variable_end": 28, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -3208,31 +2883,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.632, - "line_data_list": [ - { - "line": "user:master pw:dipPr124Gg!", - "line_num": 25, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr124Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -3367,31 +3017,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.929, - "line_data_list": [ - { - "line": "userId:master,password:dipPr126Gg!", - "line_num": 27, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr126Gg!", - "value_start": 23, - "value_end": 34, - "variable": "password", - "variable_start": 14, - "variable_end": 22, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -3501,31 +3126,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.776, - "line_data_list": [ - { - "line": "dipPr128Gg! ID:master dipPr128Gg! Password:dipPr128Gg!", - "line_num": 29, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr128Gg!", - "value_start": 43, - "value_end": 54, - "variable": "Password", - "variable_start": 34, - "variable_end": 42, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -3594,10 +3194,10 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.76, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { "line": "ANYid:master,pw:dipPr129Gg!", @@ -3615,32 +3215,7 @@ "entropy": 3.1449378351248165, "valid": false } - } - ] - }, - { - "rule": "ID_PAIR_PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "ANYid:master,pw:dipPr129Gg!", - "line_num": 30, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr129Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pw", - "variable_start": 13, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - }, + }, { "line": "ANYid:master,pw:dipPr129Gg!", "line_num": 30, @@ -3819,31 +3394,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.828, - "line_data_list": [ - { - "line": "ANYID:master Password:dipPr132Gg!", - "line_num": 33, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr132Gg!", - "value_start": 22, - "value_end": 33, - "variable": "Password", - "variable_start": 13, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -4020,31 +3570,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.963, - "line_data_list": [ - { - "line": "account:dipPr134Gg! pw:dipPr134Gg!", - "line_num": 35, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr134Gg!", - "value_start": 23, - "value_end": 34, - "variable": "pw", - "variable_start": 20, - "variable_end": 22, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -4070,31 +3595,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.749, - "line_data_list": [ - { - "line": "user id:master user pw:dipPr135Gg!", - "line_num": 36, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr135Gg!", - "value_start": 23, - "value_end": 34, - "variable": "pw", - "variable_start": 20, - "variable_end": 22, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -4179,31 +3679,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.906, - "line_data_list": [ - { - "line": "user_name=master password=dipPr136Gg!", - "line_num": 37, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr136Gg!", - "value_start": 26, - "value_end": 37, - "variable": "password", - "variable_start": 17, - "variable_end": 25, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -4317,7 +3792,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.961, + "ml_probability": 0.877, "line_data_list": [ { "line": "ANYlogin:master,ANYpassword:dipPr138Gg!", @@ -4409,7 +3884,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.988, + "ml_probability": 0.953, "line_data_list": [ { "line": "ANYusername=master ANYpassword=dipPr139Gg!", @@ -4564,56 +4039,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.867, - "line_data_list": [ - { - "line": "ID:master/PASS:dipPr141Gg!", - "line_num": 42, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr141Gg!", - "value_start": 15, - "value_end": 26, - "variable": "PASS", - "variable_start": 10, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.963, - "line_data_list": [ - { - "line": "account:master passwd:dipPr142Gg!", - "line_num": 43, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr142Gg!", - "value_start": 22, - "value_end": 33, - "variable": "passwd", - "variable_start": 15, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -4681,31 +4106,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.854, - "line_data_list": [ - { - "line": "login:master password:dipPr143Gg!", - "line_num": 44, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr143Gg!", - "value_start": 22, - "value_end": 33, - "variable": "password", - "variable_start": 13, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -4777,32 +4177,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.64, - "line_data_list": [ - { - "line": "user=master,pass=dipPr144Gg!", - "line_num": 45, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr144Gg!", - "value_start": 17, - "value_end": 28, - "variable": "pass", - "variable_start": 12, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.995, + "ml_probability": 0.636, "line_data_list": [ { "line": "password:dipPr145Gg! username:master", @@ -4933,10 +4308,10 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.794, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { "line": "Login as:master Password:dipPr146Gg!", @@ -4958,124 +4333,49 @@ ] }, { - "rule": "PASSWD_PAIR", + "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "Login as:master Password:dipPr146Gg!", - "line_num": 47, + "line": "id:master pw:dipPr148Gg!", + "line_num": 49, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", - "value": "dipPr146Gg!", - "value_start": 25, - "value_end": 36, - "variable": "Password", - "variable_start": 16, - "variable_end": 24, + "value": "dipPr148Gg!", + "value_start": 13, + "value_end": 24, + "variable": "pw", + "variable_start": 10, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.1449378351248165, "valid": false } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.758, - "line_data_list": [ + }, { - "line": "ID:master,pass:dipPr147Gg!", - "line_num": 48, + "line": "id:master pw:dipPr148Gg!", + "line_num": 49, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", - "value": "dipPr147Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pass", - "variable_start": 10, - "variable_end": 14, + "value": "master", + "value_start": 3, + "value_end": 9, + "variable": "id", + "variable_start": 0, + "variable_end": 2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.584962500721156, "valid": false } } ] }, { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.703, - "line_data_list": [ - { - "line": "id:master pw:dipPr148Gg!", - "line_num": 49, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr148Gg!", - "value_start": 13, - "value_end": 24, - "variable": "pw", - "variable_start": 10, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "ID_PAIR_PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "id:master pw:dipPr148Gg!", - "line_num": 49, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr148Gg!", - "value_start": 13, - "value_end": 24, - "variable": "pw", - "variable_start": 10, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - }, - { - "line": "id:master pw:dipPr148Gg!", - "line_num": 49, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "master", - "value_start": 3, - "value_end": 9, - "variable": "id", - "variable_start": 0, - "variable_end": 2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.584962500721156, - "valid": false - } - } - ] - }, - { - "rule": "PASSWD_PAIR", + "rule": "PASSWD_PAIR", "severity": "medium", "confidence": "moderate", "ml_probability": null, @@ -5166,31 +4466,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.638, - "line_data_list": [ - { - "line": "-id:master -pw:dipPr151Gg!", - "line_num": 52, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr151Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -5392,31 +4667,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.853, - "line_data_list": [ - { - "line": "-User Name:master -Password:dipPr154Gg!", - "line_num": 55, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr154Gg!", - "value_start": 28, - "value_end": 39, - "variable": "Password", - "variable_start": 19, - "variable_end": 27, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -5488,7 +4738,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 0.994, "line_data_list": [ { "line": "account:dipPr155Gg!/password:dipPr155Gg!", @@ -5580,7 +4830,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.768, + "ml_probability": 0.712, "line_data_list": [ { "line": "ANYuser=master ANY_pass=dipPr156Gg!", @@ -5605,7 +4855,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.982, + "ml_probability": 0.857, "line_data_list": [ { "line": "ANYUser:master password:dipPr157Gg!", @@ -5764,7 +5014,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.988, + "ml_probability": 0.969, "line_data_list": [ { "line": "ANY_username:master,ANY_password:dipPr159Gg!", @@ -5856,7 +5106,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.972, + "ml_probability": 0.695, "line_data_list": [ { "line": "ANYusername:master,ANY_password:dipPr160Gg!", @@ -5944,56 +5194,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.693, - "line_data_list": [ - { - "line": "ANY_USER=master ANY_PASS=dipPr161Gg!", - "line_num": 62, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr161Gg!", - "value_start": 25, - "value_end": 36, - "variable": "ANY_PASS", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.947, - "line_data_list": [ - { - "line": "User Account:master User password:dipPr162Gg!", - "line_num": 63, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr162Gg!", - "value_start": 34, - "value_end": 45, - "variable": "password", - "variable_start": 25, - "variable_end": 33, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -6145,31 +5345,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.957, - "line_data_list": [ - { - "line": "userid=master password=dipPr164Gg!", - "line_num": 65, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr164Gg!", - "value_start": 23, - "value_end": 34, - "variable": "password", - "variable_start": 14, - "variable_end": 22, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -6241,7 +5416,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.973, + "ml_probability": 0.911, "line_data_list": [ { "line": "ANY-username=master ANY-password=dipPr165Gg!", @@ -6463,31 +5638,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.66, - "line_data_list": [ - { - "line": "user:master pass:dipPr172Gg!", - "line_num": 73, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr172Gg!", - "value_start": 17, - "value_end": 28, - "variable": "pass", - "variable_start": 12, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -6559,7 +5709,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.979, + "ml_probability": 0.731, "line_data_list": [ { "line": "user=master password=dipPr174Gg!", @@ -6651,7 +5801,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.961, + "ml_probability": 0.948, "line_data_list": [ { "line": "Host name:master/Password:dipPr175Gg!", @@ -6739,31 +5889,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.942, - "line_data_list": [ - { - "line": "role:master,password:dipPr176Gg!", - "line_num": 77, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr176Gg!", - "value_start": 21, - "value_end": 32, - "variable": "password", - "variable_start": 12, - "variable_end": 20, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -6874,10 +5999,10 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.646, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { "line": "Wifi Name:master,PW:dipPr177Gg!", @@ -6899,64 +6024,14 @@ ] }, { - "rule": "PASSWD_PAIR", + "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "Wifi Name:master,PW:dipPr177Gg!", - "line_num": 78, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr177Gg!", - "value_start": 20, - "value_end": 31, - "variable": "PW", - "variable_start": 17, - "variable_end": 19, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.884, - "line_data_list": [ - { - "line": "ID:master/Password:dipPr178Gg!", - "line_num": 79, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr178Gg!", - "value_start": 19, - "value_end": 30, - "variable": "Password", - "variable_start": 10, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "ID_PAIR_PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "ID:master/Password:dipPr178Gg!", - "line_num": 79, + "line": "ID:master/Password:dipPr178Gg!", + "line_num": 79, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "FILE|RAW", "value": "dipPr178Gg!", @@ -7019,7 +6094,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.976, + "ml_probability": 0.903, "line_data_list": [ { "line": "name:master,password:dipPr179Gg!", @@ -7107,31 +6182,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.652, - "line_data_list": [ - { - "line": "Loging:master Password:dipPr180Gg!", - "line_num": 81, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr180Gg!", - "value_start": 23, - "value_end": 34, - "variable": "Password", - "variable_start": 14, - "variable_end": 22, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -7517,31 +6567,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.687, - "line_data_list": [ - { - "line": "username:master pw:dipPr189Gg!", - "line_num": 90, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "dipPr189Gg!", - "value_start": 19, - "value_end": 30, - "variable": "pw", - "variable_start": 16, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -7747,7 +6772,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.781, + "ml_probability": 0.899, "line_data_list": [ { "line": "ANYid:master pw:dipPr194Gg! ip:98.76.54.32", @@ -7906,7 +6931,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.92, + "ml_probability": 0.761, "line_data_list": [ { "line": "id: master pw:dipPr197Gg!", @@ -8061,31 +7086,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.821, - "line_data_list": [ - { - "line": "id:master@example.com,pw:IHQSB1GG!", - "line_num": 102, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "FILE|RAW", - "value": "IHQSB1GG!", - "value_start": 25, - "value_end": 34, - "variable": "pw", - "variable_start": 22, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.595488890170944, - "valid": false - } - } - ] - }, { "rule": "ID_PASSWD_PAIR", "severity": "medium", @@ -8303,31 +7303,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.838, - "line_data_list": [ - { - "line": "username/password:master/iPp7@GRq", - "line_num": 8, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "FILE|RAW", - "value": "master/iPp7@GRq", - "value_start": 18, - "value_end": 33, - "variable": "password", - "variable_start": 9, - "variable_end": 17, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, - "valid": false - } - } - ] - }, { "rule": "ID_PASSWD_PAIR", "severity": "medium", @@ -8570,31 +7545,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.898, - "line_data_list": [ - { - "line": "98.76.54.32 id/pw:master/iPp19@GRq", - "line_num": 20, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "FILE|RAW", - "value": "master/iPp19@GRq", - "value_start": 18, - "value_end": 34, - "variable": "pw", - "variable_start": 15, - "variable_end": 17, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, - "valid": false - } - } - ] - }, { "rule": "ID_PASSWD_PAIR", "severity": "medium", @@ -8745,31 +7695,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.75, - "line_data_list": [ - { - "line": "ID/Password=master/iPp27@GRq", - "line_num": 28, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "FILE|RAW", - "value": "master/iPp27@GRq", - "value_start": 12, - "value_end": 28, - "variable": "Password", - "variable_start": 3, - "variable_end": 11, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, - "valid": false - } - } - ] - }, { "rule": "ID_PASSWD_PAIR", "severity": "medium", @@ -8945,31 +7870,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.728, - "line_data_list": [ - { - "line": "Password:Prl23Db#@", - "line_num": 1, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -9045,31 +7945,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.744, - "line_data_list": [ - { - "line": "Password=Prl23Db#@", - "line_num": 4, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -9146,10 +8021,10 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.882, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { "line": "ANY_password=Prl23Db#@", @@ -9159,8 +8034,8 @@ "value": "Prl23Db#@", "value_start": 13, "value_end": 22, - "variable": "ANY_password", - "variable_start": 0, + "variable": "password", + "variable_start": 4, "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", @@ -9177,8 +8052,8 @@ "ml_probability": null, "line_data_list": [ { - "line": "ANY_password=Prl23Db#@", - "line_num": 8, + "line": "ANY-password=Prl23Db#@", + "line_num": 11, "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", "value": "Prl23Db#@", @@ -9196,64 +8071,14 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.847, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { - "line": "ANY-password=Prl23Db#@", - "line_num": 11, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, - { - "rule": "PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "ANY-password=Prl23Db#@", - "line_num": 11, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, - { - "rule": "PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "\uc554\ud638:Prl23Db#@", - "line_num": 12, + "line": "\uc554\ud638:Prl23Db#@", + "line_num": 12, "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", "value": "Prl23Db#@", @@ -9274,7 +8099,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.907, + "ml_probability": 0.722, "line_data_list": [ { "line": "master@98.76.54.32 password:Prl23Db#@", @@ -9320,31 +8145,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.946, - "line_data_list": [ - { - "line": "password is Prl23Db#@", - "line_num": 16, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 12, - "value_end": 21, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -9370,31 +8170,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.932, - "line_data_list": [ - { - "line": "default password:Prl23Db#@", - "line_num": 18, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 17, - "value_end": 26, - "variable": "password", - "variable_start": 8, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -9487,31 +8262,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.884, - "line_data_list": [ - { - "line": "\"password\":\"Prl23Db#@\"", - "line_num": 21, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 12, - "value_end": 21, - "variable": "password", - "variable_start": 1, - "variable_end": 9, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -9662,56 +8412,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.805, - "line_data_list": [ - { - "line": "password:Prl23Db#@,\ube44\ubc88:Prl23Db#@", - "line_num": 25, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@,\ube44\ubc88:Prl23Db#@", - "value_start": 9, - "value_end": 31, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2014564845873714, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.778, - "line_data_list": [ - { - "line": "passwd=Prl23Db#@", - "line_num": 26, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 7, - "value_end": 16, - "variable": "passwd", - "variable_start": 0, - "variable_end": 6, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -9787,31 +8487,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.855, - "line_data_list": [ - { - "line": "password:Prl23Db#@, paasword:Prl23Db#@", - "line_num": 30, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@,", - "value_start": 9, - "value_end": 19, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.325349666421154, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -9938,10 +8613,10 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.879, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { "line": "ANY_password:Prl23Db#@", @@ -9951,8 +8626,8 @@ "value": "Prl23Db#@", "value_start": 13, "value_end": 22, - "variable": "ANY_password", - "variable_start": 0, + "variable": "password", + "variable_start": 4, "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", @@ -9969,16 +8644,16 @@ "ml_probability": null, "line_data_list": [ { - "line": "ANY_password:Prl23Db#@", - "line_num": 34, + "line": "--password=Prl23Db#@", + "line_num": 37, "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, + "value_start": 11, + "value_end": 20, "variable": "password", - "variable_start": 4, - "variable_end": 12, + "variable_start": 2, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 2.4654972233440207, @@ -9988,50 +8663,42 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.851, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { - "line": "new password is Prl23Db#@", - "line_num": 36, + "line": "root/Prl23Db#@,root password:Prl23Db#@", + "line_num": 38, "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", "value": "Prl23Db#@", - "value_start": 16, - "value_end": 25, + "value_start": 29, + "value_end": 38, "variable": "password", - "variable_start": 4, - "variable_end": 12, + "variable_start": 20, + "variable_end": 28, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 2.4654972233440207, "valid": false } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.795, - "line_data_list": [ + }, { - "line": "--password=Prl23Db#@", - "line_num": 37, + "line": "root/Prl23Db#@,root password:Prl23Db#@", + "line_num": 38, "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 11, - "value_end": 20, - "variable": "password", - "variable_start": 2, - "variable_end": 10, + "value": "password:Prl23Db#@", + "value_start": 20, + "value_end": 38, + "variable": "root", + "variable_start": 15, + "variable_end": 19, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.252715278979705, "valid": false } } @@ -10044,100 +8711,8 @@ "ml_probability": null, "line_data_list": [ { - "line": "--password=Prl23Db#@", - "line_num": 37, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 11, - "value_end": 20, - "variable": "password", - "variable_start": 2, - "variable_end": 10, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.893, - "line_data_list": [ - { - "line": "root/Prl23Db#@,root password:Prl23Db#@", - "line_num": 38, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 29, - "value_end": 38, - "variable": "password", - "variable_start": 20, - "variable_end": 28, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, - { - "rule": "ID_PAIR_PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "root/Prl23Db#@,root password:Prl23Db#@", - "line_num": 38, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 29, - "value_end": 38, - "variable": "password", - "variable_start": 20, - "variable_end": 28, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - }, - { - "line": "root/Prl23Db#@,root password:Prl23Db#@", - "line_num": 38, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "password:Prl23Db#@", - "value_start": 20, - "value_end": 38, - "variable": "root", - "variable_start": 15, - "variable_end": 19, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.252715278979705, - "valid": false - } - } - ] - }, - { - "rule": "PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "root/Prl23Db#@,root password:Prl23Db#@", - "line_num": 38, + "line": "root/Prl23Db#@,root password:Prl23Db#@", + "line_num": 38, "path": "./tests/samples/doc_passwd_pair", "info": "FILE|RAW", "value": "Prl23Db#@", @@ -10154,31 +8729,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.766, - "line_data_list": [ - { - "line": "Prl23Db#@ username:Prl23Db#@,Prl23Db#@ password:Prl23Db#@", - "line_num": 40, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 48, - "value_end": 57, - "variable": "password", - "variable_start": 39, - "variable_end": 47, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -10246,31 +8796,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.627, - "line_data_list": [ - { - "line": "Prl23Db#@:password:Prl23Db#@", - "line_num": 41, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 19, - "value_end": 28, - "variable": "password", - "variable_start": 10, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -10296,31 +8821,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.936, - "line_data_list": [ - { - "line": "ANYpassword=Prl23Db#@", - "line_num": 45, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 12, - "value_end": 21, - "variable": "ANYpassword", - "variable_start": 0, - "variable_end": 11, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -10346,31 +8846,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.891, - "line_data_list": [ - { - "line": "passwords:Prl23Db#@", - "line_num": 46, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 10, - "value_end": 19, - "variable": "passwords", - "variable_start": 0, - "variable_end": 9, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -10396,56 +8871,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.938, - "line_data_list": [ - { - "line": "password\uc124\uc815\uc740Prl23Db#@", - "line_num": 47, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": "Prl23Db#@", - "value_start": 11, - "value_end": 20, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.987, - "line_data_list": [ - { - "line": "password=>Prl23Db#@", - "line_num": 48, - "path": "./tests/samples/doc_passwd_pair", - "info": "FILE|RAW", - "value": ">Prl23Db#@", - "value_start": 9, - "value_end": 19, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.325349666421154, - "valid": false - } - } - ] - }, { "rule": "PASSWD_PAIR", "severity": "medium", @@ -10475,7 +8900,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "ANY-Token:AIhq5Xyb1Gga9Q0", @@ -10525,7 +8950,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "token:AIhq5Xyb1Gga9Q2", @@ -10925,7 +9350,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "-Token:AIhq5Xyb1Gga9Q23", @@ -11425,7 +9850,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.964, + "ml_probability": 0.976, "line_data_list": [ { "line": "master@98.76.54.32(pw:IhqSb1Gg)", @@ -11472,10 +9897,10 @@ ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", - "confidence": "weak", - "ml_probability": 0.911, + "confidence": "moderate", + "ml_probability": null, "line_data_list": [ { "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", @@ -11493,32 +9918,7 @@ "entropy": 3.0, "valid": false } - } - ] - }, - { - "rule": "ID_PAIR_PASSWD_PAIR", - "severity": "medium", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ - { - "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", - "line_num": 4, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 42, - "value_end": 50, - "variable": "PW", - "variable_start": 39, - "variable_end": 41, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - }, + }, { "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", "line_num": 4, @@ -11567,32 +9967,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.969, - "line_data_list": [ - { - "line": "Password:master/IhqSb1Gg", - "line_num": 5, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "master/IhqSb1Gg", - "value_start": 9, - "value_end": 24, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.9, + "ml_probability": 0.983, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (PW:IhqSb1Gg)", @@ -11692,7 +10067,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh -P IhqSb1Gg gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", @@ -11742,32 +10117,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.947, - "line_data_list": [ - { - "line": "ID/Pass:xxxx:master/IhqSb1Gg,xxxx:master/IhqSb1Gg", - "line_num": 13, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "xxxx:master/IhqSb1Gg,xxxx:master/IhqSb1Gg", - "value_start": 8, - "value_end": 49, - "variable": "Pass", - "variable_start": 3, - "variable_end": 7, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6484628335484683, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.97, + "ml_probability": 0.983, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 pwd:IhqSb1Gg", @@ -11817,7 +10167,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.827, + "ml_probability": 0.845, "line_data_list": [ { "line": "\uacc4\uc815:master(PW:IhqSb1Gg)", @@ -11909,7 +10259,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.98, + "ml_probability": 0.988, "line_data_list": [ { "line": "98.76.54.32(pw:IhqSb1Gg)", @@ -11959,7 +10309,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.996, + "ml_probability": 0.997, "line_data_list": [ { "line": "98.76.54.32/pw:IhqSb1Gg", @@ -12009,7 +10359,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.972, + "ml_probability": 0.783, "line_data_list": [ { "line": "ID:gildong.hong@example.com mailto:{1}/pw:IhqSb1Gg", @@ -12097,31 +10447,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.734, - "line_data_list": [ - { - "line": "ID:gildong.hong@any.example.com mailto:{1} PWD:IhqSb1Gg", - "line_num": 21, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 47, - "value_end": 55, - "variable": "PWD", - "variable_start": 43, - "variable_end": 46, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -12193,7 +10518,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.973, + "ml_probability": 0.991, "line_data_list": [ { "line": "sftp gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", @@ -12243,7 +10568,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.877, + "ml_probability": 0.949, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", @@ -12289,31 +10614,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.941, - "line_data_list": [ - { - "line": "-id:gildong.hong@example.com mailto:{1} -pwd:IhqSb1Gg", - "line_num": 24, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pwd", - "variable_start": 41, - "variable_end": 44, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -12385,7 +10685,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", @@ -12435,7 +10735,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.997, + "ml_probability": 0.981, "line_data_list": [ { "line": "id:gildong.hong@example.com mailto:{1} password:IhqSb1Gg", @@ -12527,7 +10827,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "98.76.54.32 ANY_PW:IhqSb1Gg", @@ -12577,7 +10877,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.937, + "ml_probability": 0.962, "line_data_list": [ { "line": "98.76.54.32(ID/PW:IhqSb1Gg)", @@ -12627,7 +10927,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.848, + "ml_probability": 0.792, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 (pwd:IhqSb1Gg)", @@ -12677,32 +10977,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.775, - "line_data_list": [ - { - "line": "ID/Pass:xxxx:master/IhqSb1Gg xxxx:master/IhqSb1Gg", - "line_num": 45, - "path": "./tests/samples/doc_various", - "info": "FILE|RAW", - "value": "xxxx:master/IhqSb1Gg", - "value_start": 8, - "value_end": 28, - "variable": "Pass", - "variable_start": 3, - "variable_end": 7, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.705831690142994, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.943, + "ml_probability": 0.991, "line_data_list": [ { "line": "id:xxxx(ANYpw:IhqSb1Ga)", @@ -12752,7 +11027,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.98, + "ml_probability": 0.998, "line_data_list": [ { "line": "gildong.hong@98.76.54.32,pw:IhqSb1Gg", @@ -12852,7 +11127,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.944, + "ml_probability": 0.97, "line_data_list": [ { "line": "98.76.54.32:xxxx(PW:IhqSb1Gg)", @@ -12902,7 +11177,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.938, + "ml_probability": 0.994, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 PW:IhqSb1Gg", @@ -12952,7 +11227,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.995, + "ml_probability": 0.998, "line_data_list": [ { "line": "ANY_user:xxxx ANY_pwd:IhqSb1Gg", @@ -13002,7 +11277,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "Acount name:xxxx Initial Password:IhqSb1Gg", @@ -13052,7 +11327,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.967, + "ml_probability": 0.948, "line_data_list": [ { "line": "Access wifi:xxxx(PW:IhqSb1Gg)", @@ -13102,7 +11377,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.991, + "ml_probability": 0.949, "line_data_list": [ { "line": "-User:master -PasswordANY:IhqSb1Gg", @@ -13177,7 +11452,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.964, + "ml_probability": 0.976, "line_data_list": [ { "line": "master@98.76.54.32(pw:IhqSb1Gg)", @@ -13227,7 +11502,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.979, + "ml_probability": 0.992, "line_data_list": [ { "line": "master@98.76.54.32,PW:IhqSb1Gg", @@ -13277,7 +11552,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.996, + "ml_probability": 0.998, "line_data_list": [ { "line": "98.76.54.32 pw:IhqSb1Gg", @@ -13327,7 +11602,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.993, + "ml_probability": 0.998, "line_data_list": [ { "line": "config:xxxx,PW:IhqSb1Gg", @@ -13377,7 +11652,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.991, + "ml_probability": 0.997, "line_data_list": [ { "line": "scp gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", @@ -13427,7 +11702,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.982, + "ml_probability": 0.989, "line_data_list": [ { "line": "id:gildong.hong@xxx.com mailto:{1} pw:IhqSb1Gg", @@ -13519,7 +11794,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.979, + "ml_probability": 0.996, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", @@ -13569,7 +11844,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.995, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1},pw:IhqSb1Gg", @@ -13619,7 +11894,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.945, + "ml_probability": 0.978, "line_data_list": [ { "line": "(ssh gildong.hong@98.76.54.32 mailto{1}) pwd:IhqSb1Gg", @@ -13669,7 +11944,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.995, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1}, pw:IhqSb1Gg", @@ -13719,7 +11994,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.954, + "ml_probability": 0.953, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (pwd:IhqSb1Gg)", @@ -13769,7 +12044,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.988, + "ml_probability": 0.997, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", @@ -13819,7 +12094,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.994, + "ml_probability": 1.0, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} Password:IhqSb1Gg", @@ -13869,7 +12144,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.908, + "ml_probability": 0.958, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} (pass:IhqSb1Gg)", @@ -13894,7 +12169,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.995, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", @@ -13944,7 +12219,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.997, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pass:IhqSb1Gg", @@ -14111,7 +12386,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.982, + "ml_probability": 0.894, "line_data_list": [ { "line": "-ANYID:gildong.hong@example.com mailto:{1} -pw:IhqSb1Gg", @@ -14203,7 +12478,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.985, + "ml_probability": 0.97, "line_data_list": [ { "line": "ID:gildong.hong@xxxx.net mailto:{1} pw:IhqSb1Gg", @@ -14253,7 +12528,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.988, + "ml_probability": 0.993, "line_data_list": [ { "line": "http://98.76.54.32:xxx(pw:IhqSb1Gg)", @@ -14303,7 +12578,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.981, + "ml_probability": 0.847, "line_data_list": [ { "line": "Password: \"Dw7^&ndgf", @@ -14428,7 +12703,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.993, + "ml_probability": 0.999, "line_data_list": [ { "line": "secret: >4<563^%$&5w", @@ -14449,31 +12724,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.929, - "line_data_list": [ - { - "line": "pass: Dsfgh%$d<>s&", - "line_num": 34, - "path": "./tests/samples/drawio", - "info": "FILE|MXFILE", - "value": "Dsfgh%$d<>s&", - "value_start": 6, - "value_end": 18, - "variable": "pass", - "variable_start": 0, - "variable_end": 4, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.9245614587540076, - "valid": false - } - } - ] - }, { "rule": "UUID", "severity": "info", @@ -14503,7 +12753,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.994, + "ml_probability": 0.995, "line_data_list": [ { "line": "page2 secret is ce49dba1-e4fe-b2a7-4ffa-132bcd819474", @@ -14628,7 +12878,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.958, + "ml_probability": 0.75, "line_data_list": [ { "line": "# this is encrypted key that should be not found {\"secretKey\": \"ENC(2dfRFqV/cS6TzRd+JyO=)\"}", @@ -14653,7 +12903,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", @@ -15733,31 +13983,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.974, - "line_data_list": [ - { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 10, - "path": "./tests/samples/iso_ir_111.patch", - "info": "FILE|RAW", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, - "valid": false - } - } - ] - }, { "rule": "Jfrog Token", "severity": "high", @@ -15912,7 +14137,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { "line": "prKeyValid=LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0", @@ -15937,7 +14162,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 0.997, "line_data_list": [ { "line": "secret_looks_like_linux_path_1=\"/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF\"", @@ -15962,7 +14187,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 1.0, + "ml_probability": 0.998, "line_data_list": [ { "line": "secret_looks_like_linux_path_2=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF\"", @@ -16012,7 +14237,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 0.994, "line_data_list": [ { "line": "secret_looks_like_linux_path__=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE\"", @@ -16112,7 +14337,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.99, + "ml_probability": 0.949, "line_data_list": [ { "line": "\"pass_mask64\": \"0x81103c1452dd61cd\",", @@ -16471,7 +14696,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.998, + "ml_probability": 0.999, "line_data_list": [ { "line": "key_wrap = 'KJHhJKhKU7yguyuyfrtsdESffhjgkhYT\\", @@ -16621,7 +14846,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.988, + "ml_probability": 0.999, "line_data_list": [ { "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", @@ -16671,7 +14896,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.995, + "ml_probability": 0.999, "line_data_list": [ { "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", @@ -16696,22 +14921,22 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.936, + "ml_probability": 0.996, "line_data_list": [ { - "line": "password = \"cackle!\"", + "line": "password = \"MYPSWRD!@#$%^&*\"", "line_num": 1, - "path": "./tests/samples/password.gradle", + "path": "./tests/samples/password.tfvars", "info": "FILE|RAW", - "value": "cackle!", + "value": "MYPSWRD!@#$%^&*", "value_start": 12, - "value_end": 19, + "value_end": 27, "variable": "password", "variable_start": 0, "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.120589933192232, + "entropy": 1.8232156112839757, "valid": false } } @@ -16721,57 +14946,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.974, - "line_data_list": [ - { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 9, - "path": "./tests/samples/password.patch", - "info": "FILE|RAW", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.994, - "line_data_list": [ - { - "line": "password = \"MYPSWRD!@#$%^&*\"", - "line_num": 1, - "path": "./tests/samples/password.tfvars", - "info": "FILE|RAW", - "value": "MYPSWRD!@#$%^&*", - "value_start": 12, - "value_end": 27, - "variable": "password", - "variable_start": 0, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.8232156112839757, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.964, + "ml_probability": 0.911, "line_data_list": [ { "line": "my_pw: nCzx8A8#!", @@ -16871,7 +15046,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.68, + "ml_probability": 0.897, "line_data_list": [ { "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", @@ -16896,7 +15071,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 0.995, "line_data_list": [ { "line": "MYSQL_DATABASE_USER=CRED;MYSQL_DATABASE_PASSWORD=2IWJD88FH4Y;", @@ -16917,56 +15092,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.974, - "line_data_list": [ - { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 10, - "path": "./tests/samples/password_utf16.patch", - "info": "FILE|RAW", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, - "valid": false - } - } - ] - }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.862, - "line_data_list": [ - { - "line": "+ \"password\": \"dkajc\u00f61\"", - "line_num": 9, - "path": "./tests/samples/password_western.patch", - "info": "FILE|RAW", - "value": "dkajc\u00f61", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4063042189065182, - "valid": false - } - } - ] - }, { "rule": "PayPal Braintree Access Token", "severity": "high", @@ -17729,31 +15854,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.996, - "line_data_list": [ - { - "line": "", - "line_num": 21, - "path": "./tests/samples/sample.html", - "info": "FILE|RAW", - "value": "g1re0g2Pa5$w0Rd")\">ShowPass", - "value_start": 39, - "value_end": 80, - "variable": "password", - "variable_start": 30, - "variable_end": 38, - "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.1341873445116937, - "valid": true - } - } - ] - }, { "rule": "IP_ID_PASSWORD_TRIPLE", "severity": "medium", @@ -17854,31 +15954,6 @@ } ] }, - { - "rule": "DOC_CREDENTIALS", - "severity": "medium", - "confidence": "weak", - "ml_probability": 0.789, - "line_data_list": [ - { - "line": "A2 ID:master,PW:dipPr10Gg!", - "line_num": 1, - "path": "./tests/samples/sample.ods", - "info": "FILE|SheetAny:A2", - "value": "dipPr10Gg!", - "value_start": 16, - "value_end": 26, - "variable": "PW", - "variable_start": 13, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, { "rule": "ID_PAIR_PASSWD_PAIR", "severity": "medium", @@ -17950,7 +16025,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 0.998, "line_data_list": [ { "line": "A1 password is w3Ry5tR0nG", @@ -18140,275 +16215,1134 @@ "variable_end": -1, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0957952550009344, + "entropy": 3.0957952550009344, + "valid": false + } + } + ] + }, + { + "rule": "IP_ID_PASSWORD_TRIPLE", + "severity": "medium", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "B3 192.168.0.1 master/NBd@126t!", + "line_num": 1, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|SheetAny:B3", + "value": "NBd@126t!", + "value_start": 22, + "value_end": 31, + "variable": null, + "variable_start": -1, + "variable_end": -1, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.4654972233440207, + "valid": false + } + } + ] + }, + { + "rule": "ID_PAIR_PASSWD_PAIR", + "severity": "medium", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "A2 ID:master,PW:dipPr10Gg!", + "line_num": 1, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|SheetAny:A2", + "value": "dipPr10Gg!", + "value_start": 16, + "value_end": 26, + "variable": "PW", + "variable_start": 13, + "variable_end": 15, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.989735285398626, + "valid": false + } + }, + { + "line": "A2 ID:master,PW:dipPr10Gg!", + "line_num": 1, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|SheetAny:A2", + "value": "master,PW:dipPr10Gg!", + "value_start": 6, + "value_end": 26, + "variable": "ID", + "variable_start": 3, + "variable_end": 5, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.4736388806542577, + "valid": false + } + } + ] + }, + { + "rule": "PASSWD_PAIR", + "severity": "medium", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "A2 ID:master,PW:dipPr10Gg!", + "line_num": 1, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|SheetAny:A2", + "value": "dipPr10Gg!", + "value_start": 16, + "value_end": 26, + "variable": "PW", + "variable_start": 13, + "variable_end": 15, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.989735285398626, + "valid": false + } + } + ] + }, + { + "rule": "DOC_CREDENTIALS", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.998, + "line_data_list": [ + { + "line": "A1 password is w3Ry5tR0nG", + "line_num": 1, + "path": "./tests/samples/sample.xlsx", + "info": "FILE|SheetAny:A1", + "value": "w3Ry5tR0nG", + "value_start": 15, + "value_end": 25, + "variable": "password", + "variable_start": 3, + "variable_end": 11, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.1219280948873624, + "valid": false + } + } + ] + }, + { + "rule": "SendGrid API Key", + "severity": "high", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "SG.gireogigireogigi.gireogigireogigi", + "line_num": 1, + "path": "./tests/samples/sendgrid_api_key", + "info": "FILE|RAW", + "value": "SG.gireogigireogigi.gireogigireogigi", + "value_start": 0, + "value_end": 36, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.3705246708692047, + "valid": false + } + } + ] + }, + { + "rule": "Shopify Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "\"shopyfy_k\": \"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\",", + "line_num": 1, + "path": "./tests/samples/shopify_token", + "info": "FILE|RAW", + "value": "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", + "value_start": 18, + "value_end": 56, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE36_CHARS", + "entropy": 3.6658566472141003, + "valid": true + } + } + ] + }, + { + "rule": "Slack Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", + "line_num": 1, + "path": "./tests/samples/slack_token.hs", + "info": "FILE|RAW", + "value": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", + "value_start": 0, + "value_end": 31, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.029574370937287, + "valid": false + } + } + ] + }, + { + "rule": "Slack Webhook", + "severity": "medium", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "\"hook\": \"https://hooks.slack.com/services/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\",", + "line_num": 1, + "path": "./tests/samples/slack_webhook.template", + "info": "FILE|RAW", + "value": "/T1029384756/B102984756/sjsbfzowhhqbsgftrvajxzpg", + "value_start": 45, + "value_end": 93, + "variable": "hooks.slack.com/services", + "variable_start": 21, + "variable_end": 45, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.761842188131013, + "valid": true + } + } + ] + }, + { + "rule": "Azure Secret Value", + "severity": "high", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", + "line_num": 1, + "path": "./tests/samples/small.pdf", + "info": "FILE|PDF:1", + "value": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", + "value_start": 0, + "value_end": 40, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.620007704961091, + "valid": true + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.976, + "line_data_list": [ + { + "line": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'SqLpa5sW0rD';", + "line_num": 1, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 72, + "value_end": 83, + "variable": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY", + "variable_start": 0, + "variable_end": 70, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.995, + "line_data_list": [ + { + "line": "'create user name identified by 'SqLpa5sW0rD' --", + "line_num": 2, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "create user name identified by", + "variable_start": 1, + "variable_end": 31, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.986, + "line_data_list": [ + { + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", + "line_num": 3, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.99, + "line_data_list": [ + { + "line": "\uff1a`CREATE USER 'haproxy'@'%' IDENTIFIED BY 'SqLpa5sW0rD';`", + "line_num": 4, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE USER 'haproxy'@'%' IDENTIFIED BY", + "variable_start": 2, + "variable_end": 41, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.986, + "line_data_list": [ + { + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", + "line_num": 5, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "expected_statement = \"\"\"CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", + "line_num": 6, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 65, + "value_end": 76, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 24, + "variable_end": 63, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", + "line_num": 8, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 41, + "value_end": 52, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 0, + "variable_end": 39, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "DOC_CREDENTIALS", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "PASSWORD", + "variable_start": 26, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "ID_PAIR_PASSWD_PAIR", + "severity": "medium", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "PASSWORD", + "variable_start": 26, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + }, + { + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "username", + "value_start": 12, + "value_end": 20, + "variable": "LOGIN", + "variable_start": 6, + "variable_end": 11, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.75, + "valid": false + } + } + ] + }, + { + "rule": "PASSWD_PAIR", + "severity": "medium", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "PASSWORD", + "variable_start": 26, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "ALTER LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 36, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.979, + "line_data_list": [ + { + "line": "ALTER ROLE postgres PASSWORD 'SqLpa5sW0rD'; SELECT pg_reload_conf()\"", + "line_num": 10, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 30, + "value_end": 41, + "variable": "ALTER ROLE postgres PASSWORD", + "variable_start": 0, + "variable_end": 28, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.998, + "line_data_list": [ + { + "line": "ALTER USER username WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 11, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "ALTER USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 33, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "DOC_CREDENTIALS", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "PASSWORD", + "variable_start": 27, + "variable_end": 35, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "ID_PAIR_PASSWD_PAIR", + "severity": "medium", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "PASSWORD", + "variable_start": 27, + "variable_end": 35, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + }, + { + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "username", + "value_start": 13, + "value_end": 21, + "variable": "LOGIN", + "variable_start": 7, + "variable_end": 12, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.75, + "valid": false + } + } + ] + }, + { + "rule": "PASSWD_PAIR", + "severity": "medium", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "PASSWORD", + "variable_start": 27, + "variable_end": 35, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "CREATE LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 37, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER chuck WITH PASSWORD 'SqLpa5sW0rD' SUPERUSER;", + "line_num": 13, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "CREATE USER chuck WITH PASSWORD", + "variable_start": 0, + "variable_end": 31, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD 'SqLpa5sW0rD' NOSUPERUSER;", + "line_num": 14, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 47, + "value_end": 58, + "variable": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD", + "variable_start": 0, + "variable_end": 45, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER myuser WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 15, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "CREATE USER myuser WITH PASSWORD", + "variable_start": 0, + "variable_end": 32, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER username WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 16, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 36, + "value_end": 47, + "variable": "CREATE USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.971, + "line_data_list": [ + { + "line": "ALTER USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 17, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 49, + "value_end": 60, + "variable": "ALTER USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 47, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.84, + "line_data_list": [ + { + "line": "ALTER USER 'super_user'@'10.10.10.%' identified by 'SqLpa5sW0rD';", + "line_num": 18, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "ALTER USER 'super_user'@'10.10.10.%' identified by", + "variable_start": 0, + "variable_end": 50, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "IP_ID_PASSWORD_TRIPLE", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 0.981, "line_data_list": [ { - "line": "B3 192.168.0.1 master/NBd@126t!", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|SheetAny:B3", - "value": "NBd@126t!", - "value_start": 22, - "value_end": 31, - "variable": null, - "variable_start": -1, - "variable_end": -1, + "line": "ALTER USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 19, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "ALTER USER username IDENTIFIED BY", + "variable_start": 0, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "SQL Password", "severity": "medium", "confidence": "weak", - "ml_probability": 0.789, + "ml_probability": 0.998, "line_data_list": [ { - "line": "A2 ID:master,PW:dipPr10Gg!", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|SheetAny:A2", - "value": "dipPr10Gg!", - "value_start": 16, - "value_end": 26, - "variable": "PW", - "variable_start": 13, - "variable_end": 15, + "line": "CREATE USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 20, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "CREATE USER username IDENTIFIED BY", + "variable_start": 0, + "variable_end": 34, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "ID_PAIR_PASSWD_PAIR", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 0.997, "line_data_list": [ { - "line": "A2 ID:master,PW:dipPr10Gg!", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|SheetAny:A2", - "value": "dipPr10Gg!", - "value_start": 16, - "value_end": 26, - "variable": "PW", - "variable_start": 13, - "variable_end": 15, + "line": "CREATE USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 21, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 50, + "value_end": 61, + "variable": "CREATE USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, + "entropy": 3.459431618637298, "valid": false } - }, + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.994, + "line_data_list": [ { - "line": "A2 ID:master,PW:dipPr10Gg!", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|SheetAny:A2", - "value": "master,PW:dipPr10Gg!", - "value_start": 6, - "value_end": 26, - "variable": "ID", - "variable_start": 3, - "variable_end": 5, + "line": "mysql -u root -pdbadmin -e \"CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';\"\u2013", + "line_num": 22, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 79, + "value_end": 90, + "variable": "CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY", + "variable_start": 28, + "variable_end": 77, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.4736388806542577, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "PASSWD_PAIR", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "A2 ID:master,PW:dipPr10Gg!", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|SheetAny:A2", - "value": "dipPr10Gg!", - "value_start": 16, - "value_end": 26, - "variable": "PW", - "variable_start": 13, - "variable_end": 15, + "line": "-c \"CREATE ROLE scram_test login password 'SqLpa5sW0rD'\"", + "line_num": 23, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE ROLE scram_test login password", + "variable_start": 4, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "DOC_CREDENTIALS", + "rule": "SQL Password", "severity": "medium", "confidence": "weak", "ml_probability": 0.999, "line_data_list": [ { - "line": "A1 password is w3Ry5tR0nG", - "line_num": 1, - "path": "./tests/samples/sample.xlsx", - "info": "FILE|SheetAny:A1", - "value": "w3Ry5tR0nG", - "value_start": 15, - "value_end": 25, - "variable": "password", - "variable_start": 3, - "variable_end": 11, + "line": "CREATE ROLE app_admin WITH LOGIN PASSWORD SqLpa5sW0rD;", + "line_num": 24, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 42, + "value_end": 53, + "variable": "CREATE ROLE app_admin WITH LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1219280948873624, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "SendGrid API Key", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.999, "line_data_list": [ { - "line": "SG.gireogigireogigi.gireogigireogigi", - "line_num": 1, - "path": "./tests/samples/sendgrid_api_key", + "line": "CREATE ROLE flask_admin_geo LOGIN PASSWORD 'SqLpa5sW0rD';", + "line_num": 25, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "SG.gireogigireogigi.gireogigireogigi", - "value_start": 0, - "value_end": 36, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 44, + "value_end": 55, + "variable": "CREATE ROLE flask_admin_geo LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.3705246708692047, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Shopify Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.904, "line_data_list": [ { - "line": "\"shopyfy_k\": \"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\",", - "line_num": 1, - "path": "./tests/samples/shopify_token", + "line": "create role forum_example_graph_demo login password 'SqLpa5sW0rD';", + "line_num": 26, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "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", - "value_start": 18, - "value_end": 56, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 53, + "value_end": 64, + "variable": "create role forum_example_graph_demo login password", + "variable_start": 0, + "variable_end": 51, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.6658566472141003, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Slack Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.956, "line_data_list": [ { - "line": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", - "line_num": 1, - "path": "./tests/samples/slack_token.hs", + "line": "create role forum_example_graph login password 'SqLpa5sW0rD';", + "line_num": 27, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", - "value_start": 0, - "value_end": 31, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 48, + "value_end": 59, + "variable": "create role forum_example_graph login password", + "variable_start": 0, + "variable_end": 46, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.029574370937287, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Slack Webhook", + "rule": "SQL Password", "severity": "medium", - "confidence": "strong", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 0.814, "line_data_list": [ { - "line": "\"hook\": \"https://hooks.slack.com/services/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\",", - "line_num": 1, - "path": "./tests/samples/slack_webhook.template", + "line": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD('SqLpa5sW0rD');", + "line_num": 28, + "path": "./tests/samples/sql_password", "info": "FILE|RAW", - "value": "/T1029384756/B102984756/sjsbfzowhhqbsgftrvajxzpg", - "value_start": 45, - "value_end": 93, - "variable": "hooks.slack.com/services", - "variable_start": 21, - "variable_end": 45, + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD", + "variable_start": 0, + "variable_end": 50, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.761842188131013, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Azure Secret Value", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.852, "line_data_list": [ { - "line": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", - "line_num": 1, - "path": "./tests/samples/small.pdf", - "info": "FILE|PDF:1", - "value": "qpF8Q~PCM5MhMoyTFc5TYEomnzRUKim9UJhe8a2P", - "value_start": 0, - "value_end": 40, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "line": "insert into mysql.user values(PASSWORD('SqLpa5sW0rD') );", + "line_num": 29, + "path": "./tests/samples/sql_password", + "info": "FILE|RAW", + "value": "SqLpa5sW0rD", + "value_start": 40, + "value_end": 51, + "variable": "insert into mysql.user values(PASSWORD", + "variable_start": 0, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.620007704961091, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] @@ -18942,7 +17876,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.999, + "ml_probability": 0.993, "line_data_list": [ { "line": "gi_reo_gi_token = \"G1Re06G1BdgNseiJDN21Z094M\"", @@ -18967,7 +17901,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.99, + "ml_probability": 0.988, "line_data_list": [ { "line": "Token-> DemoToken: Nxs094M3ed2s1Re0F4M3ed2GZ8M= <- for User : demo", @@ -19092,7 +18026,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.997, + "ml_probability": 1.0, "line_data_list": [ { "line": "39084?Credential=546DFS64N90P3AW7DX&key=3487263-2384579834-234732875-345&hasToBefound=2", @@ -19317,7 +18251,7 @@ "rule": "DOC_CREDENTIALS", "severity": "medium", "confidence": "weak", - "ml_probability": 0.984, + "ml_probability": 0.986, "line_data_list": [ { "line": "password : cackle!", diff --git a/tests/data/ml_threshold.json b/tests/data/ml_threshold.json index 1d57ed53f..319d30d0c 100644 --- a/tests/data/ml_threshold.json +++ b/tests/data/ml_threshold.json @@ -28,7 +28,7 @@ "rule": "API", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.996, "line_data_list": [ { "line": "gi_reo_gi_api = \"DvMB_glvwjlEQ_uqIyn8k\";", @@ -178,7 +178,7 @@ "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.998, "line_data_list": [ { "line": "\"kerberos_authentication\": \"YI7IB6wYJgaMgHAgIKoZI2AQBuIh2cSA0IB1qA\"", @@ -228,7 +228,7 @@ "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.999, "line_data_list": [ { "line": "headers = {authorization: /oauth_signature=\"JgEWaL6V6eM%2FFb9wuXG4I3IB6wY%3D\"/, content_type: 'application/json; charset=utf-8'}", @@ -420,7 +420,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.051, + "ml_probability": 0.695, "line_data_list": [ { "line": " \"AwsAccessKey\": \"AKIAGIREOGIAWSKEY123\",", @@ -512,7 +512,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.858, + "ml_probability": 0.997, "line_data_list": [ { "line": " \"AwsAccessKey2\": \"AKIAGIREOGIAWSKEY555\",", @@ -579,7 +579,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": 0.35, "line_data_list": [ { "line": " \"AwsSecretKey\":\"CrackleGiReoGi123CrackleGiReoGi123AWSkey\",", @@ -604,7 +604,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": 0.35, "line_data_list": [ { "line": " \"AwsSecretKey\":\"CrackleGiReoGi123CrackleGiReoGi123AWSkey\",", @@ -704,7 +704,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.98, + "ml_probability": 0.727, "line_data_list": [ { "line": " \"unicode_url\": \"https://iufurvyh.google.com/v1/projects/29182364324/clients?key=HrPioECfMsa602sfDyhzzIWok\\u0026amp;alt=json\\u003c/a\\u003e\\u003c/p\\u003e\\n\"", @@ -821,7 +821,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": " \"SecretAccessKey\" : \"RMkMm8niUJ1iuhyugy3fFt5rtrf7GFQ9xz1\",", @@ -846,7 +846,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": " \"SecretAccessKey\" : \"RMkMm8niUJ1iuhyugy3fFt5rtrf7GFQ9xz1\",", @@ -921,7 +921,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.626, "line_data_list": [ { "line": "AWS_MWS_KEY = \"amzn.mws.c1dg4haz-6xd6-4gqi-vna2-ed3whf71x9k6\"", @@ -1296,7 +1296,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.713, + "ml_probability": 0.999, "line_data_list": [ { "line": "\"Bitbucket Repository Access Token\" : \"ATCTT3xFfGN0zXtbKHz2POF86xa-2aBiYC4o_T3-myk01bmFVluUIFtGm_VFQwLizp4o1FKw-AMZhtdA0NzizshnA8WzRdfgv6GeTyowCD101oqKbJ4nx9DFsar5YyUNkwO9maR9-00tQvfciyfOHtPKG6K1d76Ki3iFo7roGeyJu4j1jM3GwQ4=EDDE81AD\"", @@ -1321,7 +1321,7 @@ "rule": "Certificate", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { "line": "const certificatePEM := 'LS0tLS1CRUdJTiBDRVJUSUZ0VLQW9JQkFRRFkwYzFUS0I1b1pQd1EKN3QxQ3dNSXJ2cUI2R0lVM3RQeTZSaGNrWlhUa09COFllQldKN1VLZkN6OEhHZJQ0FURS0tLS0tCk1JSUMrekND'", @@ -1346,7 +1346,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.363, + "ml_probability": 0.901, "line_data_list": [ { "line": "gpg --decrypt --passphrase N1DdkUD3E73 --output decrypted.txt encrypted.txt.gpg", @@ -1396,7 +1396,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.751, + "ml_probability": 0.964, "line_data_list": [ { "line": "-Domain 'localhost' -Password 'Sjdn43ss@!'", @@ -1421,7 +1421,7 @@ "rule": "CMD Secret", "severity": "high", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "--super-secret_token 1ace4d19-fa7e-b4e2-c3f0-9129474bcd81", @@ -1446,7 +1446,7 @@ "rule": "CMD Token", "severity": "high", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "--super-secret_token 1ace4d19-fa7e-b4e2-c3f0-9129474bcd81", @@ -1496,7 +1496,7 @@ "rule": "CMD ConvertTo-SecureString", "severity": "high", "confidence": "moderate", - "ml_probability": 0.574, + "ml_probability": 0.997, "line_data_list": [ { "line": "ConvertTo-SecureString -String -Force dsjUE#$gds8s", @@ -1521,7 +1521,7 @@ "rule": "CMD ConvertTo-SecureString", "severity": "high", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { "line": "\"ConvertTo-SecureString \\\"4yd21JKH~GE8dkd\\\"\"", @@ -1546,7 +1546,7 @@ "rule": "Credential", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.999, "line_data_list": [ { "line": "gi_reo_gi_credential = \"K2u6mFw8wJOsAf\"", @@ -1671,7 +1671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.472, + "ml_probability": 0.021, "line_data_list": [ { "line": "ID:master,PW:dipPr10Gg!", @@ -1696,7 +1696,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.497, + "ml_probability": 0.025, "line_data_list": [ { "line": "ID:master PW:dipPr11Gg!", @@ -1721,7 +1721,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.516, + "ml_probability": 0.23, "line_data_list": [ { "line": "ANYID:master PW:dipPr12Gg!", @@ -1746,7 +1746,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.744, + "ml_probability": 0.043, "line_data_list": [ { "line": "Username:master Password:dipPr13Gg!", @@ -1771,7 +1771,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.977, + "ml_probability": 0.864, "line_data_list": [ { "line": "id:master,password:dipPr14Gg!", @@ -1796,7 +1796,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.704, + "ml_probability": 0.117, "line_data_list": [ { "line": "ID:master/PW:dipPr15Gg!", @@ -1821,7 +1821,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.855, "line_data_list": [ { "line": "id:master password:dipPr16Gg!", @@ -1846,7 +1846,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.874, "line_data_list": [ { "line": "user:master password:dipPr17Gg!", @@ -1871,7 +1871,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.893, "line_data_list": [ { "line": "username:master,password:dipPr19Gg!", @@ -1896,7 +1896,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.595, + "ml_probability": 0.008, "line_data_list": [ { "line": "username:master pwd:dipPr110Gg!", @@ -1921,7 +1921,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.873, + "ml_probability": 0.092, "line_data_list": [ { "line": "ANYid:master,password:dipPr111Gg!", @@ -1946,7 +1946,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.22, + "ml_probability": 0.001, "line_data_list": [ { "line": "ID:master PWD:dipPr112Gg!", @@ -1971,7 +1971,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 0.619, "line_data_list": [ { "line": "user id:master password:dipPr113Gg!", @@ -1996,7 +1996,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.978, + "ml_probability": 0.708, "line_data_list": [ { "line": "user:master,password:dipPr114Gg!", @@ -2021,7 +2021,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 0.915, "line_data_list": [ { "line": "user=master,password=dipPr115Gg!", @@ -2046,7 +2046,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.971, + "ml_probability": 0.704, "line_data_list": [ { "line": "username=master password=dipPr116Gg!", @@ -2071,7 +2071,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.917, + "ml_probability": 0.338, "line_data_list": [ { "line": "User name:master Password:dipPr117Gg!", @@ -2096,7 +2096,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.948, + "ml_probability": 0.738, "line_data_list": [ { "line": "username=master,password=dipPr118Gg!", @@ -2121,7 +2121,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.876, "line_data_list": [ { "line": "--user=master --password=dipPr119Gg!", @@ -2146,7 +2146,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.889, + "ml_probability": 0.045, "line_data_list": [ { "line": "user=master passwd=dipPr120Gg!", @@ -2171,7 +2171,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.912, "line_data_list": [ { "line": "account:dipPr121Gg! password:dipPr121Gg!", @@ -2196,7 +2196,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.652, + "ml_probability": 0.081, "line_data_list": [ { "line": "id:master pass:dipPr122Gg!", @@ -2221,7 +2221,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.847, + "ml_probability": 0.463, "line_data_list": [ { "line": "user:master pw:dipPr124Gg!", @@ -2246,7 +2246,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.828, + "ml_probability": 0.196, "line_data_list": [ { "line": "Username:master/Password:dipPr125Gg!", @@ -2271,7 +2271,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.98, + "ml_probability": 0.767, "line_data_list": [ { "line": "userId:master,password:dipPr126Gg!", @@ -2296,7 +2296,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.999, "line_data_list": [ { "line": "--user master --password dipPr127Gg!", @@ -2321,7 +2321,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.929, + "ml_probability": 0.464, "line_data_list": [ { "line": "dipPr128Gg! ID:master dipPr128Gg! Password:dipPr128Gg!", @@ -2346,7 +2346,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.911, + "ml_probability": 0.909, "line_data_list": [ { "line": "ANYid:master,pw:dipPr129Gg!", @@ -2371,7 +2371,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.78, + "ml_probability": 0.016, "line_data_list": [ { "line": "user:master pwd:dipPr130Gg!", @@ -2396,7 +2396,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.378, + "ml_probability": 0.003, "line_data_list": [ { "line": "Login:dipPr131Gg! Pwd:dipPr131Gg!", @@ -2421,7 +2421,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.948, + "ml_probability": 0.847, "line_data_list": [ { "line": "ANYID:master Password:dipPr132Gg!", @@ -2446,7 +2446,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.82, + "ml_probability": 0.102, "line_data_list": [ { "line": "-Username:master -Password:dipPr133Gg!", @@ -2471,7 +2471,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.933, "line_data_list": [ { "line": "account:dipPr134Gg! pw:dipPr134Gg!", @@ -2496,7 +2496,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.905, + "ml_probability": 0.791, "line_data_list": [ { "line": "user id:master user pw:dipPr135Gg!", @@ -2521,7 +2521,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.973, + "ml_probability": 0.733, "line_data_list": [ { "line": "user_name=master password=dipPr136Gg!", @@ -2546,7 +2546,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.99, + "ml_probability": 0.999, "line_data_list": [ { "line": "--username master --password dipPr137Gg!", @@ -2571,7 +2571,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.992, "line_data_list": [ { "line": "ANYlogin:master,ANYpassword:dipPr138Gg!", @@ -2621,7 +2621,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.385, + "ml_probability": 0.003, "line_data_list": [ { "line": "ID:master,PWD:dipPr140Gg!", @@ -2646,7 +2646,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.959, + "ml_probability": 0.687, "line_data_list": [ { "line": "ID:master/PASS:dipPr141Gg!", @@ -2671,7 +2671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.543, "line_data_list": [ { "line": "account:master passwd:dipPr142Gg!", @@ -2696,7 +2696,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.955, + "ml_probability": 0.726, "line_data_list": [ { "line": "login:master password:dipPr143Gg!", @@ -2721,7 +2721,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.863, + "ml_probability": 0.473, "line_data_list": [ { "line": "user=master,pass=dipPr144Gg!", @@ -2746,7 +2746,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.971, "line_data_list": [ { "line": "password:dipPr145Gg! username:master", @@ -2771,7 +2771,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.935, + "ml_probability": 0.846, "line_data_list": [ { "line": "Login as:master Password:dipPr146Gg!", @@ -2796,7 +2796,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.917, + "ml_probability": 0.477, "line_data_list": [ { "line": "ID:master,pass:dipPr147Gg!", @@ -2821,7 +2821,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.888, + "ml_probability": 0.761, "line_data_list": [ { "line": "id:master pw:dipPr148Gg!", @@ -2846,7 +2846,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.664, + "ml_probability": 0.803, "line_data_list": [ { "line": "(98.76.54.32)ID:master PW:dipPr149Gg!", @@ -2871,7 +2871,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.854, + "ml_probability": 0.569, "line_data_list": [ { "line": "-id:master -pw:dipPr151Gg!", @@ -2896,7 +2896,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.794, + "ml_probability": 0.666, "line_data_list": [ { "line": "username:master pw:dipPr152Gg!", @@ -2921,7 +2921,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.956, + "ml_probability": 0.842, "line_data_list": [ { "line": "-User Name:master -Password:dipPr154Gg!", @@ -2971,7 +2971,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.921, + "ml_probability": 0.961, "line_data_list": [ { "line": "ANYuser=master ANY_pass=dipPr156Gg!", @@ -2996,7 +2996,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": 0.989, "line_data_list": [ { "line": "ANYUser:master password:dipPr157Gg!", @@ -3021,7 +3021,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.802, + "ml_probability": 0.141, "line_data_list": [ { "line": "user:master,pwd:dipPr158Gg!", @@ -3071,7 +3071,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.97, "line_data_list": [ { "line": "ANYusername:master,ANY_password:dipPr160Gg!", @@ -3096,7 +3096,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.892, + "ml_probability": 0.656, "line_data_list": [ { "line": "ANY_USER=master ANY_PASS=dipPr161Gg!", @@ -3121,7 +3121,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.985, + "ml_probability": 0.114, "line_data_list": [ { "line": "User Account:master User password:dipPr162Gg!", @@ -3146,7 +3146,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.431, + "ml_probability": 0.004, "line_data_list": [ { "line": "dipPr163Gg! ID:master dipPr163Gg! PWD:dipPr163Gg!", @@ -3171,7 +3171,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.88, "line_data_list": [ { "line": "userid=master password=dipPr164Gg!", @@ -3196,7 +3196,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.989, "line_data_list": [ { "line": "ANY-username=master ANY-password=dipPr165Gg!", @@ -3221,7 +3221,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.806, + "ml_probability": 0.165, "line_data_list": [ { "line": "username:master pass:dipPr166Gg!", @@ -3246,7 +3246,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.796, + "ml_probability": 0.073, "line_data_list": [ { "line": "user=master pwd=dipPr168Gg!", @@ -3271,7 +3271,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.751, + "ml_probability": 0.55, "line_data_list": [ { "line": "Name:master,PW:dipPr169Gg!", @@ -3296,7 +3296,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.871, + "ml_probability": 0.297, "line_data_list": [ { "line": "user:master pass:dipPr172Gg!", @@ -3321,7 +3321,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.978, "line_data_list": [ { "line": "user=master password=dipPr174Gg!", @@ -3346,7 +3346,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.996, "line_data_list": [ { "line": "Host name:master/Password:dipPr175Gg!", @@ -3371,7 +3371,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.984, + "ml_probability": 0.955, "line_data_list": [ { "line": "role:master,password:dipPr176Gg!", @@ -3396,7 +3396,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.857, + "ml_probability": 0.662, "line_data_list": [ { "line": "Wifi Name:master,PW:dipPr177Gg!", @@ -3421,7 +3421,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 0.751, "line_data_list": [ { "line": "ID:master/Password:dipPr178Gg!", @@ -3446,7 +3446,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.992, "line_data_list": [ { "line": "name:master,password:dipPr179Gg!", @@ -3471,7 +3471,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.874, + "ml_probability": 0.733, "line_data_list": [ { "line": "Loging:master Password:dipPr180Gg!", @@ -3496,7 +3496,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.233, + "ml_probability": 0.014, "line_data_list": [ { "line": "Loging:master Pwd:dipPr181Gg!", @@ -3521,7 +3521,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.692, + "ml_probability": 0.62, "line_data_list": [ { "line": "id:master,default pw:dipPr182Gg!", @@ -3546,7 +3546,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.812, + "ml_probability": 0.653, "line_data_list": [ { "line": "id/pw id:master pw:dipPr185Gg!", @@ -3571,7 +3571,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.719, + "ml_probability": 0.045, "line_data_list": [ { "line": "user:master,pwd:dipPr186Gg!", @@ -3596,7 +3596,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.623, + "ml_probability": 0.458, "line_data_list": [ { "line": "username:master/pw:dipPr188Gg!", @@ -3621,7 +3621,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.872, + "ml_probability": 0.828, "line_data_list": [ { "line": "username:master pw:dipPr189Gg!", @@ -3646,7 +3646,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.732, + "ml_probability": 0.018, "line_data_list": [ { "line": "PW:dipPr190Gg! ID:master", @@ -3671,7 +3671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.922, + "ml_probability": 0.992, "line_data_list": [ { "line": "ANYid:master pw:dipPr194Gg! ip:98.76.54.32", @@ -3696,7 +3696,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.975, + "ml_probability": 0.976, "line_data_list": [ { "line": "id: master pw:dipPr197Gg!", @@ -3721,7 +3721,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.8, + "ml_probability": 0.316, "line_data_list": [ { "line": "id:master@example.com,pw:dipPr198Gg!", @@ -3746,7 +3746,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.937, + "ml_probability": 0.161, "line_data_list": [ { "line": "id:master@example.com,pw:IHQSB1GG!", @@ -3771,32 +3771,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.197, - "line_data_list": [ - { - "line": "ID/PW:master/iPp0@GRq", - "line_num": 1, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "", - "value": "master/iPp0@GRq", - "value_start": 6, - "value_end": 21, - "variable": "PW", - "variable_start": 3, - "variable_end": 5, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.717, + "ml_probability": 0.001, "line_data_list": [ { "line": "ID/Password:master/iPp2@GRq", @@ -3821,32 +3796,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.221, - "line_data_list": [ - { - "line": "ID/Pass:master/iPp3@GRq", - "line_num": 4, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "", - "value": "master/iPp3@GRq", - "value_start": 8, - "value_end": 23, - "variable": "Pass", - "variable_start": 3, - "variable_end": 7, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.443, + "ml_probability": 0.0, "line_data_list": [ { "line": "ID:PW=master:iPp4@GRq", @@ -3871,7 +3821,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.478, + "ml_probability": 0.0, "line_data_list": [ { "line": "ID/PW=master/iPp5@GRq", @@ -3896,7 +3846,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.949, + "ml_probability": 0.012, "line_data_list": [ { "line": "username/password:master/iPp7@GRq", @@ -3921,7 +3871,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.699, + "ml_probability": 0.001, "line_data_list": [ { "line": "id/passwd:master/iPp8@GRq", @@ -3946,7 +3896,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.739, + "ml_probability": 0.484, "line_data_list": [ { "line": "98.76.54.32(ID:master/PW:iPp10@GRq) # todo: move into other sample ?", @@ -3971,57 +3921,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.286, - "line_data_list": [ - { - "line": "\uc544\uc774\ub514/PW:master/iPp16@GRq", - "line_num": 17, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "", - "value": "master/iPp16@GRq", - "value_start": 7, - "value_end": 23, - "variable": "PW", - "variable_start": 4, - "variable_end": 6, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.433, - "line_data_list": [ - { - "line": "\uacc4\uc815/PW:master/iPp17@GRq", - "line_num": 18, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "", - "value": "master/iPp17@GRq", - "value_start": 6, - "value_end": 22, - "variable": "PW", - "variable_start": 3, - "variable_end": 5, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.967, + "ml_probability": 0.56, "line_data_list": [ { "line": "98.76.54.32 id/pw:master/iPp19@GRq", @@ -4046,57 +3946,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.086, - "line_data_list": [ - { - "line": "ID/PWD:master/iPp21@GRq", - "line_num": 22, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "", - "value": "master/iPp21@GRq", - "value_start": 7, - "value_end": 23, - "variable": "PWD", - "variable_start": 3, - "variable_end": 6, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.286, - "line_data_list": [ - { - "line": "user/pwd:master/iPp22@GRq", - "line_num": 23, - "path": "./tests/samples/doc_id_passwd_pair", - "info": "", - "value": "master/iPp22@GRq", - "value_start": 9, - "value_end": 25, - "variable": "pwd", - "variable_start": 5, - "variable_end": 8, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.625, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.666, + "ml_probability": 0.001, "line_data_list": [ { "line": "user/pass:master/iPp25@GRq", @@ -4121,7 +3971,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.918, + "ml_probability": 0.013, "line_data_list": [ { "line": "ID/Password=master/iPp27@GRq", @@ -4146,7 +3996,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.231, + "ml_probability": 0.0, "line_data_list": [ { "line": "ID/PW:master/iPp28@GRq", @@ -4171,7 +4021,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.911, + "ml_probability": 0.134, "line_data_list": [ { "line": "Password:Prl23Db#@", @@ -4196,7 +4046,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.507, + "ml_probability": 0.004, "line_data_list": [ { "line": "pw:Prl23Db#@", @@ -4221,7 +4071,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.918, + "ml_probability": 0.14, "line_data_list": [ { "line": "Password=Prl23Db#@", @@ -4246,7 +4096,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.508, + "ml_probability": 0.001, "line_data_list": [ { "line": "pwd:Prl23Db#@", @@ -4271,7 +4121,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 0.667, "line_data_list": [ { "line": "ANY_password=Prl23Db#@", @@ -4296,7 +4146,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.723, + "ml_probability": 0.007, "line_data_list": [ { "line": "pass:Prl23Db#@", @@ -4321,7 +4171,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 0.435, "line_data_list": [ { "line": "ANY-password=Prl23Db#@", @@ -4346,7 +4196,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.974, + "ml_probability": 0.988, "line_data_list": [ { "line": "master@98.76.54.32 password:Prl23Db#@", @@ -4371,7 +4221,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.869, + "ml_probability": 0.895, "line_data_list": [ { "line": "--Password Prl23Db#@", @@ -4396,7 +4246,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.659, + "ml_probability": 0.015, "line_data_list": [ { "line": "ANY_PW:Prl23Db#@", @@ -4421,7 +4271,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 0.943, "line_data_list": [ { "line": "default password:Prl23Db#@", @@ -4446,7 +4296,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.967, + "ml_probability": 0.728, "line_data_list": [ { "line": "\"password\":\"Prl23Db#@\"", @@ -4471,7 +4321,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.678, + "ml_probability": 0.001, "line_data_list": [ { "line": "Passwd:Prl23Db#@ Prl23Db#@", @@ -4496,7 +4346,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.297, + "ml_probability": 0.002, "line_data_list": [ { "line": "PW:Prl23Db#@,password:Prl23Db#@", @@ -4521,7 +4371,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.886, + "ml_probability": 0.005, "line_data_list": [ { "line": "PW:Prl23Db#@,password:Prl23Db#@", @@ -4546,7 +4396,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 0.183, "line_data_list": [ { "line": "password:Prl23Db#@,\ube44\ubc88:Prl23Db#@", @@ -4571,7 +4421,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.929, + "ml_probability": 0.014, "line_data_list": [ { "line": "passwd=Prl23Db#@", @@ -4596,7 +4446,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.97, + "ml_probability": 0.201, "line_data_list": [ { "line": "password:Prl23Db#@, paasword:Prl23Db#@", @@ -4621,7 +4471,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 0.394, "line_data_list": [ { "line": "password:Prl23Db#@,ANYPassword:Prl23Db#@", @@ -4646,7 +4496,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.93, + "ml_probability": 0.329, "line_data_list": [ { "line": "password:Prl23Db#@,ANYPassword:Prl23Db#@", @@ -4671,7 +4521,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.77, + "ml_probability": 0.01, "line_data_list": [ { "line": "Password:Prl23Db#@,pwd=Prl23Db#@", @@ -4696,7 +4546,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.829, + "ml_probability": 0.045, "line_data_list": [ { "line": "Password:Prl23Db#@,pwd=Prl23Db#@", @@ -4721,7 +4571,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.998, "line_data_list": [ { "line": "-password \"Prl23Db#@\"", @@ -4746,7 +4596,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.965, + "ml_probability": 0.62, "line_data_list": [ { "line": "ANY_password:Prl23Db#@", @@ -4771,7 +4621,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.937, + "ml_probability": 0.191, "line_data_list": [ { "line": "--password=Prl23Db#@", @@ -4796,7 +4646,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.969, + "ml_probability": 0.114, "line_data_list": [ { "line": "root/Prl23Db#@,root password:Prl23Db#@", @@ -4821,7 +4671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.925, + "ml_probability": 0.073, "line_data_list": [ { "line": "Prl23Db#@ username:Prl23Db#@,Prl23Db#@ password:Prl23Db#@", @@ -4846,7 +4696,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.861, + "ml_probability": 0.003, "line_data_list": [ { "line": "Prl23Db#@:password:Prl23Db#@", @@ -4871,7 +4721,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.764, "line_data_list": [ { "line": "ANYpassword=Prl23Db#@", @@ -4896,7 +4746,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.969, + "ml_probability": 0.464, "line_data_list": [ { "line": "passwords:Prl23Db#@", @@ -4921,7 +4771,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.986, + "ml_probability": 0.528, "line_data_list": [ { "line": "password=>Prl23Db#@", @@ -4946,7 +4796,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.674, + "ml_probability": 0.916, "line_data_list": [ { "line": "# password: keep empty", @@ -4996,7 +4846,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "token:AIhq5Xyb1Gga9Q2", @@ -5271,7 +5121,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "-Token:AIhq5Xyb1Gga9Q23", @@ -5346,7 +5196,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "access key:AIhq5Xyb1Gga9Q26", @@ -5421,7 +5271,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "ANY_key=AIhq5Xyb1Gga9Q29", @@ -5546,7 +5396,7 @@ "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { "line": "Authentication key:AIhq5Xyb1Gga9Q35", @@ -5571,7 +5421,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { "line": "Authentication key:AIhq5Xyb1Gga9Q35", @@ -5596,7 +5446,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.999, "line_data_list": [ { "line": "master@98.76.54.32(pw:IhqSb1Gg)", @@ -5621,7 +5471,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.968, + "ml_probability": 0.887, "line_data_list": [ { "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", @@ -5646,7 +5496,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.832, "line_data_list": [ { "line": "Password:master/IhqSb1Gg", @@ -5671,7 +5521,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 0.999, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (PW:IhqSb1Gg)", @@ -5746,7 +5596,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.999, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 pwd:IhqSb1Gg", @@ -5771,7 +5621,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.934, + "ml_probability": 0.979, "line_data_list": [ { "line": "\uacc4\uc815:master(PW:IhqSb1Gg)", @@ -5796,7 +5646,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.999, "line_data_list": [ { "line": "98.76.54.32(pw:IhqSb1Gg)", @@ -5821,7 +5671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "98.76.54.32/pw:IhqSb1Gg", @@ -5846,7 +5696,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.99, + "ml_probability": 0.967, "line_data_list": [ { "line": "ID:gildong.hong@example.com mailto:{1}/pw:IhqSb1Gg", @@ -5871,7 +5721,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.887, + "ml_probability": 0.228, "line_data_list": [ { "line": "ID:gildong.hong@any.example.com mailto:{1} PWD:IhqSb1Gg", @@ -5896,7 +5746,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.991, + "ml_probability": 0.999, "line_data_list": [ { "line": "sftp gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", @@ -5921,7 +5771,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.956, + "ml_probability": 0.996, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", @@ -5946,7 +5796,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": 0.806, "line_data_list": [ { "line": "-id:gildong.hong@example.com mailto:{1} -pwd:IhqSb1Gg", @@ -5971,7 +5821,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", @@ -6046,7 +5896,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 0.999, "line_data_list": [ { "line": "Key(ANYSecret):IhqSb1Gg", @@ -6071,7 +5921,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 0.999, "line_data_list": [ { "line": "Key(ANYSecret):IhqSb1Gg", @@ -6096,7 +5946,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "98.76.54.32 ANY_PW:IhqSb1Gg", @@ -6121,7 +5971,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": 0.998, "line_data_list": [ { "line": "98.76.54.32(ID/PW:IhqSb1Gg)", @@ -6146,7 +5996,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.942, + "ml_probability": 0.984, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 (pwd:IhqSb1Gg)", @@ -6171,7 +6021,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.999, "line_data_list": [ { "line": "password for master:IhqSb1Gg", @@ -6196,7 +6046,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 0.999, "line_data_list": [ { "line": "id:xxxx(ANYpw:IhqSb1Ga)", @@ -6221,7 +6071,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 1.0, "line_data_list": [ { "line": "gildong.hong@98.76.54.32,pw:IhqSb1Gg", @@ -6246,7 +6096,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 0.998, "line_data_list": [ { "line": "98.76.54.32:xxxx(PW:IhqSb1Gg)", @@ -6271,7 +6121,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.031, "line_data_list": [ { "line": "\uacc4\uc815/Password-xxxx:master/IhqSb1Gg", @@ -6296,7 +6146,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": 1.0, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 PW:IhqSb1Gg", @@ -6321,7 +6171,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "ANY_user:xxxx ANY_pwd:IhqSb1Gg", @@ -6371,7 +6221,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.995, "line_data_list": [ { "line": "Access wifi:xxxx(PW:IhqSb1Gg)", @@ -6396,7 +6246,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.996, "line_data_list": [ { "line": "-User:master -PasswordANY:IhqSb1Gg", @@ -6421,7 +6271,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "password(default:IhqSb1Gg)", @@ -6446,7 +6296,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.7, + "ml_probability": 0.122, "line_data_list": [ { "line": "98.76.54.32(ID/PW:master/IhqSb1Gg)", @@ -6471,7 +6321,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.265, + "ml_probability": 0.0, "line_data_list": [ { "line": "(ID&PWD):master/IhqSb1Gg", @@ -6496,7 +6346,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.999, "line_data_list": [ { "line": "master@98.76.54.32(pw:IhqSb1Gg)", @@ -6521,7 +6371,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 1.0, "line_data_list": [ { "line": "master@98.76.54.32,PW:IhqSb1Gg", @@ -6546,7 +6396,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "98.76.54.32 pw:IhqSb1Gg", @@ -6571,7 +6421,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "config:xxxx,PW:IhqSb1Gg", @@ -6596,7 +6446,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 1.0, "line_data_list": [ { "line": "scp gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", @@ -6621,7 +6471,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.999, "line_data_list": [ { "line": "id:gildong.hong@xxx.com mailto:{1} pw:IhqSb1Gg", @@ -6646,7 +6496,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 1.0, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", @@ -6671,7 +6521,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1},pw:IhqSb1Gg", @@ -6696,7 +6546,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 0.999, "line_data_list": [ { "line": "(ssh gildong.hong@98.76.54.32 mailto{1}) pwd:IhqSb1Gg", @@ -6721,7 +6571,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1}, pw:IhqSb1Gg", @@ -6746,7 +6596,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.984, + "ml_probability": 0.998, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (pwd:IhqSb1Gg)", @@ -6771,7 +6621,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 1.0, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", @@ -6796,7 +6646,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} Password:IhqSb1Gg", @@ -6821,7 +6671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.97, + "ml_probability": 0.997, "line_data_list": [ { "line": "gildong.hong@98.76.54.32 mailto:{1} (pass:IhqSb1Gg)", @@ -6846,7 +6696,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", @@ -6871,7 +6721,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pass:IhqSb1Gg", @@ -6946,7 +6796,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.987, "line_data_list": [ { "line": "-ANYID:gildong.hong@example.com mailto:{1} -pw:IhqSb1Gg", @@ -6971,7 +6821,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": 0.997, "line_data_list": [ { "line": "ID:gildong.hong@xxxx.net mailto:{1} pw:IhqSb1Gg", @@ -6996,7 +6846,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 0.999, "line_data_list": [ { "line": "http://98.76.54.32:xxx(pw:IhqSb1Gg)", @@ -7017,31 +6867,6 @@ } ] }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.0, - "line_data_list": [ - { - "line": " ", - "line_num": 7, - "path": "./tests/samples/drawio", - "info": "", - "value": "String<", - "value_start": 1188, - "value_end": 1197, - "variable": "password", - "variable_start": 1178, - "variable_end": 1186, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.595488890170944, - "valid": false - } - } - ] - }, { "rule": "Password", "severity": "medium", @@ -7096,7 +6921,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.93, + "ml_probability": 1.0, "line_data_list": [ { "line": " ", @@ -7117,11 +6942,36 @@ } ] }, + { + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.002, + "line_data_list": [ + { + "line": " ", + "line_num": 31, + "path": "./tests/samples/drawio", + "info": "", + "value": "&", + "value_start": 43, + "value_end": 47, + "variable": "secret", + "variable_start": 35, + "variable_end": 41, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 1.5, + "valid": false + } + } + ] + }, { "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.004, + "ml_probability": 0.979, "line_data_list": [ { "line": " ", @@ -7296,7 +7146,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", @@ -8355,7 +8205,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.991, "line_data_list": [ { "line": "+ \"password\": \"dkajco1\"", @@ -8530,7 +8380,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.997, "line_data_list": [ { "line": "prKeyValid=LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", @@ -8630,7 +8480,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { "line": "secret_looks_like_linux_path__=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE\"", @@ -9014,7 +8864,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "key_multi = '''KJHfdjs8767gr54534wsFHGf5hJKhK", @@ -9114,7 +8964,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.117, + "ml_probability": 0.005, "line_data_list": [ { "line": "password_id = 2938479", @@ -9139,7 +8989,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", @@ -9164,7 +9014,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", @@ -9189,7 +9039,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 0.632, "line_data_list": [ { "line": "password = \"cackle!\"", @@ -9214,7 +9064,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.991, "line_data_list": [ { "line": "+ \"password\": \"dkajco1\"", @@ -9239,7 +9089,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "password = \"MYPSWRD!@#$%^&*\"", @@ -9264,7 +9114,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.0, + "ml_probability": 0.09, "line_data_list": [ { "line": "MYSQLPASS: Ce7shE0ENPiBlE_EdEose0cBAA", @@ -9289,7 +9139,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.995, "line_data_list": [ { "line": "my_pw: nCzx8A8#!", @@ -9314,7 +9164,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.827, "line_data_list": [ { "line": "val password: String = \"exord13Paw64\", // scala", @@ -9339,7 +9189,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.266, + "ml_probability": 0.017, "line_data_list": [ { "line": "def connect(passwd: str = \"cq2tPr1a2\"): # python default arg", @@ -9364,7 +9214,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.687, + "ml_probability": 0.35, "line_data_list": [ { "line": "if passworsd == \"q4c1a2oPd\": # __eq__ separator", @@ -9389,7 +9239,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.875, "line_data_list": [ { "line": "if passworsd != \"x6s7djtEa\": # __ne__ separator", @@ -9439,7 +9289,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 1.0, "line_data_list": [ { "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", @@ -9464,7 +9314,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 1.0, "line_data_list": [ { "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", @@ -9514,7 +9364,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.991, "line_data_list": [ { "line": "+ \"password\": \"dkajco1\"", @@ -9539,7 +9389,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.959, + "ml_probability": 0.882, "line_data_list": [ { "line": "+ \"password\": \"dkajc\u00f61\"", @@ -9901,7 +9751,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.478, + "ml_probability": 0.001, "line_data_list": [ { "line": "pwd = \"cackle!\"", @@ -9976,7 +9826,7 @@ "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "salt1 = b\"\\x23!\\xae2389x&543@\"", @@ -10001,7 +9851,7 @@ "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.727, + "ml_probability": 0.904, "line_data_list": [ { "line": "salt2 = r\"\"\"\\0x12\\0x3s\"\"\"", @@ -10026,7 +9876,7 @@ "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.97, + "ml_probability": 0.998, "line_data_list": [ { "line": "salt3 = u\"\\u0020827634876\"", @@ -10051,7 +9901,7 @@ "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.897, + "ml_probability": 0.995, "line_data_list": [ { "line": "salt4 = {\"salt5\": \"my124%#$@s\\x04clt\\0\"}", @@ -10076,7 +9926,7 @@ "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.998, "line_data_list": [ { "line": "json_escaped = \"{\\\\\\\"salt8\\\\\\\":\\\\\\\"4b9a6d8b638eb0c6\\\\\\\"}\"", @@ -10101,7 +9951,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 0.977, "line_data_list": [ { "line": "TokenRequest", @@ -10151,7 +10001,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.998, "line_data_list": [ { "line": " ", @@ -10176,7 +10026,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.584, + "ml_probability": 0.002, "line_data_list": [ { "line": "secret = \"cackle!\"", @@ -10298,125 +10148,1000 @@ ] }, { - "rule": "Square Access Token", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.976, "line_data_list": [ { - "line": " \"SQT\": \"EAAAEEPtuW9FnP_CuCV-3DFPB54M7YWBUVEFOWKPRVMWEJYMODIDAEX4FASS64NF\",", + "line": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'SqLpa5sW0rD';", "line_num": 1, - "path": "./tests/samples/square_access_token", + "path": "./tests/samples/sql_password", "info": "", - "value": "EAAAEEPtuW9FnP_CuCV-3DFPB54M7YWBUVEFOWKPRVMWEJYMODIDAEX4FASS64NF", - "value_start": 12, - "value_end": 76, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 72, + "value_end": 83, + "variable": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY", + "variable_start": 0, + "variable_end": 70, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.472678031846025, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Square Credentials", + "rule": "SQL Password", "severity": "medium", - "confidence": "strong", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 0.995, "line_data_list": [ { - "line": "sq0atp-GIREOGICRACKLE12145178", - "line_num": 1, - "path": "./tests/samples/square_client_id", + "line": "'create user name identified by 'SqLpa5sW0rD' --", + "line_num": 2, + "path": "./tests/samples/sql_password", "info": "", - "value": "sq0atp-GIREOGICRACKLE12145178", - "value_start": 0, - "value_end": 29, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "create user name identified by", + "variable_start": 1, + "variable_end": 31, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.181675184876157, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Square Credentials", + "rule": "SQL Password", "severity": "medium", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ - { - "line": "20241204_112356 Colored line: \"\u001b[94msq0csp-ST2dsfwyVI7Ydj343EY72hb48ehKQINMST2ds_fwyVI\u001b[0m\";", - "line_num": 1, - "path": "./tests/samples/square_oauth_secret", - "info": "", - "value": "sq0csp-ST2dsfwyVI7Ydj343EY72hb48ehKQINMST2ds_fwyVI", - "value_start": 36, - "value_end": 86, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.5328086920539254, - "valid": true - } - } - ] - }, - { - "rule": "Stripe Credentials", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 0.986, "line_data_list": [ { - "line": "pk_test_Tph4NiI7TYooMQaujxvdEDq5", + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", "line_num": 3, - "path": "./tests/samples/stripe_credentials", + "path": "./tests/samples/sql_password", "info": "", - "value": "pk_test_Tph4NiI7TYooMQaujxvdEDq5", - "value_start": 0, - "value_end": 32, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.09375, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Stripe Credentials", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.99, "line_data_list": [ { - "line": "rk_live_TsS4QI2dNfwyVM7YdjI78ehK", + "line": "\uff1a`CREATE USER 'haproxy'@'%' IDENTIFIED BY 'SqLpa5sW0rD';`", "line_num": 4, - "path": "./tests/samples/stripe_credentials", + "path": "./tests/samples/sql_password", "info": "", - "value": "rk_live_TsS4QI2dNfwyVM7YdjI78ehK", - "value_start": 0, - "value_end": 32, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE USER 'haproxy'@'%' IDENTIFIED BY", + "variable_start": 2, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.4375, + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.986, + "line_data_list": [ + { + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", + "line_num": 5, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "expected_statement = \"\"\"CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", + "line_num": 6, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 65, + "value_end": 76, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 24, + "variable_end": 63, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", + "line_num": 8, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 41, + "value_end": 52, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 0, + "variable_end": 39, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "PASSWORD", + "variable_start": 26, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "ALTER LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 36, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.979, + "line_data_list": [ + { + "line": "ALTER ROLE postgres PASSWORD 'SqLpa5sW0rD'; SELECT pg_reload_conf()\"", + "line_num": 10, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 30, + "value_end": 41, + "variable": "ALTER ROLE postgres PASSWORD", + "variable_start": 0, + "variable_end": 28, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.998, + "line_data_list": [ + { + "line": "ALTER USER username WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 11, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "ALTER USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 33, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "PASSWORD", + "variable_start": 27, + "variable_end": 35, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "CREATE LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 37, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER chuck WITH PASSWORD 'SqLpa5sW0rD' SUPERUSER;", + "line_num": 13, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "CREATE USER chuck WITH PASSWORD", + "variable_start": 0, + "variable_end": 31, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD 'SqLpa5sW0rD' NOSUPERUSER;", + "line_num": 14, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 47, + "value_end": 58, + "variable": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD", + "variable_start": 0, + "variable_end": 45, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER myuser WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 15, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "CREATE USER myuser WITH PASSWORD", + "variable_start": 0, + "variable_end": 32, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "CREATE USER username WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 16, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 36, + "value_end": 47, + "variable": "CREATE USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.971, + "line_data_list": [ + { + "line": "ALTER USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 17, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 49, + "value_end": 60, + "variable": "ALTER USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 47, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.84, + "line_data_list": [ + { + "line": "ALTER USER 'super_user'@'10.10.10.%' identified by 'SqLpa5sW0rD';", + "line_num": 18, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "ALTER USER 'super_user'@'10.10.10.%' identified by", + "variable_start": 0, + "variable_end": 50, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.981, + "line_data_list": [ + { + "line": "ALTER USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 19, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "ALTER USER username IDENTIFIED BY", + "variable_start": 0, + "variable_end": 33, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.998, + "line_data_list": [ + { + "line": "CREATE USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 20, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "CREATE USER username IDENTIFIED BY", + "variable_start": 0, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.997, + "line_data_list": [ + { + "line": "CREATE USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 21, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 50, + "value_end": 61, + "variable": "CREATE USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 48, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.994, + "line_data_list": [ + { + "line": "mysql -u root -pdbadmin -e \"CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';\"\u2013 ", + "line_num": 22, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 79, + "value_end": 90, + "variable": "CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY", + "variable_start": 28, + "variable_end": 77, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ + { + "line": "-c \"CREATE ROLE scram_test login password 'SqLpa5sW0rD'\"", + "line_num": 23, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE ROLE scram_test login password", + "variable_start": 4, + "variable_end": 41, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.999, + "line_data_list": [ + { + "line": "CREATE ROLE app_admin WITH LOGIN PASSWORD SqLpa5sW0rD;", + "line_num": 24, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 42, + "value_end": 53, + "variable": "CREATE ROLE app_admin WITH LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 41, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.999, + "line_data_list": [ + { + "line": "CREATE ROLE flask_admin_geo LOGIN PASSWORD 'SqLpa5sW0rD';", + "line_num": 25, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 44, + "value_end": 55, + "variable": "CREATE ROLE flask_admin_geo LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 42, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.904, + "line_data_list": [ + { + "line": "create role forum_example_graph_demo login password 'SqLpa5sW0rD';", + "line_num": 26, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 53, + "value_end": 64, + "variable": "create role forum_example_graph_demo login password", + "variable_start": 0, + "variable_end": 51, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.956, + "line_data_list": [ + { + "line": "create role forum_example_graph login password 'SqLpa5sW0rD';", + "line_num": 27, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 48, + "value_end": 59, + "variable": "create role forum_example_graph login password", + "variable_start": 0, + "variable_end": 46, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.814, + "line_data_list": [ + { + "line": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD('SqLpa5sW0rD');", + "line_num": 28, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD", + "variable_start": 0, + "variable_end": 50, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.852, + "line_data_list": [ + { + "line": "insert into mysql.user values(PASSWORD('SqLpa5sW0rD') );", + "line_num": 29, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 40, + "value_end": 51, + "variable": "insert into mysql.user values(PASSWORD", + "variable_start": 0, + "variable_end": 38, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.016, + "line_data_list": [ + { + "line": "UPDATE mysql.user SET authentication_string = PASSWORD ('SqLpa5sW0rD') WHERE User = 'username';", + "line_num": 30, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD", + "value_start": 57, + "value_end": 68, + "variable": "UPDATE mysql.user SET authentication_string = PASSWORD", + "variable_start": 0, + "variable_end": 54, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.001, + "line_data_list": [ + { + "line": "\"ALTER USER 'test'@'1.1.1.1' IDENTIFIED WITH 'mysql_native_password' AS '*SqLpa5sW0rD' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK;\",", + "line_num": 31, + "path": "./tests/samples/sql_password", + "info": "", + "value": "EXPIRE", + "value_start": 109, + "value_end": 115, + "variable": "ALTER USER 'test'@'1.1.1.1' IDENTIFIED WITH 'mysql_native_password' AS '*SqLpa5sW0rD' REQUIRE NONE PASSWORD", + "variable_start": 1, + "variable_end": 108, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.2516291673878226, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.136, + "line_data_list": [ + { + "line": "sh -c 'echo CREATE USER typeorm_mg IDENTIFIED BY SqLpa5sW0rD\\; >>tmp.sql;'", + "line_num": 32, + "path": "./tests/samples/sql_password", + "info": "", + "value": "SqLpa5sW0rD\\;", + "value_start": 49, + "value_end": 62, + "variable": "CREATE USER typeorm_mg IDENTIFIED BY", + "variable_start": 12, + "variable_end": 48, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.13114129996554, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.003, + "line_data_list": [ + { + "line": "ALTER USER 'super_user'@'10.10.%' PASSWORD EXPIRE INTERVAL 90 DAY;", + "line_num": 34, + "path": "./tests/samples/sql_password", + "info": "", + "value": "EXPIRE", + "value_start": 43, + "value_end": 49, + "variable": "ALTER USER 'super_user'@'10.10.%' PASSWORD", + "variable_start": 0, + "variable_end": 42, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.2516291673878226, + "valid": false + } + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.036, + "line_data_list": [ + { + "line": "ALTER USER 'username'@'%' PASSWORD EXPIRE INTERVAL 90 DAY;", + "line_num": 36, + "path": "./tests/samples/sql_password", + "info": "", + "value": "EXPIRE", + "value_start": 35, + "value_end": 41, + "variable": "ALTER USER 'username'@'%' PASSWORD", + "variable_start": 0, + "variable_end": 34, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.2516291673878226, + "valid": false + } + } + ] + }, + { + "rule": "Square Access Token", + "severity": "high", + "confidence": "moderate", + "ml_probability": null, + "line_data_list": [ + { + "line": " \"SQT\": \"EAAAEEPtuW9FnP_CuCV-3DFPB54M7YWBUVEFOWKPRVMWEJYMODIDAEX4FASS64NF\",", + "line_num": 1, + "path": "./tests/samples/square_access_token", + "info": "", + "value": "EAAAEEPtuW9FnP_CuCV-3DFPB54M7YWBUVEFOWKPRVMWEJYMODIDAEX4FASS64NF", + "value_start": 12, + "value_end": 76, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.472678031846025, + "valid": false + } + } + ] + }, + { + "rule": "Square Credentials", + "severity": "medium", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "sq0atp-GIREOGICRACKLE12145178", + "line_num": 1, + "path": "./tests/samples/square_client_id", + "info": "", + "value": "sq0atp-GIREOGICRACKLE12145178", + "value_start": 0, + "value_end": 29, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.181675184876157, + "valid": false + } + } + ] + }, + { + "rule": "Square Credentials", + "severity": "medium", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "20241204_112356 Colored line: \"\u001b[94msq0csp-ST2dsfwyVI7Ydj343EY72hb48ehKQINMST2ds_fwyVI\u001b[0m\";", + "line_num": 1, + "path": "./tests/samples/square_oauth_secret", + "info": "", + "value": "sq0csp-ST2dsfwyVI7Ydj343EY72hb48ehKQINMST2ds_fwyVI", + "value_start": 36, + "value_end": 86, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.5328086920539254, + "valid": true + } + } + ] + }, + { + "rule": "Stripe Credentials", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "pk_test_Tph4NiI7TYooMQaujxvdEDq5", + "line_num": 3, + "path": "./tests/samples/stripe_credentials", + "info": "", + "value": "pk_test_Tph4NiI7TYooMQaujxvdEDq5", + "value_start": 0, + "value_end": 32, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE36_CHARS", + "entropy": 3.09375, + "valid": true + } + } + ] + }, + { + "rule": "Stripe Credentials", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "rk_live_TsS4QI2dNfwyVM7YdjI78ehK", + "line_num": 4, + "path": "./tests/samples/stripe_credentials", + "info": "", + "value": "rk_live_TsS4QI2dNfwyVM7YdjI78ehK", + "value_start": 0, + "value_end": 32, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.4375, "valid": false } } @@ -10676,7 +11401,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.997, "line_data_list": [ { "line": "gi_reo_gi_token = \"G1Re06G1BdgNseiJDN21Z094M\"", @@ -10701,7 +11426,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.994, "line_data_list": [ { "line": "Token-> DemoToken: Nxs094M3ed2s1Re0F4M3ed2GZ8M= <- for User : demo", @@ -10801,7 +11526,7 @@ "rule": "URL Credentials", "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "url: mongodb://jrfdeg:dh3sjr8b@prod-best-sec.example.com:32768/architecture", @@ -10876,7 +11601,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.27, + "ml_probability": 0.031, "line_data_list": [ { "line": "// \"fp://no.host.real/any/path/to/nowhere/\",\"key\":\"f45VgF8jX79o@anydata.com\"", @@ -10901,7 +11626,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.999, "line_data_list": [ { "line": "39084?Credential=546DFS64N90P3AW7DX&key=3487263-2384579834-234732875-345&hasToBefound=2", @@ -10951,7 +11676,7 @@ "rule": "URL Credentials", "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.998, "line_data_list": [ { "line": "email_as_login = \"smtps://example@gmail.com:FnD83JZs@smtp.gmail.com:465\";", @@ -10976,7 +11701,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "url3d = \"https://localhost.com/013948?26timestamp%3D1395782596%26token%3Dh1d3Me4ch534d801sl3jdk%26version%3D3.14%26si\";", @@ -11176,7 +11901,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { "line": "password : cackle!", @@ -11201,7 +11926,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.008, + "ml_probability": 0.003, "line_data_list": [ { "line": "password : peace_for_ukraine", diff --git a/tests/data/output.json b/tests/data/output.json index 61d2c83d7..158a05333 100644 --- a/tests/data/output.json +++ b/tests/data/output.json @@ -28,7 +28,7 @@ "rule": "API", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.996, "line_data_list": [ { "line": "gi_reo_gi_api = \"DvMB_glvwjlEQ_uqIyn8k\";", @@ -178,7 +178,7 @@ "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.998, "line_data_list": [ { "line": "\"kerberos_authentication\": \"YI7IB6wYJgaMgHAgIKoZI2AQBuIh2cSA0IB1qA\"", @@ -228,7 +228,7 @@ "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.999, "line_data_list": [ { "line": "headers = {authorization: /oauth_signature=\"JgEWaL6V6eM%2FFb9wuXG4I3IB6wY%3D\"/, content_type: 'application/json; charset=utf-8'}", @@ -416,6 +416,31 @@ } ] }, + { + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.695, + "line_data_list": [ + { + "line": " \"AwsAccessKey\": \"AKIAGIREOGIAWSKEY123\",", + "line_num": 2, + "path": "./tests/samples/aws_multi.json", + "info": "", + "value": "AKIAGIREOGIAWSKEY123", + "value_start": 21, + "value_end": 41, + "variable": "AwsAccessKey", + "variable_start": 5, + "variable_end": 17, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.546439344671015, + "valid": false + } + } + ] + }, { "rule": "AWS Client ID", "severity": "high", @@ -487,7 +512,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.858, + "ml_probability": 0.997, "line_data_list": [ { "line": " \"AwsAccessKey2\": \"AKIAGIREOGIAWSKEY555\",", @@ -550,56 +575,6 @@ } ] }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.995, - "line_data_list": [ - { - "line": " \"AwsSecretKey\":\"CrackleGiReoGi123CrackleGiReoGi123AWSkey\",", - "line_num": 4, - "path": "./tests/samples/aws_multi.json", - "info": "", - "value": "CrackleGiReoGi123CrackleGiReoGi123AWSkey", - "value_start": 20, - "value_end": 60, - "variable": "AwsSecretKey", - "variable_start": 5, - "variable_end": 17, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.012814895472355, - "valid": false - } - } - ] - }, - { - "rule": "Secret", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.995, - "line_data_list": [ - { - "line": " \"AwsSecretKey\":\"CrackleGiReoGi123CrackleGiReoGi123AWSkey\",", - "line_num": 4, - "path": "./tests/samples/aws_multi.json", - "info": "", - "value": "CrackleGiReoGi123CrackleGiReoGi123AWSkey", - "value_start": 20, - "value_end": 60, - "variable": "AwsSecretKey", - "variable_start": 5, - "variable_end": 17, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.012814895472355, - "valid": false - } - } - ] - }, { "rule": "AWS Client ID", "severity": "high", @@ -679,7 +654,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.98, + "ml_probability": 0.727, "line_data_list": [ { "line": " \"unicode_url\": \"https://iufurvyh.google.com/v1/projects/29182364324/clients?key=HrPioECfMsa602sfDyhzzIWok\\u0026amp;alt=json\\u003c/a\\u003e\\u003c/p\\u003e\\n\"", @@ -796,7 +771,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": " \"SecretAccessKey\" : \"RMkMm8niUJ1iuhyugy3fFt5rtrf7GFQ9xz1\",", @@ -821,7 +796,7 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": " \"SecretAccessKey\" : \"RMkMm8niUJ1iuhyugy3fFt5rtrf7GFQ9xz1\",", @@ -896,7 +871,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.626, "line_data_list": [ { "line": "AWS_MWS_KEY = \"amzn.mws.c1dg4haz-6xd6-4gqi-vna2-ed3whf71x9k6\"", @@ -1271,7 +1246,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.713, + "ml_probability": 0.999, "line_data_list": [ { "line": "\"Bitbucket Repository Access Token\" : \"ATCTT3xFfGN0zXtbKHz2POF86xa-2aBiYC4o_T3-myk01bmFVluUIFtGm_VFQwLizp4o1FKw-AMZhtdA0NzizshnA8WzRdfgv6GeTyowCD101oqKbJ4nx9DFsar5YyUNkwO9maR9-00tQvfciyfOHtPKG6K1d76Ki3iFo7roGeyJu4j1jM3GwQ4=EDDE81AD\"", @@ -1296,7 +1271,7 @@ "rule": "Certificate", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { "line": "const certificatePEM := 'LS0tLS1CRUdJTiBDRVJUSUZ0VLQW9JQkFRRFkwYzFUS0I1b1pQd1EKN3QxQ3dNSXJ2cUI2R0lVM3RQeTZSaGNrWlhUa09COFllQldKN1VLZkN6OEhHZJQ0FURS0tLS0tCk1JSUMrekND'", @@ -1317,6 +1292,31 @@ } ] }, + { + "rule": "CMD Password", + "severity": "high", + "confidence": "moderate", + "ml_probability": 0.901, + "line_data_list": [ + { + "line": "gpg --decrypt --passphrase N1DdkUD3E73 --output decrypted.txt encrypted.txt.gpg", + "line_num": 1, + "path": "./tests/samples/cmd_credential", + "info": "", + "value": "N1DdkUD3E73", + "value_start": 27, + "value_end": 38, + "variable": "passphrase", + "variable_start": 16, + "variable_end": 26, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.0957952550009344, + "valid": false + } + } + ] + }, { "rule": "CMD Password", "severity": "high", @@ -1346,7 +1346,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.751, + "ml_probability": 0.964, "line_data_list": [ { "line": "-Domain 'localhost' -Password 'Sjdn43ss@!'", @@ -1371,7 +1371,7 @@ "rule": "CMD Secret", "severity": "high", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "--super-secret_token 1ace4d19-fa7e-b4e2-c3f0-9129474bcd81", @@ -1396,7 +1396,7 @@ "rule": "CMD Token", "severity": "high", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": 0.999, "line_data_list": [ { "line": "--super-secret_token 1ace4d19-fa7e-b4e2-c3f0-9129474bcd81", @@ -1446,7 +1446,32 @@ "rule": "CMD ConvertTo-SecureString", "severity": "high", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 0.997, + "line_data_list": [ + { + "line": "ConvertTo-SecureString -String -Force dsjUE#$gds8s", + "line_num": 1, + "path": "./tests/samples/cmd_secure_string", + "info": "", + "value": "dsjUE#$gds8s", + "value_start": 38, + "value_end": 50, + "variable": "ConvertTo-SecureString -String -Force", + "variable_start": 0, + "variable_end": 37, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.4245614587540074, + "valid": false + } + } + ] + }, + { + "rule": "CMD ConvertTo-SecureString", + "severity": "high", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { "line": "\"ConvertTo-SecureString \\\"4yd21JKH~GE8dkd\\\"\"", @@ -1471,7 +1496,7 @@ "rule": "Credential", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.999, "line_data_list": [ { "line": "gi_reo_gi_credential = \"K2u6mFw8wJOsAf\"", @@ -1596,32 +1621,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.744, - "line_data_list": [ - { - "line": "Username:master Password:dipPr13Gg!", - "line_num": 4, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr13Gg!", - "value_start": 25, - "value_end": 35, - "variable": "Password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.977, + "ml_probability": 0.864, "line_data_list": [ { "line": "id:master,password:dipPr14Gg!", @@ -1646,32 +1646,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.704, - "line_data_list": [ - { - "line": "ID:master/PW:dipPr15Gg!", - "line_num": 6, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr15Gg!", - "value_start": 13, - "value_end": 23, - "variable": "PW", - "variable_start": 10, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.989735285398626, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.855, "line_data_list": [ { "line": "id:master password:dipPr16Gg!", @@ -1696,7 +1671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.874, "line_data_list": [ { "line": "user:master password:dipPr17Gg!", @@ -1721,7 +1696,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.893, "line_data_list": [ { "line": "username:master,password:dipPr19Gg!", @@ -1746,57 +1721,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.873, - "line_data_list": [ - { - "line": "ANYid:master,password:dipPr111Gg!", - "line_num": 12, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr111Gg!", - "value_start": 22, - "value_end": 33, - "variable": "password", - "variable_start": 13, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.7126753349281376, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.981, - "line_data_list": [ - { - "line": "user id:master password:dipPr113Gg!", - "line_num": 14, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr113Gg!", - "value_start": 24, - "value_end": 35, - "variable": "password", - "variable_start": 15, - "variable_end": 23, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.978, + "ml_probability": 0.708, "line_data_list": [ { "line": "user:master,password:dipPr114Gg!", @@ -1821,7 +1746,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 0.915, "line_data_list": [ { "line": "user=master,password=dipPr115Gg!", @@ -1846,7 +1771,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.971, + "ml_probability": 0.704, "line_data_list": [ { "line": "username=master password=dipPr116Gg!", @@ -1871,32 +1796,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.917, - "line_data_list": [ - { - "line": "User name:master Password:dipPr117Gg!", - "line_num": 18, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr117Gg!", - "value_start": 26, - "value_end": 37, - "variable": "Password", - "variable_start": 17, - "variable_end": 25, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.948, + "ml_probability": 0.738, "line_data_list": [ { "line": "username=master,password=dipPr118Gg!", @@ -1921,7 +1821,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 0.876, "line_data_list": [ { "line": "--user=master --password=dipPr119Gg!", @@ -1946,36 +1846,11 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.889, + "ml_probability": 0.912, "line_data_list": [ { - "line": "user=master passwd=dipPr120Gg!", - "line_num": 21, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr120Gg!", - "value_start": 19, - "value_end": 30, - "variable": "passwd", - "variable_start": 12, - "variable_end": 18, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ - { - "line": "account:dipPr121Gg! password:dipPr121Gg!", - "line_num": 22, + "line": "account:dipPr121Gg! password:dipPr121Gg!", + "line_num": 22, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "", "value": "dipPr121Gg!", @@ -1996,82 +1871,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.652, - "line_data_list": [ - { - "line": "id:master pass:dipPr122Gg!", - "line_num": 23, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr122Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pass", - "variable_start": 10, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.847, - "line_data_list": [ - { - "line": "user:master pw:dipPr124Gg!", - "line_num": 25, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr124Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.828, - "line_data_list": [ - { - "line": "Username:master/Password:dipPr125Gg!", - "line_num": 26, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr125Gg!", - "value_start": 25, - "value_end": 36, - "variable": "Password", - "variable_start": 16, - "variable_end": 24, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.98, + "ml_probability": 0.767, "line_data_list": [ { "line": "userId:master,password:dipPr126Gg!", @@ -2096,7 +1896,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.999, "line_data_list": [ { "line": "--user master --password dipPr127Gg!", @@ -2121,32 +1921,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.929, - "line_data_list": [ - { - "line": "dipPr128Gg! ID:master dipPr128Gg! Password:dipPr128Gg!", - "line_num": 29, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr128Gg!", - "value_start": 43, - "value_end": 54, - "variable": "Password", - "variable_start": 34, - "variable_end": 42, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.911, + "ml_probability": 0.909, "line_data_list": [ { "line": "ANYid:master,pw:dipPr129Gg!", @@ -2171,32 +1946,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.78, - "line_data_list": [ - { - "line": "user:master pwd:dipPr130Gg!", - "line_num": 31, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr130Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pwd", - "variable_start": 12, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.948, + "ml_probability": 0.847, "line_data_list": [ { "line": "ANYID:master Password:dipPr132Gg!", @@ -2221,32 +1971,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.82, - "line_data_list": [ - { - "line": "-Username:master -Password:dipPr133Gg!", - "line_num": 34, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr133Gg!", - "value_start": 27, - "value_end": 38, - "variable": "Password", - "variable_start": 18, - "variable_end": 26, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.933, "line_data_list": [ { "line": "account:dipPr134Gg! pw:dipPr134Gg!", @@ -2271,7 +1996,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.905, + "ml_probability": 0.791, "line_data_list": [ { "line": "user id:master user pw:dipPr135Gg!", @@ -2296,7 +2021,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.973, + "ml_probability": 0.733, "line_data_list": [ { "line": "user_name=master password=dipPr136Gg!", @@ -2321,7 +2046,7 @@ "rule": "CMD Password", "severity": "high", "confidence": "moderate", - "ml_probability": 0.99, + "ml_probability": 0.999, "line_data_list": [ { "line": "--username master --password dipPr137Gg!", @@ -2346,7 +2071,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.992, "line_data_list": [ { "line": "ANYlogin:master,ANYpassword:dipPr138Gg!", @@ -2396,7 +2121,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.959, + "ml_probability": 0.687, "line_data_list": [ { "line": "ID:master/PASS:dipPr141Gg!", @@ -2421,32 +2146,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, - "line_data_list": [ - { - "line": "account:master passwd:dipPr142Gg!", - "line_num": 43, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr142Gg!", - "value_start": 22, - "value_end": 33, - "variable": "passwd", - "variable_start": 15, - "variable_end": 21, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.955, + "ml_probability": 0.726, "line_data_list": [ { "line": "login:master password:dipPr143Gg!", @@ -2471,32 +2171,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.863, - "line_data_list": [ - { - "line": "user=master,pass=dipPr144Gg!", - "line_num": 45, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr144Gg!", - "value_start": 17, - "value_end": 28, - "variable": "pass", - "variable_start": 12, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.971, "line_data_list": [ { "line": "password:dipPr145Gg! username:master", @@ -2521,7 +2196,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.935, + "ml_probability": 0.846, "line_data_list": [ { "line": "Login as:master Password:dipPr146Gg!", @@ -2546,32 +2221,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.917, - "line_data_list": [ - { - "line": "ID:master,pass:dipPr147Gg!", - "line_num": 48, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr147Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pass", - "variable_start": 10, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.888, + "ml_probability": 0.761, "line_data_list": [ { "line": "id:master pw:dipPr148Gg!", @@ -2596,7 +2246,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.664, + "ml_probability": 0.803, "line_data_list": [ { "line": "(98.76.54.32)ID:master PW:dipPr149Gg!", @@ -2621,32 +2271,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.854, - "line_data_list": [ - { - "line": "-id:master -pw:dipPr151Gg!", - "line_num": 52, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr151Gg!", - "value_start": 15, - "value_end": 26, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.794, + "ml_probability": 0.666, "line_data_list": [ { "line": "username:master pw:dipPr152Gg!", @@ -2671,7 +2296,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.956, + "ml_probability": 0.842, "line_data_list": [ { "line": "-User Name:master -Password:dipPr154Gg!", @@ -2721,7 +2346,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.921, + "ml_probability": 0.961, "line_data_list": [ { "line": "ANYuser=master ANY_pass=dipPr156Gg!", @@ -2746,7 +2371,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.995, + "ml_probability": 0.989, "line_data_list": [ { "line": "ANYUser:master password:dipPr157Gg!", @@ -2767,31 +2392,6 @@ } ] }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.802, - "line_data_list": [ - { - "line": "user:master,pwd:dipPr158Gg!", - "line_num": 59, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr158Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pwd", - "variable_start": 12, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, { "rule": "Password", "severity": "medium", @@ -2821,7 +2421,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.97, "line_data_list": [ { "line": "ANYusername:master,ANY_password:dipPr160Gg!", @@ -2846,7 +2446,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.892, + "ml_probability": 0.656, "line_data_list": [ { "line": "ANY_USER=master ANY_PASS=dipPr161Gg!", @@ -2871,32 +2471,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.985, - "line_data_list": [ - { - "line": "User Account:master User password:dipPr162Gg!", - "line_num": 63, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr162Gg!", - "value_start": 34, - "value_end": 45, - "variable": "password", - "variable_start": 25, - "variable_end": 33, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.88, "line_data_list": [ { "line": "userid=master password=dipPr164Gg!", @@ -2921,7 +2496,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.989, "line_data_list": [ { "line": "ANY-username=master ANY-password=dipPr165Gg!", @@ -2946,107 +2521,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.806, - "line_data_list": [ - { - "line": "username:master pass:dipPr166Gg!", - "line_num": 67, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr166Gg!", - "value_start": 21, - "value_end": 32, - "variable": "pass", - "variable_start": 16, - "variable_end": 20, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.796, - "line_data_list": [ - { - "line": "user=master pwd=dipPr168Gg!", - "line_num": 69, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr168Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pwd", - "variable_start": 12, - "variable_end": 15, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.751, - "line_data_list": [ - { - "line": "Name:master,PW:dipPr169Gg!", - "line_num": 70, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr169Gg!", - "value_start": 15, - "value_end": 26, - "variable": "PW", - "variable_start": 12, - "variable_end": 14, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.871, - "line_data_list": [ - { - "line": "user:master pass:dipPr172Gg!", - "line_num": 73, - "path": "./tests/samples/doc_id_pair_passwd_pair", - "info": "", - "value": "dipPr172Gg!", - "value_start": 17, - "value_end": 28, - "variable": "pass", - "variable_start": 12, - "variable_end": 16, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.978, "line_data_list": [ { "line": "user=master password=dipPr174Gg!", @@ -3071,7 +2546,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 0.996, "line_data_list": [ { "line": "Host name:master/Password:dipPr175Gg!", @@ -3096,7 +2571,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.984, + "ml_probability": 0.955, "line_data_list": [ { "line": "role:master,password:dipPr176Gg!", @@ -3121,7 +2596,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.857, + "ml_probability": 0.662, "line_data_list": [ { "line": "Wifi Name:master,PW:dipPr177Gg!", @@ -3146,7 +2621,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 0.751, "line_data_list": [ { "line": "ID:master/Password:dipPr178Gg!", @@ -3171,7 +2646,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.992, "line_data_list": [ { "line": "name:master,password:dipPr179Gg!", @@ -3196,7 +2671,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.874, + "ml_probability": 0.733, "line_data_list": [ { "line": "Loging:master Password:dipPr180Gg!", @@ -3221,19 +2696,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.692, + "ml_probability": 0.653, "line_data_list": [ { - "line": "id:master,default pw:dipPr182Gg!", - "line_num": 83, + "line": "id/pw id:master pw:dipPr185Gg!", + "line_num": 86, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "", - "value": "dipPr182Gg!", - "value_start": 21, - "value_end": 32, + "value": "dipPr185Gg!", + "value_start": 19, + "value_end": 30, "variable": "pw", - "variable_start": 18, - "variable_end": 20, + "variable_start": 16, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.1449378351248165, @@ -3246,14 +2721,14 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.812, + "ml_probability": 0.828, "line_data_list": [ { - "line": "id/pw id:master pw:dipPr185Gg!", - "line_num": 86, + "line": "username:master pw:dipPr189Gg!", + "line_num": 90, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "", - "value": "dipPr185Gg!", + "value": "dipPr189Gg!", "value_start": 19, "value_end": 30, "variable": "pw", @@ -3271,18 +2746,18 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.719, + "ml_probability": 0.992, "line_data_list": [ { - "line": "user:master,pwd:dipPr186Gg!", - "line_num": 87, + "line": "ANYid:master pw:dipPr194Gg! ip:98.76.54.32", + "line_num": 95, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "", - "value": "dipPr186Gg!", + "value": "dipPr194Gg!", "value_start": 16, "value_end": 27, - "variable": "pwd", - "variable_start": 12, + "variable": "pw", + "variable_start": 13, "variable_end": 15, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", @@ -3296,22 +2771,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.623, + "ml_probability": 0.976, "line_data_list": [ { - "line": "username:master/pw:dipPr188Gg!", - "line_num": 89, + "line": "id: master pw:dipPr197Gg!", + "line_num": 98, "path": "./tests/samples/doc_id_pair_passwd_pair", "info": "", - "value": "dipPr188Gg!", - "value_start": 19, - "value_end": 30, + "value": "dipPr197Gg!", + "value_start": 14, + "value_end": 25, "variable": "pw", - "variable_start": 16, - "variable_end": 18, + "variable_start": 11, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.963119653306635, + "entropy": 3.1449378351248165, "valid": false } } @@ -3321,22 +2796,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.872, + "ml_probability": 0.667, "line_data_list": [ { - "line": "username:master pw:dipPr189Gg!", - "line_num": 90, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "ANY_password=Prl23Db#@", + "line_num": 8, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "dipPr189Gg!", - "value_start": 19, - "value_end": 30, - "variable": "pw", - "variable_start": 16, - "variable_end": 18, + "value": "Prl23Db#@", + "value_start": 13, + "value_end": 22, + "variable": "ANY_password", + "variable_start": 0, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } @@ -3346,47 +2821,47 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.732, + "ml_probability": 0.988, "line_data_list": [ { - "line": "PW:dipPr190Gg! ID:master", - "line_num": 91, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "master@98.76.54.32 password:Prl23Db#@", + "line_num": 14, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "dipPr190Gg!", - "value_start": 3, - "value_end": 14, - "variable": "PW", - "variable_start": 0, - "variable_end": 2, + "value": "Prl23Db#@", + "value_start": 28, + "value_end": 37, + "variable": "password", + "variable_start": 19, + "variable_end": 27, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Password", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.922, + "ml_probability": 0.895, "line_data_list": [ { - "line": "ANYid:master pw:dipPr194Gg! ip:98.76.54.32", - "line_num": 95, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "--Password Prl23Db#@", + "line_num": 15, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "dipPr194Gg!", - "value_start": 16, - "value_end": 27, - "variable": "pw", - "variable_start": 13, - "variable_end": 15, + "value": "Prl23Db#@", + "value_start": 11, + "value_end": 20, + "variable": "Password", + "variable_start": 2, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } @@ -3396,22 +2871,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.975, + "ml_probability": 0.943, "line_data_list": [ { - "line": "id: master pw:dipPr197Gg!", - "line_num": 98, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "default password:Prl23Db#@", + "line_num": 18, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "dipPr197Gg!", - "value_start": 14, - "value_end": 25, - "variable": "pw", - "variable_start": 11, - "variable_end": 13, + "value": "Prl23Db#@", + "value_start": 17, + "value_end": 26, + "variable": "password", + "variable_start": 8, + "variable_end": 16, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } @@ -3421,47 +2896,47 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.8, + "ml_probability": 0.728, "line_data_list": [ { - "line": "id:master@example.com,pw:dipPr198Gg!", - "line_num": 99, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "\"password\":\"Prl23Db#@\"", + "line_num": 21, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "dipPr198Gg!", - "value_start": 25, - "value_end": 36, - "variable": "pw", - "variable_start": 22, - "variable_end": 24, + "value": "Prl23Db#@", + "value_start": 12, + "value_end": 21, + "variable": "password", + "variable_start": 1, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.1449378351248165, + "entropy": 2.4654972233440207, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Password", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.937, + "ml_probability": 0.998, "line_data_list": [ { - "line": "id:master@example.com,pw:IHQSB1GG!", - "line_num": 102, - "path": "./tests/samples/doc_id_pair_passwd_pair", + "line": "-password \"Prl23Db#@\"", + "line_num": 33, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "IHQSB1GG!", - "value_start": 25, - "value_end": 34, - "variable": "pw", - "variable_start": 22, - "variable_end": 24, + "value": "Prl23Db#@", + "value_start": 11, + "value_end": 20, + "variable": "password", + "variable_start": 1, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.595488890170944, + "entropy": 2.4654972233440207, "valid": false } } @@ -3471,22 +2946,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.717, + "ml_probability": 0.764, "line_data_list": [ { - "line": "ID/Password:master/iPp2@GRq", - "line_num": 3, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "ANYpassword=Prl23Db#@", + "line_num": 45, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "master/iPp2@GRq", + "value": "Prl23Db#@", "value_start": 12, - "value_end": 27, - "variable": "Password", - "variable_start": 3, + "value_end": 21, + "variable": "ANYpassword", + "variable_start": 0, "variable_end": 11, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, + "entropy": 2.4654972233440207, "valid": false } } @@ -3496,647 +2971,647 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.949, + "ml_probability": 0.916, "line_data_list": [ { - "line": "username/password:master/iPp7@GRq", - "line_num": 8, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "# password: keep empty", + "line_num": 56, + "path": "./tests/samples/doc_passwd_pair", "info": "", - "value": "master/iPp7@GRq", - "value_start": 18, - "value_end": 33, + "value": "keep", + "value_start": 12, + "value_end": 16, "variable": "password", - "variable_start": 9, - "variable_end": 17, + "variable_start": 2, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, + "entropy": 1.5, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.699, + "ml_probability": 1.0, "line_data_list": [ { - "line": "id/passwd:master/iPp8@GRq", - "line_num": 9, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "ANY-Token:AIhq5Xyb1Gga9Q0", + "line_num": 1, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "master/iPp8@GRq", + "value": "AIhq5Xyb1Gga9Q0", "value_start": 10, "value_end": 25, - "variable": "passwd", - "variable_start": 3, + "variable": "ANY-Token", + "variable_start": 0, "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.64643122256795, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.739, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32(ID:master/PW:iPp10@GRq) # todo: move into other sample ?", - "line_num": 11, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "token:AIhq5Xyb1Gga9Q2", + "line_num": 3, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "iPp10@GRq", - "value_start": 25, - "value_end": 34, - "variable": "PW", - "variable_start": 22, - "variable_end": 24, + "value": "AIhq5Xyb1Gga9Q2", + "value_start": 6, + "value_end": 21, + "variable": "token", + "variable_start": 0, + "variable_end": 5, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8177111123931664, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.967, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32 id/pw:master/iPp19@GRq", - "line_num": 20, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", + "line_num": 4, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "master/iPp19@GRq", - "value_start": 18, - "value_end": 34, - "variable": "pw", - "variable_start": 15, - "variable_end": 17, + "value": "AIhq5Xyb1Gga9Q3", + "value_start": 11, + "value_end": 26, + "variable": "KEY", + "variable_start": 7, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.666, + "ml_probability": 1.0, "line_data_list": [ { - "line": "user/pass:master/iPp25@GRq", - "line_num": 26, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", + "line_num": 4, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "master/iPp25@GRq", - "value_start": 10, + "value": "AIhq5Xyb1Gga9Q3", + "value_start": 11, "value_end": 26, - "variable": "pass", - "variable_start": 5, - "variable_end": 9, + "variable": "SECRET KEY", + "variable_start": 0, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.918, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ID/Password=master/iPp27@GRq", - "line_num": 28, - "path": "./tests/samples/doc_id_passwd_pair", + "line": "secret=AIhq5Xyb1Gga9Q4", + "line_num": 5, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "master/iPp27@GRq", - "value_start": 12, - "value_end": 28, - "variable": "Password", - "variable_start": 3, - "variable_end": 11, + "value": "AIhq5Xyb1Gga9Q4", + "value_start": 7, + "value_end": 22, + "variable": "secret", + "variable_start": 0, + "variable_end": 6, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.911, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:Prl23Db#@", - "line_num": 1, - "path": "./tests/samples/doc_passwd_pair", + "line": "--token AIhq5Xyb1Gga9Q5", + "line_num": 6, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, + "value": "AIhq5Xyb1Gga9Q5", + "value_start": 8, + "value_end": 23, + "variable": "token", + "variable_start": 2, + "variable_end": 7, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.773557262275185, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.918, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password=Prl23Db#@", - "line_num": 4, - "path": "./tests/samples/doc_passwd_pair", + "line": "secret:AIhq5Xyb1Gga9Q6", + "line_num": 7, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", + "value": "AIhq5Xyb1Gga9Q6", + "value_start": 7, + "value_end": 22, + "variable": "secret", "variable_start": 0, - "variable_end": 8, + "variable_end": 6, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_password=Prl23Db#@", + "line": "ANY_token=AIhq5Xyb1Gga9Q7", "line_num": 8, - "path": "./tests/samples/doc_passwd_pair", + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "ANY_password", + "value": "AIhq5Xyb1Gga9Q7", + "value_start": 10, + "value_end": 25, + "variable": "ANY_token", "variable_start": 0, - "variable_end": 12, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.906890595608518, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "CMD Secret", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.723, + "ml_probability": 1.0, "line_data_list": [ { - "line": "pass:Prl23Db#@", - "line_num": 10, - "path": "./tests/samples/doc_passwd_pair", + "line": "-secret AIhq5Xyb1Gga9Q10", + "line_num": 11, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 5, - "value_end": 14, - "variable": "pass", - "variable_start": 0, - "variable_end": 4, + "value": "AIhq5Xyb1Gga9Q10", + "value_start": 8, + "value_end": 24, + "variable": "secret", + "variable_start": 1, + "variable_end": 7, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY-password=Prl23Db#@", - "line_num": 11, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY.secret=AIhq5Xyb1Gga9Q19", + "line_num": 20, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "ANY-password", + "value": "AIhq5Xyb1Gga9Q19", + "value_start": 11, + "value_end": 27, + "variable": "ANY.secret", "variable_start": 0, - "variable_end": 12, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.75, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.974, + "ml_probability": 1.0, "line_data_list": [ { - "line": "master@98.76.54.32 password:Prl23Db#@", - "line_num": 14, - "path": "./tests/samples/doc_passwd_pair", + "line": "--secret=AIhq5Xyb1Gga9Q21", + "line_num": 22, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 28, - "value_end": 37, - "variable": "password", - "variable_start": 19, - "variable_end": 27, + "value": "AIhq5Xyb1Gga9Q21", + "value_start": 9, + "value_end": 25, + "variable": "secret", + "variable_start": 2, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "CMD Password", - "severity": "high", + "rule": "Secret", + "severity": "medium", "confidence": "moderate", - "ml_probability": 0.869, + "ml_probability": 1.0, "line_data_list": [ { - "line": "--Password Prl23Db#@", - "line_num": 15, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY_secret:AIhq5Xyb1Gga9Q22", + "line_num": 23, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", + "value": "AIhq5Xyb1Gga9Q22", "value_start": 11, - "value_end": 20, - "variable": "Password", - "variable_start": 2, + "value_end": 27, + "variable": "ANY_secret", + "variable_start": 0, "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.659, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_PW:Prl23Db#@", - "line_num": 17, - "path": "./tests/samples/doc_passwd_pair", + "line": "-Token:AIhq5Xyb1Gga9Q23", + "line_num": 24, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", + "value": "AIhq5Xyb1Gga9Q23", "value_start": 7, - "value_end": 16, - "variable": "ANY_PW", - "variable_start": 0, + "value_end": 23, + "variable": "Token", + "variable_start": 1, "variable_end": 6, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "API", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 1.0, "line_data_list": [ { - "line": "default password:Prl23Db#@", - "line_num": 18, - "path": "./tests/samples/doc_passwd_pair", + "line": "API Secret:AIhq5Xyb1Gga9Q24", + "line_num": 25, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 17, - "value_end": 26, - "variable": "password", - "variable_start": 8, - "variable_end": 16, + "value": "AIhq5Xyb1Gga9Q24", + "value_start": 11, + "value_end": 27, + "variable": "API Secret", + "variable_start": 0, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.967, + "ml_probability": 1.0, "line_data_list": [ { - "line": "\"password\":\"Prl23Db#@\"", - "line_num": 21, - "path": "./tests/samples/doc_passwd_pair", + "line": "API Secret:AIhq5Xyb1Gga9Q24", + "line_num": 25, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 12, - "value_end": 21, - "variable": "password", - "variable_start": 1, - "variable_end": 9, + "value": "AIhq5Xyb1Gga9Q24", + "value_start": 11, + "value_end": 27, + "variable": "Secret", + "variable_start": 4, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.678, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Passwd:Prl23Db#@ Prl23Db#@", - "line_num": 23, - "path": "./tests/samples/doc_passwd_pair", + "line": "access key:AIhq5Xyb1Gga9Q26", + "line_num": 27, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 7, - "value_end": 16, - "variable": "Passwd", - "variable_start": 0, - "variable_end": 6, + "value": "AIhq5Xyb1Gga9Q26", + "value_start": 11, + "value_end": 27, + "variable": "key", + "variable_start": 7, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.886, + "ml_probability": 1.0, "line_data_list": [ { - "line": "PW:Prl23Db#@,password:Prl23Db#@", - "line_num": 24, - "path": "./tests/samples/doc_passwd_pair", + "line": "Secret Key:AIhq5Xyb1Gga9Q27", + "line_num": 28, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 22, - "value_end": 31, - "variable": "password", - "variable_start": 13, - "variable_end": 21, + "value": "AIhq5Xyb1Gga9Q27", + "value_start": 11, + "value_end": 27, + "variable": "Key", + "variable_start": 7, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@,\ube44\ubc88:Prl23Db#@", - "line_num": 25, - "path": "./tests/samples/doc_passwd_pair", + "line": "Secret Key:AIhq5Xyb1Gga9Q27", + "line_num": 28, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "password", + "value": "AIhq5Xyb1Gga9Q27", + "value_start": 11, + "value_end": 27, + "variable": "Secret Key", "variable_start": 0, - "variable_end": 8, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.929, + "ml_probability": 1.0, "line_data_list": [ { - "line": "passwd=Prl23Db#@", - "line_num": 26, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY_key=AIhq5Xyb1Gga9Q29", + "line_num": 30, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 7, - "value_end": 16, - "variable": "passwd", + "value": "AIhq5Xyb1Gga9Q29", + "value_start": 8, + "value_end": 24, + "variable": "ANY_key", "variable_start": 0, - "variable_end": 6, + "variable_end": 7, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.97, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@, paasword:Prl23Db#@", - "line_num": 30, - "path": "./tests/samples/doc_passwd_pair", + "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", + "line_num": 31, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "password", + "value": "AIhq5Xyb1Gga9Q30", + "value_start": 14, + "value_end": 30, + "variable": "secret-ANYkey", "variable_start": 0, - "variable_end": 8, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@,ANYPassword:Prl23Db#@", + "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", "line_num": 31, - "path": "./tests/samples/doc_passwd_pair", + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "password", + "value": "AIhq5Xyb1Gga9Q30", + "value_start": 14, + "value_end": 30, + "variable": "secret-ANYkey", "variable_start": 0, - "variable_end": 8, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 4.0, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.93, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password:Prl23Db#@,ANYPassword:Prl23Db#@", - "line_num": 31, - "path": "./tests/samples/doc_passwd_pair", + "line": "ANY_id=AIhq5Xyb1Gga9Q31 ANY_token=AIhq5Xyb1Gga9Q31", + "line_num": 32, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 31, - "value_end": 40, - "variable": "ANYPassword", - "variable_start": 19, - "variable_end": 30, + "value": "AIhq5Xyb1Gga9Q31", + "value_start": 34, + "value_end": 50, + "variable": "ANY_token", + "variable_start": 24, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.77, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:Prl23Db#@,pwd=Prl23Db#@", - "line_num": 32, - "path": "./tests/samples/doc_passwd_pair", + "line": "access_token:AIhq5Xyb1Gga9Q33", + "line_num": 34, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 9, - "value_end": 18, - "variable": "Password", + "value": "AIhq5Xyb1Gga9Q33", + "value_start": 13, + "value_end": 29, + "variable": "access_token", "variable_start": 0, - "variable_end": 8, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "Password", + "rule": "Auth", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.829, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:Prl23Db#@,pwd=Prl23Db#@", - "line_num": 32, - "path": "./tests/samples/doc_passwd_pair", + "line": "Authentication key:AIhq5Xyb1Gga9Q35", + "line_num": 36, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 23, - "value_end": 32, - "variable": "pwd", - "variable_start": 19, - "variable_end": 22, + "value": "AIhq5Xyb1Gga9Q35", + "value_start": 19, + "value_end": 35, + "variable": "Authentication key", + "variable_start": 0, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } ] }, { - "rule": "CMD Password", - "severity": "high", + "rule": "Key", + "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 1.0, "line_data_list": [ { - "line": "-password \"Prl23Db#@\"", - "line_num": 33, - "path": "./tests/samples/doc_passwd_pair", + "line": "Authentication key:AIhq5Xyb1Gga9Q35", + "line_num": 36, + "path": "./tests/samples/doc_secret_pair", "info": "", - "value": "Prl23Db#@", - "value_start": 11, - "value_end": 20, - "variable": "password", - "variable_start": 1, - "variable_end": 9, + "value": "AIhq5Xyb1Gga9Q35", + "value_start": 19, + "value_end": 35, + "variable": "key", + "variable_start": 15, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.875, "valid": false } } @@ -4146,22 +3621,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.965, + "ml_probability": 0.999, "line_data_list": [ { - "line": "ANY_password:Prl23Db#@", - "line_num": 34, - "path": "./tests/samples/doc_passwd_pair", + "line": "master@98.76.54.32(pw:IhqSb1Gg)", + "line_num": 3, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 13, - "value_end": 22, - "variable": "ANY_password", - "variable_start": 0, - "variable_end": 12, + "value": "IhqSb1Gg", + "value_start": 22, + "value_end": 30, + "variable": "pw", + "variable_start": 19, + "variable_end": 21, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4171,22 +3646,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.937, + "ml_probability": 0.887, "line_data_list": [ { - "line": "--password=Prl23Db#@", - "line_num": 37, - "path": "./tests/samples/doc_passwd_pair", + "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", + "line_num": 4, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 11, - "value_end": 20, - "variable": "password", - "variable_start": 2, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 42, + "value_end": 50, + "variable": "PW", + "variable_start": 39, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4196,22 +3671,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.969, + "ml_probability": 0.832, "line_data_list": [ { - "line": "root/Prl23Db#@,root password:Prl23Db#@", - "line_num": 38, - "path": "./tests/samples/doc_passwd_pair", + "line": "Password:master/IhqSb1Gg", + "line_num": 5, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 29, - "value_end": 38, - "variable": "password", - "variable_start": 20, - "variable_end": 28, + "value": "master/IhqSb1Gg", + "value_start": 9, + "value_end": 24, + "variable": "Password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.906890595608518, "valid": false } } @@ -4221,22 +3696,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.925, + "ml_probability": 0.999, "line_data_list": [ { - "line": "Prl23Db#@ username:Prl23Db#@,Prl23Db#@ password:Prl23Db#@", - "line_num": 40, - "path": "./tests/samples/doc_passwd_pair", + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (PW:IhqSb1Gg)", + "line_num": 6, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 48, - "value_end": 57, - "variable": "password", - "variable_start": 39, - "variable_end": 47, + "value": "IhqSb1Gg", + "value_start": 44, + "value_end": 52, + "variable": "PW", + "variable_start": 41, + "variable_end": 43, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4246,22 +3721,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.861, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Prl23Db#@:password:Prl23Db#@", - "line_num": 41, - "path": "./tests/samples/doc_passwd_pair", + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} password:IhqSb1Gg", + "line_num": 7, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 19, - "value_end": 28, + "value": "IhqSb1Gg", + "value_start": 49, + "value_end": 57, "variable": "password", - "variable_start": 10, - "variable_end": 18, + "variable_start": 40, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4271,22 +3746,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.982, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANYpassword=Prl23Db#@", - "line_num": 45, - "path": "./tests/samples/doc_passwd_pair", + "line": "ssh -P IhqSb1Gg gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", + "line_num": 11, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 12, - "value_end": 21, - "variable": "ANYpassword", - "variable_start": 0, - "variable_end": 11, + "value": "IhqSb1Gg", + "value_start": 62, + "value_end": 70, + "variable": "password", + "variable_start": 53, + "variable_end": 61, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4296,22 +3771,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.969, + "ml_probability": 0.999, "line_data_list": [ { - "line": "passwords:Prl23Db#@", - "line_num": 46, - "path": "./tests/samples/doc_passwd_pair", + "line": "gildong.hong@98.76.54.32 pwd:IhqSb1Gg", + "line_num": 15, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 10, - "value_end": 19, - "variable": "passwords", - "variable_start": 0, - "variable_end": 9, + "value": "IhqSb1Gg", + "value_start": 29, + "value_end": 37, + "variable": "pwd", + "variable_start": 25, + "variable_end": 28, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4321,22 +3796,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.986, + "ml_probability": 0.979, "line_data_list": [ { - "line": "password=>Prl23Db#@", - "line_num": 48, - "path": "./tests/samples/doc_passwd_pair", + "line": "\uacc4\uc815:master(PW:IhqSb1Gg)", + "line_num": 16, + "path": "./tests/samples/doc_various", "info": "", - "value": "Prl23Db#@", - "value_start": 10, - "value_end": 19, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "value": "IhqSb1Gg", + "value_start": 13, + "value_end": 21, + "variable": "PW", + "variable_start": 10, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4654972233440207, + "entropy": 3.0, "valid": false } } @@ -4346,247 +3821,247 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.674, + "ml_probability": 0.999, "line_data_list": [ { - "line": "# password: keep empty", - "line_num": 56, - "path": "./tests/samples/doc_passwd_pair", + "line": "98.76.54.32(pw:IhqSb1Gg)", + "line_num": 17, + "path": "./tests/samples/doc_various", "info": "", - "value": "keep", - "value_start": 12, - "value_end": 16, - "variable": "password", - "variable_start": 2, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "pw", + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.5, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY-Token:AIhq5Xyb1Gga9Q0", - "line_num": 1, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32/pw:IhqSb1Gg", + "line_num": 19, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q0", - "value_start": 10, - "value_end": 25, - "variable": "ANY-Token", - "variable_start": 0, - "variable_end": 9, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "pw", + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.967, "line_data_list": [ { - "line": "token:AIhq5Xyb1Gga9Q2", - "line_num": 3, - "path": "./tests/samples/doc_secret_pair", + "line": "ID:gildong.hong@example.com mailto:{1}/pw:IhqSb1Gg", + "line_num": 20, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q2", - "value_start": 6, - "value_end": 21, - "variable": "token", - "variable_start": 0, - "variable_end": 5, + "value": "IhqSb1Gg", + "value_start": 42, + "value_end": 50, + "variable": "pw", + "variable_start": 39, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", - "line_num": 4, - "path": "./tests/samples/doc_secret_pair", + "line": "sftp gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", + "line_num": 22, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q3", - "value_start": 11, - "value_end": 26, - "variable": "KEY", - "variable_start": 7, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 45, + "value_end": 53, + "variable": "pw", + "variable_start": 42, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.996, "line_data_list": [ { - "line": "SECRET KEY:AIhq5Xyb1Gga9Q3", - "line_num": 4, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", + "line_num": 23, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q3", - "value_start": 11, - "value_end": 26, - "variable": "SECRET KEY", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 40, + "value_end": 48, + "variable": "pw", + "variable_start": 37, + "variable_end": 39, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.806, "line_data_list": [ { - "line": "secret=AIhq5Xyb1Gga9Q4", - "line_num": 5, - "path": "./tests/samples/doc_secret_pair", + "line": "-id:gildong.hong@example.com mailto:{1} -pwd:IhqSb1Gg", + "line_num": 24, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q4", - "value_start": 7, - "value_end": 22, - "variable": "secret", - "variable_start": 0, - "variable_end": 6, + "value": "IhqSb1Gg", + "value_start": 45, + "value_end": 53, + "variable": "pwd", + "variable_start": 41, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "CMD Token", - "severity": "high", + "rule": "Password", + "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "--token AIhq5Xyb1Gga9Q5", - "line_num": 6, - "path": "./tests/samples/doc_secret_pair", + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", + "line_num": 25, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q5", - "value_start": 8, - "value_end": 23, - "variable": "token", - "variable_start": 2, - "variable_end": 7, + "value": "IhqSb1Gg", + "value_start": 50, + "value_end": 58, + "variable": "password", + "variable_start": 41, + "variable_end": 49, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.773557262275185, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "secret:AIhq5Xyb1Gga9Q6", - "line_num": 7, - "path": "./tests/samples/doc_secret_pair", + "line": "id:gildong.hong@example.com mailto:{1} password:IhqSb1Gg", + "line_num": 28, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q6", - "value_start": 7, - "value_end": 22, - "variable": "secret", - "variable_start": 0, - "variable_end": 6, + "value": "IhqSb1Gg", + "value_start": 48, + "value_end": 56, + "variable": "password", + "variable_start": 39, + "variable_end": 47, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_token=AIhq5Xyb1Gga9Q7", - "line_num": 8, - "path": "./tests/samples/doc_secret_pair", + "line": "ANY_password,default:IhqSb1Gg", + "line_num": 31, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q7", - "value_start": 10, - "value_end": 25, - "variable": "ANY_token", + "value": "IhqSb1Gg", + "value_start": 21, + "value_end": 29, + "variable": "ANY_password,default", "variable_start": 0, - "variable_end": 9, + "variable_end": 20, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "CMD Secret", - "severity": "high", + "rule": "Key", + "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "-secret AIhq5Xyb1Gga9Q10", - "line_num": 11, - "path": "./tests/samples/doc_secret_pair", + "line": "Key(ANYSecret):IhqSb1Gg", + "line_num": 32, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q10", - "value_start": 8, - "value_end": 24, - "variable": "secret", - "variable_start": 1, - "variable_end": 7, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "Key(ANYSecret)", + "variable_start": 0, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } @@ -4596,397 +4071,347 @@ "rule": "Secret", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "ANY.secret=AIhq5Xyb1Gga9Q19", - "line_num": 20, - "path": "./tests/samples/doc_secret_pair", + "line": "Key(ANYSecret):IhqSb1Gg", + "line_num": 32, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q19", - "value_start": 11, - "value_end": 27, - "variable": "ANY.secret", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "ANYSecret)", + "variable_start": 4, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.75, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "--secret=AIhq5Xyb1Gga9Q21", - "line_num": 22, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32 ANY_PW:IhqSb1Gg", + "line_num": 34, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q21", - "value_start": 9, - "value_end": 25, - "variable": "secret", - "variable_start": 2, - "variable_end": 8, + "value": "IhqSb1Gg", + "value_start": 19, + "value_end": 27, + "variable": "ANY_PW", + "variable_start": 12, + "variable_end": 18, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.998, "line_data_list": [ { - "line": "ANY_secret:AIhq5Xyb1Gga9Q22", - "line_num": 23, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32(ID/PW:IhqSb1Gg)", + "line_num": 36, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q22", - "value_start": 11, - "value_end": 27, - "variable": "ANY_secret", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 18, + "value_end": 26, + "variable": "PW", + "variable_start": 15, + "variable_end": 17, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.984, "line_data_list": [ { - "line": "-Token:AIhq5Xyb1Gga9Q23", - "line_num": 24, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32 (pwd:IhqSb1Gg)", + "line_num": 38, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q23", - "value_start": 7, - "value_end": 23, - "variable": "Token", - "variable_start": 1, - "variable_end": 6, + "value": "IhqSb1Gg", + "value_start": 30, + "value_end": 38, + "variable": "pwd", + "variable_start": 26, + "variable_end": 29, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "API", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "API Secret:AIhq5Xyb1Gga9Q24", - "line_num": 25, - "path": "./tests/samples/doc_secret_pair", + "line": "password for master:IhqSb1Gg", + "line_num": 43, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q24", - "value_start": 11, - "value_end": 27, - "variable": "API Secret", + "value": "IhqSb1Gg", + "value_start": 20, + "value_end": 28, + "variable": "password for master", "variable_start": 0, - "variable_end": 10, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, - "valid": false - } - } - ] - }, - { - "rule": "Secret", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ - { - "line": "API Secret:AIhq5Xyb1Gga9Q24", - "line_num": 25, - "path": "./tests/samples/doc_secret_pair", - "info": "", - "value": "AIhq5Xyb1Gga9Q24", - "value_start": 11, - "value_end": 27, - "variable": "Secret", - "variable_start": 4, - "variable_end": 10, + "variable_end": 19, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 0.999, "line_data_list": [ { - "line": "access key:AIhq5Xyb1Gga9Q26", - "line_num": 27, - "path": "./tests/samples/doc_secret_pair", + "line": "id:xxxx(ANYpw:IhqSb1Ga)", + "line_num": 46, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q26", - "value_start": 11, - "value_end": 27, - "variable": "key", - "variable_start": 7, - "variable_end": 10, + "value": "IhqSb1Ga", + "value_start": 14, + "value_end": 22, + "variable": "ANYpw", + "variable_start": 8, + "variable_end": 13, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "Secret Key:AIhq5Xyb1Gga9Q27", - "line_num": 28, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32,pw:IhqSb1Gg", + "line_num": 47, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q27", - "value_start": 11, - "value_end": 27, - "variable": "Key", - "variable_start": 7, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 28, + "value_end": 36, + "variable": "pw", + "variable_start": 25, + "variable_end": 27, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.998, "line_data_list": [ { - "line": "Secret Key:AIhq5Xyb1Gga9Q27", - "line_num": 28, - "path": "./tests/samples/doc_secret_pair", + "line": "98.76.54.32:xxxx(PW:IhqSb1Gg)", + "line_num": 51, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q27", - "value_start": 11, - "value_end": 27, - "variable": "Secret Key", - "variable_start": 0, - "variable_end": 10, + "value": "IhqSb1Gg", + "value_start": 20, + "value_end": 28, + "variable": "PW", + "variable_start": 17, + "variable_end": 19, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_key=AIhq5Xyb1Gga9Q29", - "line_num": 30, - "path": "./tests/samples/doc_secret_pair", + "line": "gildong.hong@98.76.54.32 PW:IhqSb1Gg", + "line_num": 56, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q29", - "value_start": 8, - "value_end": 24, - "variable": "ANY_key", - "variable_start": 0, - "variable_end": 7, + "value": "IhqSb1Gg", + "value_start": 28, + "value_end": 36, + "variable": "PW", + "variable_start": 25, + "variable_end": 27, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", - "line_num": 31, - "path": "./tests/samples/doc_secret_pair", + "line": "ANY_user:xxxx ANY_pwd:IhqSb1Gg", + "line_num": 61, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q30", - "value_start": 14, + "value": "IhqSb1Gg", + "value_start": 22, "value_end": 30, - "variable": "secret-ANYkey", - "variable_start": 0, - "variable_end": 13, + "variable": "ANY_pwd", + "variable_start": 14, + "variable_end": 21, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret-ANYkey:AIhq5Xyb1Gga9Q30", - "line_num": 31, - "path": "./tests/samples/doc_secret_pair", + "line": "Acount name:xxxx Initial Password:IhqSb1Gg", + "line_num": 62, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q30", - "value_start": 14, - "value_end": 30, - "variable": "secret-ANYkey", - "variable_start": 0, - "variable_end": 13, + "value": "IhqSb1Gg", + "value_start": 34, + "value_end": 42, + "variable": "Password", + "variable_start": 25, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.0, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.995, "line_data_list": [ { - "line": "ANY_id=AIhq5Xyb1Gga9Q31 ANY_token=AIhq5Xyb1Gga9Q31", - "line_num": 32, - "path": "./tests/samples/doc_secret_pair", + "line": "Access wifi:xxxx(PW:IhqSb1Gg)", + "line_num": 63, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q31", - "value_start": 34, - "value_end": 50, - "variable": "ANY_token", - "variable_start": 24, - "variable_end": 33, + "value": "IhqSb1Gg", + "value_start": 20, + "value_end": 28, + "variable": "PW", + "variable_start": 17, + "variable_end": 19, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Token", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ - { - "line": "access_token:AIhq5Xyb1Gga9Q33", - "line_num": 34, - "path": "./tests/samples/doc_secret_pair", - "info": "", - "value": "AIhq5Xyb1Gga9Q33", - "value_start": 13, - "value_end": 29, - "variable": "access_token", - "variable_start": 0, - "variable_end": 12, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, - "valid": false - } - } - ] - }, - { - "rule": "Auth", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 0.996, "line_data_list": [ { - "line": "Authentication key:AIhq5Xyb1Gga9Q35", - "line_num": 36, - "path": "./tests/samples/doc_secret_pair", + "line": "-User:master -PasswordANY:IhqSb1Gg", + "line_num": 66, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q35", - "value_start": 19, - "value_end": 35, - "variable": "Authentication key", - "variable_start": 0, - "variable_end": 18, + "value": "IhqSb1Gg", + "value_start": 26, + "value_end": 34, + "variable": "PasswordANY", + "variable_start": 14, + "variable_end": 25, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Authentication key:AIhq5Xyb1Gga9Q35", - "line_num": 36, - "path": "./tests/samples/doc_secret_pair", + "line": "password(default:IhqSb1Gg)", + "line_num": 68, + "path": "./tests/samples/doc_various", "info": "", - "value": "AIhq5Xyb1Gga9Q35", - "value_start": 19, - "value_end": 35, - "variable": "key", - "variable_start": 15, - "variable_end": 18, + "value": "IhqSb1Gg", + "value_start": 17, + "value_end": 25, + "variable": "password(default", + "variable_start": 0, + "variable_end": 16, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.875, + "entropy": 3.0, "valid": false } } @@ -4996,11 +4421,11 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.988, + "ml_probability": 0.999, "line_data_list": [ { "line": "master@98.76.54.32(pw:IhqSb1Gg)", - "line_num": 3, + "line_num": 73, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", @@ -5021,19 +4446,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.968, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ID:gildong.hong@example.com mailto:{1} PW:IhqSb1Gg", - "line_num": 4, + "line": "master@98.76.54.32,PW:IhqSb1Gg", + "line_num": 74, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 42, - "value_end": 50, + "value_start": 22, + "value_end": 30, "variable": "PW", - "variable_start": 39, - "variable_end": 41, + "variable_start": 19, + "variable_end": 21, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5046,22 +4471,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Password:master/IhqSb1Gg", - "line_num": 5, + "line": "98.76.54.32 pw:IhqSb1Gg", + "line_num": 75, "path": "./tests/samples/doc_various", "info": "", - "value": "master/IhqSb1Gg", - "value_start": 9, - "value_end": 24, - "variable": "Password", - "variable_start": 0, - "variable_end": 8, + "value": "IhqSb1Gg", + "value_start": 15, + "value_end": 23, + "variable": "pw", + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, + "entropy": 3.0, "valid": false } } @@ -5071,19 +4496,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.966, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (PW:IhqSb1Gg)", - "line_num": 6, + "line": "config:xxxx,PW:IhqSb1Gg", + "line_num": 78, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 44, - "value_end": 52, + "value_start": 15, + "value_end": 23, "variable": "PW", - "variable_start": 41, - "variable_end": 43, + "variable_start": 12, + "variable_end": 14, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5099,16 +4524,16 @@ "ml_probability": 1.0, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} password:IhqSb1Gg", - "line_num": 7, + "line": "scp gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", + "line_num": 82, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 49, - "value_end": 57, - "variable": "password", + "value_start": 43, + "value_end": 51, + "variable": "pw", "variable_start": 40, - "variable_end": 48, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5121,19 +4546,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.999, "line_data_list": [ { - "line": "ssh -P IhqSb1Gg gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", - "line_num": 11, + "line": "id:gildong.hong@xxx.com mailto:{1} pw:IhqSb1Gg", + "line_num": 83, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 62, - "value_end": 70, - "variable": "password", - "variable_start": 53, - "variable_end": 61, + "value_start": 38, + "value_end": 46, + "variable": "pw", + "variable_start": 35, + "variable_end": 37, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5146,19 +4571,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 1.0, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 pwd:IhqSb1Gg", - "line_num": 15, + "line": "gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", + "line_num": 84, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 29, - "value_end": 37, - "variable": "pwd", - "variable_start": 25, - "variable_end": 28, + "value_start": 39, + "value_end": 47, + "variable": "pw", + "variable_start": 36, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5171,19 +4596,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.934, + "ml_probability": 1.0, "line_data_list": [ { - "line": "\uacc4\uc815:master(PW:IhqSb1Gg)", - "line_num": 16, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1},pw:IhqSb1Gg", + "line_num": 85, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 13, - "value_end": 21, - "variable": "PW", - "variable_start": 10, - "variable_end": 12, + "value_start": 43, + "value_end": 51, + "variable": "pw", + "variable_start": 40, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5196,19 +4621,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.999, "line_data_list": [ { - "line": "98.76.54.32(pw:IhqSb1Gg)", - "line_num": 17, + "line": "(ssh gildong.hong@98.76.54.32 mailto{1}) pwd:IhqSb1Gg", + "line_num": 87, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, + "value_start": 45, + "value_end": 53, + "variable": "pwd", + "variable_start": 41, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5221,19 +4646,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32/pw:IhqSb1Gg", - "line_num": 19, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1}, pw:IhqSb1Gg", + "line_num": 90, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, + "value_start": 44, + "value_end": 52, "variable": "pw", - "variable_start": 12, - "variable_end": 14, + "variable_start": 41, + "variable_end": 43, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5246,19 +4671,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.99, + "ml_probability": 0.998, "line_data_list": [ { - "line": "ID:gildong.hong@example.com mailto:{1}/pw:IhqSb1Gg", - "line_num": 20, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (pwd:IhqSb1Gg)", + "line_num": 93, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 42, - "value_end": 50, - "variable": "pw", - "variable_start": 39, - "variable_end": 41, + "value_start": 45, + "value_end": 53, + "variable": "pwd", + "variable_start": 41, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5271,19 +4696,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.887, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ID:gildong.hong@any.example.com mailto:{1} PWD:IhqSb1Gg", - "line_num": 21, + "line": "gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", + "line_num": 94, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 47, - "value_end": 55, - "variable": "PWD", - "variable_start": 43, - "variable_end": 46, + "value_start": 46, + "value_end": 54, + "variable": "password", + "variable_start": 37, + "variable_end": 45, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5296,18 +4721,18 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.991, + "ml_probability": 1.0, "line_data_list": [ { - "line": "sftp gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", - "line_num": 22, + "line": "gildong.hong@98.76.54.32 mailto:{1} Password:IhqSb1Gg", + "line_num": 96, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", "value_start": 45, "value_end": 53, - "variable": "pw", - "variable_start": 42, + "variable": "Password", + "variable_start": 36, "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", @@ -5321,19 +4746,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.956, + "ml_probability": 0.997, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 mailto:{1} (pw:IhqSb1Gg)", - "line_num": 23, + "line": "gildong.hong@98.76.54.32 mailto:{1} (pass:IhqSb1Gg)", + "line_num": 97, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 40, - "value_end": 48, - "variable": "pw", - "variable_start": 37, - "variable_end": 39, + "value_start": 42, + "value_end": 50, + "variable": "pass", + "variable_start": 37, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5346,19 +4771,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": 1.0, "line_data_list": [ { - "line": "-id:gildong.hong@example.com mailto:{1} -pwd:IhqSb1Gg", - "line_num": 24, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", + "line_num": 100, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pwd", - "variable_start": 41, - "variable_end": 44, + "value_start": 43, + "value_end": 51, + "variable": "pw", + "variable_start": 40, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5371,19 +4796,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", - "line_num": 25, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pass:IhqSb1Gg", + "line_num": 101, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 50, - "value_end": 58, - "variable": "password", - "variable_start": 41, - "variable_end": 49, + "value_start": 45, + "value_end": 53, + "variable": "pass", + "variable_start": 40, + "variable_end": 44, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5396,19 +4821,19 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "id:gildong.hong@example.com mailto:{1} password:IhqSb1Gg", - "line_num": 28, + "line": "id:gildong.hong@xxx.com mailto:{1}/password:IhqSb1Gg", + "line_num": 102, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 48, - "value_end": 56, + "value_start": 44, + "value_end": 52, "variable": "password", - "variable_start": 39, - "variable_end": 47, + "variable_start": 35, + "variable_end": 43, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5424,16 +4849,16 @@ "ml_probability": 1.0, "line_data_list": [ { - "line": "ANY_password,default:IhqSb1Gg", - "line_num": 31, + "line": "ssh gildong.hong@98.76.54.32 mailto:{1}/password:IhqSb1Gg", + "line_num": 104, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 21, - "value_end": 29, - "variable": "ANY_password,default", - "variable_start": 0, - "variable_end": 20, + "value_start": 49, + "value_end": 57, + "variable": "password", + "variable_start": 40, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5443,22 +4868,22 @@ ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 0.987, "line_data_list": [ { - "line": "Key(ANYSecret):IhqSb1Gg", - "line_num": 32, + "line": "-ANYID:gildong.hong@example.com mailto:{1} -pw:IhqSb1Gg", + "line_num": 105, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "Key(ANYSecret)", - "variable_start": 0, - "variable_end": 14, + "value_start": 47, + "value_end": 55, + "variable": "pw", + "variable_start": 44, + "variable_end": 46, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5468,22 +4893,22 @@ ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.976, + "ml_probability": 0.997, "line_data_list": [ { - "line": "Key(ANYSecret):IhqSb1Gg", - "line_num": 32, + "line": "ID:gildong.hong@xxxx.net mailto:{1} pw:IhqSb1Gg", + "line_num": 106, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "ANYSecret)", - "variable_start": 4, - "variable_end": 14, + "value_start": 39, + "value_end": 47, + "variable": "pw", + "variable_start": 36, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5499,16 +4924,16 @@ "ml_probability": 0.999, "line_data_list": [ { - "line": "98.76.54.32 ANY_PW:IhqSb1Gg", - "line_num": 34, + "line": "http://98.76.54.32:xxx(pw:IhqSb1Gg)", + "line_num": 108, "path": "./tests/samples/doc_various", "info": "", "value": "IhqSb1Gg", - "value_start": 19, - "value_end": 27, - "variable": "ANY_PW", - "variable_start": 12, - "variable_end": 18, + "value_start": 26, + "value_end": 34, + "variable": "pw", + "variable_start": 23, + "variable_end": 25, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", "entropy": 3.0, @@ -5521,48 +4946,48 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32(ID/PW:IhqSb1Gg)", - "line_num": 36, - "path": "./tests/samples/doc_various", + "line": " ", + "line_num": 13, + "path": "./tests/samples/drawio", "info": "", - "value": "IhqSb1Gg", - "value_start": 18, - "value_end": 26, - "variable": "PW", - "variable_start": 15, - "variable_end": 17, + "value": "Dw7^&amp;nd&lt;dj", + "value_start": 162, + "value_end": 187, + "variable": "Password", + "variable_start": 146, + "variable_end": 154, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 2.692989956378185, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.942, + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 (pwd:IhqSb1Gg)", - "line_num": 38, - "path": "./tests/samples/doc_various", + "line": " ", + "line_num": 13, + "path": "./tests/samples/drawio", "info": "", - "value": "IhqSb1Gg", - "value_start": 30, - "value_end": 38, - "variable": "pwd", - "variable_start": 26, - "variable_end": 29, + "value": "bace4d19-fa7e-b2e4-1afe-9129474bcd81", + "value_start": 100, + "value_end": 136, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.254803820546211, + "valid": true } } ] @@ -5571,22 +4996,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { - "line": "password for master:IhqSb1Gg", - "line_num": 43, - "path": "./tests/samples/doc_various", + "line": " ", + "line_num": 16, + "path": "./tests/samples/drawio", "info": "", - "value": "IhqSb1Gg", - "value_start": 20, - "value_end": 28, - "variable": "password for master", - "variable_start": 0, - "variable_end": 19, + "value": "Df34D&", + "value_start": 60, + "value_end": 69, + "variable": "textpassword", + "variable_start": 46, + "variable_end": 58, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 2.5954888901709445, "valid": false } } @@ -5596,2081 +5021,1990 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.981, + "ml_probability": 0.979, "line_data_list": [ { - "line": "id:xxxx(ANYpw:IhqSb1Ga)", - "line_num": 46, - "path": "./tests/samples/doc_various", + "line": " ", + "line_num": 34, + "path": "./tests/samples/drawio", "info": "", - "value": "IhqSb1Ga", - "value_start": 14, - "value_end": 22, - "variable": "ANYpw", - "variable_start": 8, - "variable_end": 13, + "value": "Dsfgh%$d&", + "value_start": 41, + "value_end": 53, + "variable": "pass", + "variable_start": 35, + "variable_end": 39, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 2.688721875540867, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, + "rule": "UUID", + "severity": "info", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32,pw:IhqSb1Gg", - "line_num": 47, - "path": "./tests/samples/doc_various", + "line": " ", + "line_num": 45, + "path": "./tests/samples/drawio", "info": "", - "value": "IhqSb1Gg", - "value_start": 28, - "value_end": 36, - "variable": "pw", - "variable_start": 25, - "variable_end": 27, + "value": "ce49dba1-e4fe-b2a7-4ffa-132bcd819474", + "value_start": 52, + "value_end": 88, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.3348200572472178, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.981, + "rule": "Dropbox API secret (long term)", + "severity": "high", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "98.76.54.32:xxxx(PW:IhqSb1Gg)", - "line_num": 51, - "path": "./tests/samples/doc_various", + "line": "var g = '7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ'", + "line_num": 1, + "path": "./tests/samples/dropbox_api_secret_long_term", "info": "", - "value": "IhqSb1Gg", - "value_start": 20, - "value_end": 28, - "variable": "PW", - "variable_start": 17, - "variable_end": 19, + "value": "7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ", + "value_start": 9, + "value_end": 73, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.89361507332541, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "rule": "Dropbox App secret", + "severity": "info", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "\uacc4\uc815/Password-xxxx:master/IhqSb1Gg", - "line_num": 55, - "path": "./tests/samples/doc_various", + "line": "var app_unique_val_s = 'wpv1jq9xwanbn3n';", + "line_num": 1, + "path": "./tests/samples/dropbox_app_secret", "info": "", - "value": "master/IhqSb1Gg", - "value_start": 17, - "value_end": 32, - "variable": "Password-xxxx", - "variable_start": 3, - "variable_end": 16, + "value": "wpv1jq9xwanbn3n", + "value_start": 24, + "value_end": 39, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.456564762130954, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Dropbox OAuth2 API Access Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.979, + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 PW:IhqSb1Gg", - "line_num": 56, - "path": "./tests/samples/doc_various", + "line": "var dropbox = 'sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc';", + "line_num": 1, + "path": "./tests/samples/dropbox_oauth_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 28, - "value_end": 36, - "variable": "PW", - "variable_start": 25, - "variable_end": 27, + "value": "sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc", + "value_start": 15, + "value_end": 153, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 5.395844179446958, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Dynatrace API Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": null, "line_data_list": [ { - "line": "ANY_user:xxxx ANY_pwd:IhqSb1Gg", - "line_num": 61, - "path": "./tests/samples/doc_various", + "line": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", + "line_num": 1, + "path": "./tests/samples/dynatrace_api.hs", "info": "", - "value": "IhqSb1Gg", - "value_start": 22, - "value_end": 30, - "variable": "ANY_pwd", - "variable_start": 14, - "variable_end": 21, + "value": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", + "value_start": 0, + "value_end": 96, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.80819150678678, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Facebook Access Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": null, "line_data_list": [ { - "line": "Acount name:xxxx Initial Password:IhqSb1Gg", - "line_num": 62, - "path": "./tests/samples/doc_various", + "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", + "line_num": 1, + "path": "./tests/samples/facebook_key", "info": "", - "value": "IhqSb1Gg", - "value_start": 34, - "value_end": 42, - "variable": "Password", - "variable_start": 25, - "variable_end": 33, + "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", + "value_start": 28, + "value_end": 115, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.936120692057913, + "valid": true } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 1.0, "line_data_list": [ { - "line": "Access wifi:xxxx(PW:IhqSb1Gg)", - "line_num": 63, - "path": "./tests/samples/doc_various", + "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", + "line_num": 1, + "path": "./tests/samples/facebook_key", "info": "", - "value": "IhqSb1Gg", - "value_start": 20, - "value_end": 28, - "variable": "PW", - "variable_start": 17, - "variable_end": 19, + "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", + "value_start": 28, + "value_end": 115, + "variable": "GI_REO_GI_FACEBOOK_TOKEN", + "variable_start": 0, + "variable_end": 24, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 4.936120692057913, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Facebook App Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.997, + "ml_probability": null, "line_data_list": [ { - "line": "-User:master -PasswordANY:IhqSb1Gg", - "line_num": 66, - "path": "./tests/samples/doc_various", + "line": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", + "line_num": 2, + "path": "./tests/samples/facebook_key", "info": "", - "value": "IhqSb1Gg", - "value_start": 26, - "value_end": 34, - "variable": "PasswordANY", - "variable_start": 14, - "variable_end": 25, + "value": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", + "value_start": 0, + "value_end": 44, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.208909927092422, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Firebase Domain", + "severity": "info", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": null, "line_data_list": [ { - "line": "password(default:IhqSb1Gg)", - "line_num": 68, - "path": "./tests/samples/doc_various", + "line": "test-app-domain-42.firebaseapp.com", + "line_num": 1, + "path": "./tests/samples/firebase_domain", "info": "", - "value": "IhqSb1Gg", - "value_start": 17, - "value_end": 25, - "variable": "password(default", - "variable_start": 0, - "variable_end": 16, + "value": "test-app-domain-42.firebaseapp.com", + "value_start": 0, + "value_end": 34, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.4347510262969525, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Firebase Domain", + "severity": "info", "confidence": "moderate", - "ml_probability": 0.7, + "ml_probability": null, "line_data_list": [ { - "line": "98.76.54.32(ID/PW:master/IhqSb1Gg)", - "line_num": 70, - "path": "./tests/samples/doc_various", + "line": "test2.io.firebaseio.com", + "line_num": 2, + "path": "./tests/samples/firebase_domain", "info": "", - "value": "master/IhqSb1Gg", - "value_start": 18, - "value_end": 33, - "variable": "PW", - "variable_start": 15, - "variable_end": 17, + "value": "test2.io.firebaseio.com", + "value_start": 0, + "value_end": 23, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.906890595608518, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.1394163745499943, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.988, + "rule": "Github Classic Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "master@98.76.54.32(pw:IhqSb1Gg)", - "line_num": 73, - "path": "./tests/samples/doc_various", + "line": "ghp_00000000000000000000000000000004WZ4EQ # classic", + "line_num": 1, + "path": "./tests/samples/github_classic_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 22, - "value_end": 30, - "variable": "pw", - "variable_start": 19, - "variable_end": 21, + "value": "ghp_00000000000000000000000000000004WZ4EQ", + "value_start": 0, + "value_end": 41, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 1.4322437698226886, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, + "rule": "Github Fine-granted Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "master@98.76.54.32,PW:IhqSb1Gg", - "line_num": 74, - "path": "./tests/samples/doc_various", + "line": "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", + "line_num": 2, + "path": "./tests/samples/github_fine_granted_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 22, - "value_end": 30, - "variable": "PW", - "variable_start": 19, - "variable_end": 21, + "value": "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", + "value_start": 0, + "value_end": 93, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 5.255374790203283, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "Github Old Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { - "line": "98.76.54.32 pw:IhqSb1Gg", - "line_num": 75, - "path": "./tests/samples/doc_various", + "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line_num": 1, + "path": "./tests/samples/github_key.groovy", "info": "", - "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "pw", - "variable_start": 12, - "variable_end": 14, + "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", + "value_start": 23, + "value_end": 63, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.246439344671015, + "valid": true } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { - "line": "config:xxxx,PW:IhqSb1Gg", - "line_num": 78, - "path": "./tests/samples/doc_various", + "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line_num": 1, + "path": "./tests/samples/github_key.groovy", "info": "", - "value": "IhqSb1Gg", - "value_start": 15, - "value_end": 23, - "variable": "PW", - "variable_start": 12, - "variable_end": 14, + "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", + "value_start": 23, + "value_end": 63, + "variable": "GITHUB_ACCESS_TOKEN", + "variable_start": 0, + "variable_end": 19, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.246439344671015, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.997, + "rule": "Gitlab Incoming Email Token", + "severity": "info", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "scp gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", - "line_num": 82, - "path": "./tests/samples/doc_various", + "line": "var email_t = '7e4v6v5j2nepcc8f5zvatgl9g';", + "line_num": 1, + "path": "./tests/samples/gitlab_email_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 43, - "value_end": 51, - "variable": "pw", - "variable_start": 40, - "variable_end": 42, + "value": "7e4v6v5j2nepcc8f5zvatgl9g", + "value_start": 15, + "value_end": 40, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.133660689688186, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.994, + "rule": "Gitlab Feed Token", + "severity": "info", + "confidence": "weak", + "ml_probability": null, "line_data_list": [ { - "line": "id:gildong.hong@xxx.com mailto:{1} pw:IhqSb1Gg", - "line_num": 83, - "path": "./tests/samples/doc_various", + "line": "feed_n = 'o9aEaH32LN618KhF7e_L'", + "line_num": 1, + "path": "./tests/samples/gitlab_feed_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 38, - "value_end": 46, - "variable": "pw", - "variable_start": 35, - "variable_end": 37, + "value": "o9aEaH32LN618KhF7e_L", + "value_start": 10, + "value_end": 30, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 3.905831690142994, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", - "line_num": 84, - "path": "./tests/samples/doc_various", + "line": "glpat-8d5ri2n9g85LAnC9YW85 # Personal access token, Impersonation token, Project access token, Group access token", + "line_num": 2, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 39, - "value_end": 47, - "variable": "pw", - "variable_start": 36, - "variable_end": 38, + "value": "glpat-8d5ri2n9g85LAnC9YW85", + "value_start": 0, + "value_end": 26, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.0191930522498036, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1},pw:IhqSb1Gg", - "line_num": 85, - "path": "./tests/samples/doc_various", + "line": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret", + "line_num": 3, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 43, - "value_end": 51, - "variable": "pw", - "variable_start": 40, - "variable_end": 42, + "value": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc", + "value_start": 0, + "value_end": 70, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.9590403170005777, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.981, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "(ssh gildong.hong@98.76.54.32 mailto{1}) pwd:IhqSb1Gg", - "line_num": 87, - "path": "./tests/samples/doc_various", + "line": "gldt-9BeUoeWu2V9uUS3uLoMy # Deploy token", + "line_num": 4, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pwd", - "variable_start": 41, - "variable_end": 44, + "value": "gldt-9BeUoeWu2V9uUS3uLoMy", + "value_start": 0, + "value_end": 25, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 3.947906442097196, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ - { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1}, pw:IhqSb1Gg", - "line_num": 90, - "path": "./tests/samples/doc_various", - "info": "", - "value": "IhqSb1Gg", - "value_start": 44, - "value_end": 52, - "variable": "pw", - "variable_start": 41, - "variable_end": 43, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.984, - "line_data_list": [ - { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} (pwd:IhqSb1Gg)", - "line_num": 93, - "path": "./tests/samples/doc_various", - "info": "", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pwd", - "variable_start": 41, - "variable_end": 44, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.997, - "line_data_list": [ - { - "line": "gildong.hong@98.76.54.32 mailto:{1} (password:IhqSb1Gg)", - "line_num": 94, - "path": "./tests/samples/doc_various", - "info": "", - "value": "IhqSb1Gg", - "value_start": 46, - "value_end": 54, - "variable": "password", - "variable_start": 37, - "variable_end": 45, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ - { - "line": "gildong.hong@98.76.54.32 mailto:{1} Password:IhqSb1Gg", - "line_num": 96, - "path": "./tests/samples/doc_various", - "info": "", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "Password", - "variable_start": 36, - "variable_end": 44, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.97, - "line_data_list": [ - { - "line": "gildong.hong@98.76.54.32 mailto:{1} (pass:IhqSb1Gg)", - "line_num": 97, - "path": "./tests/samples/doc_various", - "info": "", - "value": "IhqSb1Gg", - "value_start": 42, - "value_end": 50, - "variable": "pass", - "variable_start": 37, - "variable_end": 41, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false - } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pw:IhqSb1Gg", - "line_num": 100, - "path": "./tests/samples/doc_various", + "line": "glrt-2CR8_eVxiio-1QmzPZwa # Runner authentication token", + "line_num": 5, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 43, - "value_end": 51, - "variable": "pw", - "variable_start": 40, - "variable_end": 42, + "value": "glrt-2CR8_eVxiio-1QmzPZwa", + "value_start": 0, + "value_end": 25, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 4.006593447001756, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1} pass:IhqSb1Gg", - "line_num": 101, - "path": "./tests/samples/doc_various", + "line": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", + "line_num": 6, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 45, - "value_end": 53, - "variable": "pass", - "variable_start": 40, - "variable_end": 44, + "value": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", + "value_start": 0, + "value_end": 31, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.0736527424503515, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "id:gildong.hong@xxx.com mailto:{1}/password:IhqSb1Gg", - "line_num": 102, - "path": "./tests/samples/doc_various", + "line": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL # CI/CD Job token", + "line_num": 7, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 44, - "value_end": 52, - "variable": "password", - "variable_start": 35, - "variable_end": 43, + "value": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL", + "value_start": 0, + "value_end": 28, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.0208877148903928, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ssh gildong.hong@98.76.54.32 mailto:{1}/password:IhqSb1Gg", - "line_num": 104, - "path": "./tests/samples/doc_various", + "line": "glptt-33276248c9748113e978392e5c074b7f974f8683 # Trigger token", + "line_num": 8, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 49, - "value_end": 57, - "variable": "password", - "variable_start": 40, - "variable_end": 48, + "value": "glptt-33276248c9748113e978392e5c074b7f974f8683", + "value_start": 0, + "value_end": 46, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.8494857514609033, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.994, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "-ANYID:gildong.hong@example.com mailto:{1} -pw:IhqSb1Gg", - "line_num": 105, - "path": "./tests/samples/doc_various", + "line": "glft-Aafqn5A31G-2VipZMh28 # Feed token", + "line_num": 9, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 47, - "value_end": 55, - "variable": "pw", - "variable_start": 44, - "variable_end": 46, + "value": "glft-Aafqn5A31G-2VipZMh28", + "value_start": 0, + "value_end": 25, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, + "entropy": 4.032347694592746, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.995, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "ID:gildong.hong@xxxx.net mailto:{1} pw:IhqSb1Gg", - "line_num": 106, - "path": "./tests/samples/doc_various", + "line": "glimt-1jpqzsnw2n71om0r9kgt06os3 # Incoming mail token", + "line_num": 10, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 39, - "value_end": 47, - "variable": "pw", - "variable_start": 36, - "variable_end": 38, + "value": "glimt-1jpqzsnw2n71om0r9kgt06os3", + "value_start": 0, + "value_end": 31, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.278254493922782, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.996, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "http://98.76.54.32:xxx(pw:IhqSb1Gg)", - "line_num": 108, - "path": "./tests/samples/doc_various", + "line": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg # GitLab agent for Kubernetes token", + "line_num": 11, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "IhqSb1Gg", - "value_start": 26, - "value_end": 34, - "variable": "pw", - "variable_start": 23, - "variable_end": 25, + "value": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg", + "value_start": 0, + "value_end": 58, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0, - "valid": false + "entropy": 5.022276693534148, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": " ", - "line_num": 13, - "path": "./tests/samples/drawio", + "line": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies", + "line_num": 12, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "Dw7^&amp;nd&lt;dj", - "value_start": 162, - "value_end": 187, - "variable": "Password", - "variable_start": 146, - "variable_end": 154, + "value": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2", + "value_start": 0, + "value_end": 48, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.692989956378185, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 4.0144608760283615, + "valid": true } } ] }, { - "rule": "UUID", - "severity": "info", + "rule": "Gitlab Prefix Token", + "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": " ", + "line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens", "line_num": 13, - "path": "./tests/samples/drawio", + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "bace4d19-fa7e-b2e4-1afe-9129474bcd81", - "value_start": 100, - "value_end": 136, + "value": "glsoat-971om0ecn5A386r9k481", + "value_start": 0, + "value_end": 27, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE36_CHARS", - "entropy": 3.254803820546211, + "entropy": 4.106377316818028, "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.93, + "rule": "Gitlab Prefix Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": " ", - "line_num": 16, - "path": "./tests/samples/drawio", + "line": "glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token", + "line_num": 14, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "Df34D&", - "value_start": 60, - "value_end": 69, - "variable": "textpassword", - "variable_start": 46, - "variable_end": 58, + "value": "glffct-AnRWYdo3Si_Xm2Q6n7zu", + "value_start": 0, + "value_end": 27, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.5954888901709445, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.021776853294165, + "valid": true } } ] }, { - "rule": "UUID", - "severity": "info", + "rule": "Gitlab Prefix Token", + "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": " ", - "line_num": 45, - "path": "./tests/samples/drawio", + "line": "GR1348941jG6xeSsmN8DFVKoyBYu2 # Runner registration token", + "line_num": 17, + "path": "./tests/samples/gitlab_prefix_token", "info": "", - "value": "ce49dba1-e4fe-b2a7-4ffa-132bcd819474", - "value_start": 52, - "value_end": 88, + "value": "GR1348941jG6xeSsmN8DFVKoyBYu2", + "value_start": 0, + "value_end": 29, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.3348200572472178, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.582118926162054, "valid": true } } ] }, { - "rule": "Dropbox API secret (long term)", + "rule": "Google API Key", "severity": "high", - "confidence": "weak", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "var g = '7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ'", + "line": "AIzaGiReoG-CrackleCrackle12315618_12315", "line_num": 1, - "path": "./tests/samples/dropbox_api_secret_long_term", + "path": "./tests/samples/google_api_key.toml", "info": "", - "value": "7rBynGo0b1cAAAAAAAAAAc72L3T6rQK51mB5a06ijnwRG91deTxvSqdZNAlxq8pZ", - "value_start": 9, - "value_end": 73, + "value": "AIzaGiReoG-CrackleCrackle12315618_12315", + "value_start": 0, + "value_end": 39, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.89361507332541, + "iterator": "BASE36_CHARS", + "entropy": 3.165196181720608, "valid": true } } ] }, { - "rule": "Dropbox App secret", - "severity": "info", - "confidence": "weak", + "rule": "Google Multi", + "severity": "high", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "var app_unique_val_s = 'wpv1jq9xwanbn3n';", - "line_num": 1, - "path": "./tests/samples/dropbox_app_secret", + "line": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", + "line_num": 2, + "path": "./tests/samples/google_multi", "info": "", - "value": "wpv1jq9xwanbn3n", - "value_start": 24, - "value_end": 39, + "value": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", + "value_start": 0, + "value_end": 72, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.456564762130954, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.531537327540734, "valid": true } + }, + { + "line": "4L2QMyTm6Rr0o46ytGiReoG1", + "line_num": 4, + "path": "./tests/samples/google_multi", + "info": "", + "value": "4L2QMyTm6Rr0o46ytGiReoG1", + "value_start": 0, + "value_end": 24, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.084962500721156, + "valid": false + } } ] }, { - "rule": "Dropbox OAuth2 API Access Token", + "rule": "Google Multi", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "var dropbox = 'sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc';", - "line_num": 1, - "path": "./tests/samples/dropbox_oauth_token", + "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", + "line_num": 18, + "path": "./tests/samples/google_multi", "info": "", - "value": "sl.BdmpmC82mhhySscKk2oQGyE5l--8LdAQftLTXVGQhP39Z8FtAK1BhePhyevurA-Elt7ToIr6OpwzKAYE7RBqpu6VVyQU5WlCTL_Q7N4gElXahaWou6aPpOIwgGCIOq9aeC3YFoc", - "value_start": 15, - "value_end": 153, + "value": "194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com", + "value_start": 6, + "value_end": 78, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.395844179446958, + "entropy": 4.531537327540734, "valid": true } + }, + { + "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", + "line_num": 18, + "path": "./tests/samples/google_multi", + "info": "", + "value": "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", + "value_start": 90, + "value_end": 125, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.436181130262396, + "valid": false + } } ] }, { - "rule": "Dynatrace API Token", + "rule": "Google OAuth Secret", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", - "line_num": 1, - "path": "./tests/samples/dynatrace_api.hs", + "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", + "line_num": 18, + "path": "./tests/samples/google_multi", "info": "", - "value": "dt0c01.ST2EY72KQINMH574WMNVI7YN.G3DFPBEJYMODIDAEX454M7YWBUVEFOWKPRVMWFASS64NFH52PX6BNDVFFM572RZM", - "value_start": 0, - "value_end": 96, + "value": "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", + "value_start": 90, + "value_end": 125, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.80819150678678, - "valid": true + "entropy": 4.436181130262396, + "valid": false } } ] }, { - "rule": "Facebook Access Token", + "rule": "Google OAuth Access Token", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", + "line": "google_oauth_key = \"ya29.gi_reo_gi_crackle_ln22\"", "line_num": 1, - "path": "./tests/samples/facebook_key", + "path": "./tests/samples/google_oauth_key", "info": "", - "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", - "value_start": 28, - "value_end": 115, + "value": "ya29.gi_reo_gi_crackle_ln22", + "value_start": 20, + "value_end": 47, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.936120692057913, + "iterator": "BASE36_CHARS", + "entropy": 3.1797273164975133, "valid": true } } ] }, { - "rule": "Token", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "rule": "Grafana Access Policy Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, + "line_data_list": [ + { + "line": "grafana_policy = 'glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19'", + "line_num": 1, + "path": "./tests/samples/grafana_access_policy_token", + "info": "", + "value": "glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19", + "value_start": 18, + "value_end": 130, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.097632476604023, + "valid": true + } + } + ] + }, + { + "rule": "Grafana Provisioned API Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "GI_REO_GI_FACEBOOK_TOKEN = \"EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD\"", + "line": "grafana = 'eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0='", "line_num": 1, - "path": "./tests/samples/facebook_key", + "path": "./tests/samples/grafana_provisioned_api_key", "info": "", - "value": "EAACEb00Kse0BAlGy7KeQ5YnaCEd09Eose0cBAlGy7KeQ5Yna9CoDsup39tiYdoQ4jH9Coup39tiYdWoQ4jHFZD", - "value_start": 28, - "value_end": 115, - "variable": "GI_REO_GI_FACEBOOK_TOKEN", - "variable_start": 0, - "variable_end": 24, + "value": "eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0=", + "value_start": 11, + "value_end": 107, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.936120692057913, - "valid": true + "entropy": 3.815313051140994, + "valid": false } } ] }, { - "rule": "Facebook App Token", + "rule": "Grafana Service Account Token", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", - "line_num": 2, - "path": "./tests/samples/facebook_key", + "line": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", + "line_num": 1, + "path": "./tests/samples/grafana_service_accounts", "info": "", - "value": "1527194624358273|qbBf2-fdB9zZpqLA0_2nNzZDw2M", + "value": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", "value_start": 0, - "value_end": 44, + "value_end": 46, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.208909927092422, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.52211252299684, "valid": true } } ] }, { - "rule": "Firebase Domain", - "severity": "info", - "confidence": "moderate", + "rule": "Groq API Key", + "severity": "high", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "test-app-domain-42.firebaseapp.com", + "line": "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", "line_num": 1, - "path": "./tests/samples/firebase_domain", + "path": "./tests/samples/groq_api_key", "info": "", - "value": "test-app-domain-42.firebaseapp.com", + "value": "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", "value_start": 0, - "value_end": 34, + "value_end": 56, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.4347510262969525, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.096509298449433, "valid": true } } ] }, { - "rule": "Firebase Domain", - "severity": "info", - "confidence": "moderate", + "rule": "Groq API Key", + "severity": "high", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "test2.io.firebaseio.com", + "line": "url/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?part", "line_num": 2, - "path": "./tests/samples/firebase_domain", + "path": "./tests/samples/groq_api_key", "info": "", - "value": "test2.io.firebaseio.com", - "value_start": 0, - "value_end": 23, + "value": "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", + "value_start": 4, + "value_end": 60, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.1394163745499943, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.096509298449433, "valid": true } } ] }, { - "rule": "Github Classic Token", + "rule": "Hashicorp Terraform Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "ghp_00000000000000000000000000000004WZ4EQ # classic", + "line": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", "line_num": 1, - "path": "./tests/samples/github_classic_token", + "path": "./tests/samples/hashicorp", "info": "", - "value": "ghp_00000000000000000000000000000004WZ4EQ", + "value": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", "value_start": 0, - "value_end": 41, + "value_end": 90, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.4322437698226886, - "valid": false + "entropy": 5.348551883097512, + "valid": true } } ] }, { - "rule": "Github Fine-granted Token", + "rule": "Hashicorp Vault Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "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", + "line": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", "line_num": 2, - "path": "./tests/samples/github_fine_granted_token", + "path": "./tests/samples/hashicorp", "info": "", - "value": "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", + "value": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", "value_start": 0, - "value_end": 93, + "value_end": 94, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.255374790203283, + "entropy": 5.34632109047266, "valid": true } } ] }, { - "rule": "Github Old Token", + "rule": "Heroku API Key", "severity": "high", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": null, "line_data_list": [ { - "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", "line_num": 1, - "path": "./tests/samples/github_key.groovy", + "path": "./tests/samples/heroku_api.toml", "info": "", - "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", - "value_start": 23, - "value_end": 63, + "value": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", + "value_start": 0, + "value_end": 37, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE36_CHARS", - "entropy": 4.246439344671015, + "entropy": 3.48037367471734, "valid": true } } ] }, { - "rule": "Token", - "severity": "medium", + "rule": "Hugging Face User Access Token", + "severity": "high", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": null, "line_data_list": [ { - "line": "GITHUB_ACCESS_TOKEN = \"lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy\"", + "line": "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", "line_num": 1, - "path": "./tests/samples/github_key.groovy", + "path": "./tests/samples/huggingface", "info": "", - "value": "lbyxnhqjfnzhlpnvcvaxjumgvdlnktgugdofmzyy", - "value_start": 23, - "value_end": 63, - "variable": "GITHUB_ACCESS_TOKEN", - "variable_start": 0, - "variable_end": 19, + "value": "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", + "value_start": 0, + "value_end": 37, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.246439344671015, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.561768477310237, "valid": true } } ] }, { - "rule": "Gitlab Incoming Email Token", - "severity": "info", - "confidence": "weak", + "rule": "Hugging Face User Access Token", + "severity": "high", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "var email_t = '7e4v6v5j2nepcc8f5zvatgl9g';", - "line_num": 1, - "path": "./tests/samples/gitlab_email_token", + "line": "url/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/part", + "line_num": 2, + "path": "./tests/samples/huggingface", "info": "", - "value": "7e4v6v5j2nepcc8f5zvatgl9g", - "value_start": 15, - "value_end": 40, + "value": "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", + "value_start": 4, + "value_end": 41, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.133660689688186, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.636224896287628, "valid": true } } ] }, { - "rule": "Gitlab Feed Token", - "severity": "info", - "confidence": "weak", + "rule": "Hugging Face User Access Token", + "severity": "high", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "feed_n = 'o9aEaH32LN618KhF7e_L'", - "line_num": 1, - "path": "./tests/samples/gitlab_feed_token", + "line": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", + "line_num": 6, + "path": "./tests/samples/huggingface", "info": "", - "value": "o9aEaH32LN618KhF7e_L", - "value_start": 10, - "value_end": 30, + "value": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", + "value_start": 0, + "value_end": 37, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.905831690142994, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.034378196565712, + "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "Instagram Access Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "glpat-8d5ri2n9g85LAnC9YW85 # Personal access token, Impersonation token, Project access token, Group access token", - "line_num": 2, - "path": "./tests/samples/gitlab_prefix_token", + "line": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", + "line_num": 1, + "path": "./tests/samples/instagram_access_token", "info": "", - "value": "glpat-8d5ri2n9g85LAnC9YW85", + "value": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", "value_start": 0, - "value_end": 26, + "value_end": 162, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.0191930522498036, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.231644837540698, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.991, + "line_data_list": [ + { + "line": "+ \"password\": \"dkajco1\"", + "line_num": 10, + "path": "./tests/samples/iso_ir_111.patch", + "info": "", + "value": "dkajco1", + "value_start": 16, + "value_end": 23, + "variable": "password", + "variable_start": 4, + "variable_end": 12, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.8073549220576046, + "valid": false + } + } + ] + }, + { + "rule": "Jfrog Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret", - "line_num": 3, - "path": "./tests/samples/gitlab_prefix_token", + "line": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", + "line_num": 1, + "path": "./tests/samples/jfrog_p", "info": "", - "value": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc", + "value": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", "value_start": 0, - "value_end": 70, + "value_end": 64, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.9590403170005777, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.288909765557392, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "Jfrog Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "gldt-9BeUoeWu2V9uUS3uLoMy # Deploy token", - "line_num": 4, - "path": "./tests/samples/gitlab_prefix_token", + "line": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", + "line_num": 2, + "path": "./tests/samples/jfrog_p", "info": "", - "value": "gldt-9BeUoeWu2V9uUS3uLoMy", + "value": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", "value_start": 0, - "value_end": 25, + "value_end": 73, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.947906442097196, - "valid": false + "entropy": 5.353940312186131, + "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", + "rule": "Jira 2FA", + "severity": "info", + "confidence": "weak", "ml_probability": null, "line_data_list": [ { - "line": "glrt-2CR8_eVxiio-1QmzPZwa # Runner authentication token", - "line_num": 5, - "path": "./tests/samples/gitlab_prefix_token", + "line": "WXFES7QNTET5DQYC", + "line_num": 1, + "path": "./tests/samples/jira_2fa", "info": "", - "value": "glrt-2CR8_eVxiio-1QmzPZwa", + "value": "WXFES7QNTET5DQYC", "value_start": 0, - "value_end": 25, + "value_end": 16, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.006593447001756, + "entropy": 3.625, "valid": false } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "Jira / Confluence PAT token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", - "line_num": 6, - "path": "./tests/samples/gitlab_prefix_token", + "line": "TP: https://www.example.com/api/verification/version2322/token/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", + "line_num": 1, + "path": "./tests/samples/jira_confluence_pat", "info": "", - "value": "glcbt-1375_cgpAsnEmP-79kcfRLyK_", - "value_start": 0, - "value_end": 31, + "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", + "value_start": 63, + "value_end": 107, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.0736527424503515, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.606936732175321, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", + "rule": "Jira / Confluence PAT token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL # CI/CD Job token", - "line_num": 7, - "path": "./tests/samples/gitlab_prefix_token", + "line": "TP: \"image/png\": \"iVBORx09VIskhxhCe7sh03R1dnENPiB66xQSIZjEYN13vafX/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ/hZwUteHsmN+z+aoEAAAAvL+Q5FSQGyqIuYrdkYaQZuW1TvI=\\n\",", + "line_num": 2, + "path": "./tests/samples/jira_confluence_pat", "info": "", - "value": "glcbt-0_c1k_AsgyRp4mP-Kcn8fL", - "value_start": 0, - "value_end": 28, + "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", + "value_start": 67, + "value_end": 111, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.0208877148903928, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.606936732175321, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", + "rule": "JSON Web Token", + "severity": "medium", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "glptt-33276248c9748113e978392e5c074b7f974f8683 # Trigger token", - "line_num": 8, - "path": "./tests/samples/gitlab_prefix_token", + "line": "detected: eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", + "line_num": 1, + "path": "./tests/samples/json_web_token", "info": "", - "value": "glptt-33276248c9748113e978392e5c074b7f974f8683", - "value_start": 0, - "value_end": 46, + "value": "eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", + "value_start": 10, + "value_end": 75, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.8494857514609033, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.7909636301034935, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.997, "line_data_list": [ { - "line": "glft-Aafqn5A31G-2VipZMh28 # Feed token", - "line_num": 9, - "path": "./tests/samples/gitlab_prefix_token", + "line": "prKeyValid=LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", + "line_num": 1, + "path": "./tests/samples/key.hs", "info": "", - "value": "glft-Aafqn5A31G-2VipZMh28", - "value_start": 0, - "value_end": 25, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", + "value_start": 11, + "value_end": 335, + "variable": "prKeyValid", + "variable_start": 0, + "variable_end": 10, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.032347694592746, - "valid": false + "entropy": 5.428808109703675, + "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "glimt-1jpqzsnw2n71om0r9kgt06os3 # Incoming mail token", - "line_num": 10, - "path": "./tests/samples/gitlab_prefix_token", + "line": "secret_looks_like_linux_path_1=\"/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF\"", + "line_num": 2, + "path": "./tests/samples/key.hs", "info": "", - "value": "glimt-1jpqzsnw2n71om0r9kgt06os3", - "value_start": 0, - "value_end": 31, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path_1", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.278254493922782, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.834183719779189, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg # GitLab agent for Kubernetes token", - "line_num": 11, - "path": "./tests/samples/gitlab_prefix_token", + "line": "secret_looks_like_linux_path_2=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF\"", + "line_num": 3, + "path": "./tests/samples/key.hs", "info": "", - "value": "glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg", - "value_start": 0, - "value_end": 58, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path_2", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.022276693534148, + "entropy": 4.784183719779188, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies", - "line_num": 12, - "path": "./tests/samples/gitlab_prefix_token", + "line": "secret_looks_like_linux_path_3=\"VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=\"", + "line_num": 4, + "path": "./tests/samples/key.hs", "info": "", - "value": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2", - "value_start": 0, - "value_end": 48, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path_3", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.0144608760283615, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.834183719779189, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Secret", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.999, "line_data_list": [ { - "line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens", - "line_num": 13, - "path": "./tests/samples/gitlab_prefix_token", + "line": "secret_looks_like_linux_path__=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE\"", + "line_num": 5, + "path": "./tests/samples/key.hs", "info": "", - "value": "glsoat-971om0ecn5A386r9k481", - "value_start": 0, - "value_end": 27, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE", + "value_start": 32, + "value_end": 72, + "variable": "secret_looks_like_linux_path__", + "variable_start": 0, + "variable_end": 30, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.106377316818028, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.8530559073332755, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token", - "line_num": 14, - "path": "./tests/samples/gitlab_prefix_token", + "line": "\"https://example.com/api/js?key=dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB&bug=true\"", + "line_num": 7, + "path": "./tests/samples/key.hs", "info": "", - "value": "glffct-AnRWYdo3Si_Xm2Q6n7zu", - "value_start": 0, - "value_end": 27, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB", + "value_start": 32, + "value_end": 87, + "variable": "key", + "variable_start": 28, + "variable_end": 31, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.021776853294165, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.962822440640042, "valid": true } } ] }, { - "rule": "Gitlab Prefix Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Key", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "GR1348941jG6xeSsmN8DFVKoyBYu2 # Runner registration token", - "line_num": 17, - "path": "./tests/samples/gitlab_prefix_token", + "line": "$key = 'gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", + "line_num": 1, + "path": "./tests/samples/key.php", "info": "", - "value": "GR1348941jG6xeSsmN8DFVKoyBYu2", - "value_start": 0, - "value_end": 29, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", + "value_start": 8, + "value_end": 64, + "variable": "$key", + "variable_start": 0, + "variable_end": 4, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.582118926162054, + "entropy": 4.9677201004745, "valid": true } } ] }, { - "rule": "Google API Key", + "rule": "MailChimp API Key", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "AIzaGiReoG-CrackleCrackle12315618_12315", + "line": "mailchimp = \"LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36\"", "line_num": 1, - "path": "./tests/samples/google_api_key.toml", + "path": "./tests/samples/mailchimp_key", "info": "", - "value": "AIzaGiReoG-CrackleCrackle12315618_12315", - "value_start": 0, - "value_end": 39, + "value": "LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36", + "value_start": 13, + "value_end": 50, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.165196181720608, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.615822531364292, "valid": true } } ] }, { - "rule": "Google Multi", + "rule": "MailGun API Key", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", - "line_num": 2, - "path": "./tests/samples/google_multi", - "info": "", - "value": "194206074328-qp89pdv6fi35vsi71258g1eh31q6h7c3.apps.googleusercontent.com", - "value_start": 0, - "value_end": 72, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.531537327540734, - "valid": true - } - }, - { - "line": "4L2QMyTm6Rr0o46ytGiReoG1", - "line_num": 4, - "path": "./tests/samples/google_multi", + "line": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", + "line_num": 1, + "path": "./tests/samples/mailgun_key.hs", "info": "", - "value": "4L2QMyTm6Rr0o46ytGiReoG1", + "value": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", "value_start": 0, - "value_end": 24, + "value_end": 36, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.084962500721156, + "entropy": 4.484377779059832, "valid": false } } ] }, { - "rule": "Google Multi", + "rule": "AWS Client ID", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", - "line_num": 18, - "path": "./tests/samples/google_multi", - "info": "", - "value": "194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com", - "value_start": 6, - "value_end": 78, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.531537327540734, - "valid": true - } - }, - { - "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", - "line_num": 18, - "path": "./tests/samples/google_multi", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 45, + "path": "./tests/samples/multifile.patch", "info": "", - "value": "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", - "value_start": 90, - "value_end": 125, + "value": "AKIAQWADE5R42RDZ4JEM", + "value_start": 11, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.436181130262396, + "entropy": 3.6841837197791887, "valid": false } } ] }, { - "rule": "Google OAuth Secret", + "rule": "AWS Multi", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "\"id\":\"194206074328-qdv6fi3eh31q6h7c35vsi7p89p1258g1.apps.googleusercontent.com\",\"CEKPET\":\"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\",", - "line_num": 18, - "path": "./tests/samples/google_multi", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 45, + "path": "./tests/samples/multifile.patch", "info": "", - "value": "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", - "value_start": 90, - "value_end": 125, + "value": "AKIAQWADE5R42RDZ4JEM", + "value_start": 11, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.436181130262396, + "entropy": 3.6841837197791887, "valid": false } - } - ] - }, - { - "rule": "Google OAuth Access Token", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "google_oauth_key = \"ya29.gi_reo_gi_crackle_ln22\"", - "line_num": 1, - "path": "./tests/samples/google_oauth_key", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 46, + "path": "./tests/samples/multifile.patch", "info": "", - "value": "ya29.gi_reo_gi_crackle_ln22", - "value_start": 20, - "value_end": 47, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.1797273164975133, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.784183719779189, "valid": true } } ] }, { - "rule": "Grafana Access Policy Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Token", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.998, "line_data_list": [ { - "line": "grafana_policy = 'glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19'", - "line_num": 1, - "path": "./tests/samples/grafana_access_policy_token", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 46, + "path": "./tests/samples/multifile.patch", "info": "", - "value": "glc_eyJvIjoiMjA0NjMwIiwibiI6InRlc3QtdG9rZW4iLCJrIjoidklnbjJ2WHc5MTVXOWtNOWxsNHcyZHEyIiwibSI6eyJyIjoicHJvZC0wIn19", - "value_start": 18, - "value_end": 130, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, + "variable": "token", + "variable_start": 3, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.097632476604023, + "entropy": 4.784183719779189, "valid": true } } ] }, { - "rule": "Grafana Provisioned API Key", + "rule": "AWS Client ID", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "grafana = 'eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0='", - "line_num": 1, - "path": "./tests/samples/grafana_provisioned_api_key", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 8, + "path": "./tests/samples/multiline.patch", "info": "", - "value": "eyJrIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMCIsIm4iOiJ4eHh4IiwiaWQiOjIwNDM2MH0=", + "value": "AKIAQWADE5R42RDZ4JEM", "value_start": 11, - "value_end": 107, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.815313051140994, + "entropy": 3.6841837197791887, "valid": false } } ] }, { - "rule": "Grafana Service Account Token", + "rule": "AWS Multi", "severity": "high", - "confidence": "strong", + "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", - "line_num": 1, - "path": "./tests/samples/grafana_service_accounts", + "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line_num": 8, + "path": "./tests/samples/multiline.patch", "info": "", - "value": "glsa_ThisI5NtTheTok3nYou8reLo0k1ngF0r_0a2a3df7", - "value_start": 0, - "value_end": 46, + "value": "AKIAQWADE5R42RDZ4JEM", + "value_start": 11, + "value_end": 31, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.52211252299684, - "valid": true + "entropy": 3.6841837197791887, + "valid": false } - } - ] - }, - { - "rule": "Groq API Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "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", - "line_num": 1, - "path": "./tests/samples/groq_api_key", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 9, + "path": "./tests/samples/multiline.patch", "info": "", - "value": "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", - "value_start": 0, - "value_end": 56, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.096509298449433, + "entropy": 4.784183719779189, "valid": true } } ] }, { - "rule": "Groq API Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Token", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.998, "line_data_list": [ { - "line": "url/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?part", - "line_num": 2, - "path": "./tests/samples/groq_api_key", + "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line_num": 9, + "path": "./tests/samples/multiline.patch", "info": "", - "value": "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", - "value_start": 4, - "value_end": 60, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", + "value_start": 12, + "value_end": 52, + "variable": "token", + "variable_start": 3, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.096509298449433, + "entropy": 4.784183719779189, "valid": true } } ] }, { - "rule": "Hashicorp Terraform Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Nonce", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", + "line": "nonce = 'bsfcvir57nt40rydvtbhs8lzbgljmet5'", "line_num": 1, - "path": "./tests/samples/hashicorp", + "path": "./tests/samples/nonce.py", "info": "", - "value": "Z28P3STmkBQi1Y.atlasv1.YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", - "value_start": 0, - "value_end": 90, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "bsfcvir57nt40rydvtbhs8lzbgljmet5", + "value_start": 9, + "value_end": 41, + "variable": "nonce", + "variable_start": 0, + "variable_end": 5, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.348551883097512, + "iterator": "BASE36_CHARS", + "entropy": 4.390319531114783, "valid": true } } ] }, { - "rule": "Hashicorp Vault Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", - "line_num": 2, - "path": "./tests/samples/hashicorp", + "line": "password: F1lT3ReDw17hQoT3s", + "line_num": 3, + "path": "./tests/samples/nonce.py", "info": "", - "value": "hvs.atlasv1-Z28P3STmkBQi1Y-YE7RBqu6VVyQIOq9a1eC3YFU5Elt7ToIr6OwzKAWlCTQ7N4gElXaWou6aPpOIwGCoc0", - "value_start": 0, - "value_end": 94, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "F1lT3ReDw17hQoT3s", + "value_start": 10, + "value_end": 27, + "variable": "password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.34632109047266, - "valid": true + "entropy": 3.734521664779752, + "valid": false } } ] }, { - "rule": "Heroku API Key", - "severity": "high", + "rule": "Key", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, + "ml_probability": 0.999, "line_data_list": [ { - "line": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", - "line_num": 1, - "path": "./tests/samples/heroku_api.toml", + "line": "key_wrap = 'KJHhJKhKU7yguyuyfrtsdESffhjgkhYT\\", + "line_num": 7, + "path": "./tests/samples/nonce.py", "info": "", - "value": "HerOkUa04b8c1d-A147-b252-3b6a8f9c2b16", - "value_start": 0, - "value_end": 37, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "KJHhJKhKU7yguyuyfrtsdESffhjgkhYT", + "value_start": 12, + "value_end": 44, + "variable": "key_wrap", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.48037367471734, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.116729296672174, + "valid": false } } ] }, { - "rule": "Hugging Face User Access Token", - "severity": "high", + "rule": "Key", + "severity": "medium", "confidence": "moderate", - "ml_probability": null, + "ml_probability": 1.0, "line_data_list": [ { - "line": "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", - "line_num": 1, - "path": "./tests/samples/huggingface", + "line": "key_multi = '''KJHfdjs8767gr54534wsFHGf5hJKhK", + "line_num": 11, + "path": "./tests/samples/nonce.py", "info": "", - "value": "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", - "value_start": 0, - "value_end": 37, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "KJHfdjs8767gr54534wsFHGf5hJKhK", + "value_start": 15, + "value_end": 45, + "variable": "key_multi", + "variable_start": 0, + "variable_end": 9, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.561768477310237, - "valid": true + "entropy": 4.123231428797621, + "valid": false } } ] }, { - "rule": "Hugging Face User Access Token", + "rule": "NuGet API key", "severity": "high", "confidence": "moderate", "ml_probability": null, "line_data_list": [ { - "line": "url/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/part", - "line_num": 2, - "path": "./tests/samples/huggingface", + "line": "k = 'oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam'", + "line_num": 1, + "path": "./tests/samples/nuget_api_key", "info": "", - "value": "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", - "value_start": 4, - "value_end": 41, + "value": "oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam", + "value_start": 5, + "value_end": 51, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.636224896287628, + "entropy": 4.561286684176785, "valid": true } } ] }, { - "rule": "Hugging Face User Access Token", + "rule": "OpenAI Token", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", - "line_num": 6, - "path": "./tests/samples/huggingface", + "line": "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", + "line_num": 2, + "path": "./tests/samples/open_ai_token", "info": "", - "value": "hf_UdYjVqYvybBLEhIrwwEUYjOgkeyexample", + "value": "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", "value_start": 0, - "value_end": 37, + "value_end": 51, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.034378196565712, + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.1150270509100295, "valid": true } } ] }, { - "rule": "Instagram Access Token", + "rule": "OpenAI Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", - "line_num": 1, - "path": "./tests/samples/instagram_access_token", + "line": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", + "line_num": 3, + "path": "./tests/samples/open_ai_token", "info": "", - "value": "IGQVJWS3pUNmZA2MUJDVlRwLW9ac1lrU05nZAmpzWHQtWHFJSEFRMF9tWVpRdEd70HQ5Wk8wSnY0R0VEQnVQdUU0MnpxNWxocUYyNmZAXSTUtVVNrMmh1ZAHZAQQno2ZA0VHR0lLWkk1N1R5RDFvM0dmVEpIYQZGZX", + "value": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", "value_start": 0, - "value_end": 162, + "value_end": 56, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.231644837540698, + "entropy": 5.086469255159773, "valid": true } } @@ -7680,881 +7014,884 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 1.0, "line_data_list": [ { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 10, - "path": "./tests/samples/iso_ir_111.patch", + "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", + "line_num": 1, + "path": "./tests/samples/passwd.groovy", "info": "", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, + "value": "cAc48k1Zd7", + "value_start": 20, + "value_end": 30, + "variable": "gi_reo_gi_passwd", + "variable_start": 0, + "variable_end": 16, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, + "entropy": 3.121928094887362, "valid": false } } ] }, { - "rule": "Jfrog Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", + "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", "line_num": 1, - "path": "./tests/samples/jfrog_p", + "path": "./tests/samples/passwd.groovy", "info": "", - "value": "cmVmdGtuOjAxOjAxMjM0NTY3ODk6QWJjZGVmR2hpamtsbW5vUHFyc3R1dnd4eXow", - "value_start": 0, - "value_end": 64, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "cAc48k1Zd7", + "value_start": 58, + "value_end": 68, + "variable": "password_confirmation", + "variable_start": 33, + "variable_end": 54, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.288909765557392, - "valid": true + "entropy": 3.121928094887362, + "valid": false } } ] }, { - "rule": "Jfrog Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.632, "line_data_list": [ { - "line": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", - "line_num": 2, - "path": "./tests/samples/jfrog_p", + "line": "password = \"cackle!\"", + "line_num": 1, + "path": "./tests/samples/password.gradle", "info": "", - "value": "AKCp2UNCd8uK7hQoxZnFE4PGtRHnAcBHr43HgLcj7nJmWb4JhVUqBwa2iwXszftnogpo2EVFa", - "value_start": 0, - "value_end": 73, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "cackle!", + "value_start": 12, + "value_end": 19, + "variable": "password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.353940312186131, - "valid": true + "entropy": 2.120589933192232, + "valid": false } } ] }, { - "rule": "Jira 2FA", - "severity": "info", - "confidence": "weak", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.991, "line_data_list": [ { - "line": "WXFES7QNTET5DQYC", - "line_num": 1, - "path": "./tests/samples/jira_2fa", + "line": "+ \"password\": \"dkajco1\"", + "line_num": 9, + "path": "./tests/samples/password.patch", "info": "", - "value": "WXFES7QNTET5DQYC", - "value_start": 0, - "value_end": 16, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "dkajco1", + "value_start": 16, + "value_end": 23, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.625, + "entropy": 2.8073549220576046, "valid": false } } ] }, { - "rule": "Jira / Confluence PAT token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "TP: https://www.example.com/api/verification/version2322/token/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", + "line": "password = \"MYPSWRD!@#$%^&*\"", "line_num": 1, - "path": "./tests/samples/jira_confluence_pat", + "path": "./tests/samples/password.tfvars", "info": "", - "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", - "value_start": 63, - "value_end": 107, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "MYPSWRD!@#$%^&*", + "value_start": 12, + "value_end": 27, + "variable": "password", + "variable_start": 0, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.606936732175321, - "valid": true + "entropy": 1.8232156112839757, + "valid": false } } ] }, { - "rule": "Jira / Confluence PAT token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.995, "line_data_list": [ { - "line": "TP: \"image/png\": \"iVBORx09VIskhxhCe7sh03R1dnENPiB66xQSIZjEYN13vafX/OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ/hZwUteHsmN+z+aoEAAAAvL+Q5FSQGyqIuYrdkYaQZuW1TvI=\\n\",", + "line": "my_pw: nCzx8A8#!", "line_num": 2, - "path": "./tests/samples/jira_confluence_pat", + "path": "./tests/samples/password_TRUE", "info": "", - "value": "OTI2NjA3NjU1NTI2Oh2DOnASdOHoIhEGyqIuYrdkYaQZ", - "value_start": 67, - "value_end": 111, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "nCzx8A8#!", + "value_start": 7, + "value_end": 16, + "variable": "my_pw", + "variable_start": 0, + "variable_end": 5, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.606936732175321, - "valid": true + "entropy": 2.2432750011217983, + "valid": false } } ] }, { - "rule": "JSON Web Token", + "rule": "Password", "severity": "medium", - "confidence": "strong", - "ml_probability": null, + "confidence": "moderate", + "ml_probability": 0.827, "line_data_list": [ { - "line": "detected: eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", - "line_num": 1, - "path": "./tests/samples/json_web_token", + "line": "val password: String = \"exord13Paw64\", // scala", + "line_num": 3, + "path": "./tests/samples/password_TRUE", "info": "", - "value": "eyJhbGciOiJSUzI1NiJ9Cg.eyJleHAiOjY1NTM2fQo.Ce7sh0ENPiBlE_dose0cBA", - "value_start": 10, - "value_end": 75, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "exord13Paw64", + "value_start": 24, + "value_end": 36, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.7909636301034935, + "iterator": "BASE36_CHARS", + "entropy": 3.2862156256610597, "valid": true } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.875, "line_data_list": [ { - "line": "prKeyValid=LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", - "line_num": 1, - "path": "./tests/samples/key.hs", + "line": "if passworsd != \"x6s7djtEa\": # __ne__ separator", + "line_num": 6, + "path": "./tests/samples/password_TRUE", "info": "", - "value": "LS0tLS1CRUdJTiBQUklWQVRFIENDcUdTTTQ5QXdFSEJHMHdhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJBTkNBQVNnRlRLandKQUFVOTVnKysvdnpLV0hrekFWbU5NSQp0QjV2VGpaT09Jd25FYjcwTXNXWkZJeVVGRDFQOUd3c3R6NCtha0hYN3ZJOEJINmhIbUJtZmVRbAotLS0tLUVORCBQUklWJNR0J5cUdTTTQ5QW5aUHhmQXl4cUUKWlYwNdFR0QVRFIEtFWS0tLS0tCgtFWS0tLS0tCk1JR0hBZ0VBTU==", - "value_start": 11, - "value_end": 335, - "variable": "prKeyValid", - "variable_start": 0, - "variable_end": 10, + "value": "x6s7djtEa", + "value_start": 17, + "value_end": 26, + "variable": "passworsd", + "variable_start": 3, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.428808109703675, - "valid": true + "entropy": 3.169925001442312, + "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret_looks_like_linux_path_1=\"/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF\"", - "line_num": 2, - "path": "./tests/samples/key.hs", + "line": "password=2bkJgtJDiLcq1t", + "line_num": 7, + "path": "./tests/samples/password_TRUE", "info": "", - "value": "/VnpmUGWxhQW9KQAwrL2ZYdDJPNG1PQjYxMXNPaF", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path_1", + "value": "2bkJgtJDiLcq1t", + "value_start": 9, + "value_end": 23, + "variable": "password", "variable_start": 0, - "variable_end": 30, + "variable_end": 8, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.834183719779189, - "valid": true + "entropy": 3.521640636343319, + "valid": false } } ] }, { - "rule": "Secret", - "severity": "medium", + "rule": "CMD Password", + "severity": "high", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret_looks_like_linux_path_2=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF\"", - "line_num": 3, - "path": "./tests/samples/key.hs", + "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", + "line_num": 8, + "path": "./tests/samples/password_TRUE", "info": "", - "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjYxMXNPF", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path_2", - "variable_start": 0, - "variable_end": 30, + "value": "nCzx8A8#!", + "value_start": 46, + "value_end": 55, + "variable": "passin", + "variable_start": 33, + "variable_end": 39, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779188, - "valid": true + "entropy": 2.2432750011217983, + "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret_looks_like_linux_path_3=\"VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=\"", - "line_num": 4, - "path": "./tests/samples/key.hs", + "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", + "line_num": 8, + "path": "./tests/samples/password_TRUE", "info": "", - "value": "VnpmUGWxhQW/9KQAwrL2ZYdDJPNG1PQjYxMXNPF=", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path_3", - "variable_start": 0, - "variable_end": 30, + "value": "nCzx8A8#!", + "value_start": 46, + "value_end": 55, + "variable": "pass", + "variable_start": 41, + "variable_end": 45, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.834183719779189, - "valid": true + "entropy": 2.2432750011217983, + "valid": false } } ] }, { - "rule": "Secret", + "rule": "Password", "severity": "medium", "confidence": "moderate", "ml_probability": 1.0, "line_data_list": [ { - "line": "secret_looks_like_linux_path__=\"VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE\"", - "line_num": 5, - "path": "./tests/samples/key.hs", + "line": "MYSQL_DATABASE_USER=CRED;MYSQL_DATABASE_PASSWORD=2IWJD88FH4Y;", + "line_num": 12, + "path": "./tests/samples/password_TRUE", "info": "", - "value": "VnpmUGWxhQW/9KQAwrL2ZYd/DJPNG1PQjEXAMbLE", - "value_start": 32, - "value_end": 72, - "variable": "secret_looks_like_linux_path__", - "variable_start": 0, - "variable_end": 30, + "value": "2IWJD88FH4Y", + "value_start": 49, + "value_end": 60, + "variable": "MYSQL_DATABASE_PASSWORD", + "variable_start": 25, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.8530559073332755, - "valid": true + "entropy": 3.2776134368191165, + "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.991, "line_data_list": [ { - "line": "\"https://example.com/api/js?key=dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB&bug=true\"", - "line_num": 7, - "path": "./tests/samples/key.hs", + "line": "+ \"password\": \"dkajco1\"", + "line_num": 10, + "path": "./tests/samples/password_utf16.patch", "info": "", - "value": "dhd0lCQVFRZ0ViVnpmUGWxhQW9KQWwrLzZYdDJPNG1PQjYxMXNPaFJB", - "value_start": 32, - "value_end": 87, - "variable": "key", - "variable_start": 28, - "variable_end": 31, + "value": "dkajco1", + "value_start": 16, + "value_end": 23, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.962822440640042, - "valid": true + "entropy": 2.8073549220576046, + "valid": false } } ] }, { - "rule": "Key", + "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 1.0, + "ml_probability": 0.882, "line_data_list": [ { - "line": "$key = 'gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", - "line_num": 1, - "path": "./tests/samples/key.php", + "line": "+ \"password\": \"dkajc\u00f61\"", + "line_num": 9, + "path": "./tests/samples/password_western.patch", "info": "", - "value": "gmUGWxhQW9KQWdhd0lCQVFRZ0ViVnpwrLzZYdDJPNG1PQjYxMXNPaFJ1", - "value_start": 8, - "value_end": 64, - "variable": "$key", - "variable_start": 0, - "variable_end": 4, + "value": "dkajc\u00f61", + "value_start": 16, + "value_end": 23, + "variable": "password", + "variable_start": 4, + "variable_end": 12, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.9677201004745, - "valid": true + "entropy": 2.4063042189065182, + "valid": false } } ] }, { - "rule": "MailChimp API Key", + "rule": "PayPal Braintree Access Token", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "mailchimp = \"LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36\"", + "line": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", "line_num": 1, - "path": "./tests/samples/mailchimp_key", + "path": "./tests/samples/paypal_key", "info": "", - "value": "LRINSm5Vdi9BMCzCWSJ8M3TMysUHwDzB-us36", - "value_start": 13, - "value_end": 50, + "value": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", + "value_start": 0, + "value_end": 73, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.615822531364292, + "iterator": "BASE36_CHARS", + "entropy": 4.125814952938168, "valid": true } } ] }, { - "rule": "MailGun API Key", + "rule": "PEM Private Key", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", - "line_num": 1, - "path": "./tests/samples/mailgun_key.hs", + "line": "str value = \"-----BEGIN RSA PRIVATE KEY-----\\n\" +", + "line_num": 2, + "path": "./tests/samples/pem_key", "info": "", - "value": "key-01tFV84CdKU95USNy977sDU0FoTkqXyQ", - "value_start": 0, - "value_end": 36, + "value": "-----BEGIN RSA PRIVATE KEY-----", + "value_start": 13, + "value_end": 44, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.484377779059832, + "entropy": 2.529698260800009, "valid": false } - } - ] - }, - { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", - "line_num": 45, - "path": "./tests/samples/multifile.patch", + "line": "\"MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+ \\n\"", + "line_num": 3, + "path": "./tests/samples/pem_key", "info": "", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "value": "MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+", + "value_start": 1, + "value_end": 103, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.429600283437102, + "valid": true } - } - ] - }, - { - "rule": "AWS Multi", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", - "line_num": 45, - "path": "./tests/samples/multifile.patch", + "line": "\t+ \"WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o\\r \\n\"", + "line_num": 4, + "path": "./tests/samples/pem_key", "info": "", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "value": "WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o", + "value_start": 4, + "value_end": 104, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.307627100346911, + "valid": true } }, { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", - "line_num": 46, - "path": "./tests/samples/multifile.patch", + "line": "\" CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr \"", + "line_num": 5, + "path": "./tests/samples/pem_key", "info": "", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, + "value": "CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr", + "value_start": 3, + "value_end": 102, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, + "entropy": 5.391947595190542, "valid": true } - } - ] - }, - { - "rule": "Token", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, - "line_data_list": [ + }, { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", - "line_num": 46, - "path": "./tests/samples/multifile.patch", + "line": "\t\t\"9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC \\\\", + "line_num": 6, + "path": "./tests/samples/pem_key", "info": "", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, - "variable": "token", - "variable_start": 3, - "variable_end": 8, + "value": "9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC", + "value_start": 3, + "value_end": 86, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, + "entropy": 5.410712925114302, "valid": true } - } - ] - }, - { - "rule": "AWS Client ID", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", - "line_num": 8, - "path": "./tests/samples/multiline.patch", + "line": "\"\"\" mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV \"\"\" +", + "line_num": 7, + "path": "./tests/samples/pem_key", "info": "", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "value": "mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV", + "value_start": 4, + "value_end": 90, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.417032341684991, + "valid": true } - } - ] - }, - { - "rule": "AWS Multi", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, - "line_data_list": [ + }, { - "line": "+ clid = \"AKIAQWADE5R42RDZ4JEM\"", + "line": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B\\r\\n", "line_num": 8, - "path": "./tests/samples/multiline.patch", + "path": "./tests/samples/pem_key", "info": "", - "value": "AKIAQWADE5R42RDZ4JEM", - "value_start": 11, - "value_end": 31, + "value": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B", + "value_start": 0, + "value_end": 106, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.6841837197791887, - "valid": false + "entropy": 5.497697548960291, + "valid": true } }, { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", + "line": "\"amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB\\\\", "line_num": 9, - "path": "./tests/samples/multiline.patch", + "path": "./tests/samples/pem_key", "info": "", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, + "value": "amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB", + "value_start": 1, + "value_end": 110, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 5.30959588168204, + "valid": true + } + }, + { + "line": "Uaxk9J5Th8BXPyC1mclPMS7J\\\\\\\\ngMuobiFdIpryq51pvHkCQQDInvDaKI24Ho+cj6SCKnEO4kbjh/yx1XGwNmY0ld1i\\\\r5micHFiMI7/IcVZ4\\n", + "line_num": 10, + "path": "./tests/samples/pem_key", + "info": "", + "value": "Uaxk9J5Th8BXPyC1mclPMS7J", + "value_start": 0, + "value_end": 24, + "variable": null, + "variable_start": -2, + "variable_end": -2, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 4.418295834054489, + "valid": false + } + }, + { + "line": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----\"\"\";", + "line_num": 11, + "path": "./tests/samples/pem_key", + "info": "", + "value": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----", + "value_start": 0, + "value_end": 59, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, - "valid": true + "entropy": 3.872106351098176, + "valid": false } } ] }, { - "rule": "Token", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.998, + "rule": "PEM Private Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "+ token = \"V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ\"", - "line_num": 9, - "path": "./tests/samples/multiline.patch", + "line": "char pk[] = \"\\\\n-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----\\n\";", + "line_num": 14, + "path": "./tests/samples/pem_key", "info": "", - "value": "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ", - "value_start": 12, - "value_end": 52, - "variable": "token", - "variable_start": 3, - "variable_end": 8, + "value": "-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----", + "value_start": 16, + "value_end": 262, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.784183719779189, + "entropy": 4.884128060579623, "valid": true } } ] }, { - "rule": "Nonce", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "PEM Private Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "nonce = 'bsfcvir57nt40rydvtbhs8lzbgljmet5'", - "line_num": 1, - "path": "./tests/samples/nonce.py", + "line": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", + "line_num": 27, + "path": "./tests/samples/pem_key", "info": "", - "value": "bsfcvir57nt40rydvtbhs8lzbgljmet5", - "value_start": 9, - "value_end": 41, - "variable": "nonce", - "variable_start": 0, - "variable_end": 5, + "value": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", + "value_start": 0, + "value_end": 47, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.390319531114783, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.0185646866544076, + "valid": false } - } - ] - }, - { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, - "line_data_list": [ + }, { - "line": "password: F1lT3ReDw17hQoT3s", - "line_num": 3, - "path": "./tests/samples/nonce.py", + "line": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", + "line_num": 28, + "path": "./tests/samples/pem_key", "info": "", - "value": "F1lT3ReDw17hQoT3s", - "value_start": 10, - "value_end": 27, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "value": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", + "value_start": 0, + "value_end": 120, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.734521664779752, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.2083460372948154, + "valid": true } - } - ] - }, - { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, - "line_data_list": [ + }, { - "line": "key_wrap = 'KJHhJKhKU7yguyuyfrtsdESffhjgkhYT\\", - "line_num": 7, - "path": "./tests/samples/nonce.py", + "line": "-----END LOW ENTROPY PRIVATE KEY-----", + "line_num": 29, + "path": "./tests/samples/pem_key", "info": "", - "value": "KJHhJKhKU7yguyuyfrtsdESffhjgkhYT", - "value_start": 12, - "value_end": 44, - "variable": "key_wrap", - "variable_start": 0, - "variable_end": 8, + "value": "-----END LOW ENTROPY PRIVATE KEY-----", + "value_start": 0, + "value_end": 37, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.116729296672174, + "entropy": 2.6977683083639423, "valid": false } } ] }, { - "rule": "Key", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "rule": "Picatic API Key", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "key_multi = '''KJHfdjs8767gr54534wsFHGf5hJKhK", - "line_num": 11, - "path": "./tests/samples/nonce.py", + "line": "sk_live_gireogicracklegireogicrackle1231", + "line_num": 1, + "path": "./tests/samples/picatic_key", "info": "", - "value": "KJHfdjs8767gr54534wsFHGf5hJKhK", - "value_start": 15, - "value_end": 45, - "variable": "key_multi", - "variable_start": 0, - "variable_end": 9, + "value": "sk_live_gireogicracklegireogicrackle1231", + "value_start": 0, + "value_end": 40, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.123231428797621, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.48760529131298, + "valid": true } } ] }, { - "rule": "NuGet API key", + "rule": "Stripe Credentials", "severity": "high", - "confidence": "moderate", + "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "k = 'oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam'", + "line": "sk_live_gireogicracklegireogicrackle1231", "line_num": 1, - "path": "./tests/samples/nuget_api_key", + "path": "./tests/samples/picatic_key", "info": "", - "value": "oy2mlf2v7jl2firuegfqwzc4zxyebz3ethzd14g4hw4iam", - "value_start": 5, - "value_end": 51, + "value": "sk_live_gireogicracklegireogicrackle1231", + "value_start": 0, + "value_end": 40, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.561286684176785, + "iterator": "BASE36_CHARS", + "entropy": 3.48760529131298, "valid": true } } ] }, { - "rule": "OpenAI Token", + "rule": "PyPi API Token", "severity": "high", "confidence": "strong", "ml_probability": null, "line_data_list": [ { - "line": "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", - "line_num": 2, - "path": "./tests/samples/open_ai_token", + "line": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", + "line_num": 1, + "path": "./tests/samples/pypi_token", "info": "", - "value": "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", + "value": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", "value_start": 0, - "value_end": 51, + "value_end": 179, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.1150270509100295, + "entropy": 5.493434473754406, "valid": true } } ] }, { - "rule": "OpenAI Token", - "severity": "high", - "confidence": "strong", + "rule": "Salesforce Credentials", + "severity": "medium", + "confidence": "weak", "ml_probability": null, "line_data_list": [ { - "line": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", - "line_num": 3, - "path": "./tests/samples/open_ai_token", + "line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", + "line_num": 2, + "path": "./tests/samples/salesfoce", "info": "", - "value": "sk-proj-qa25MV9c7Qu0EjDIEWdcT3BlbkFJ83uCF0K4yw7RzpY39bio", - "value_start": 0, - "value_end": 56, + "value": "00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", + "value_start": 8, + "value_end": 120, "variable": null, "variable_start": -2, "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.086469255159773, + "entropy": 5.076545709916438, "valid": true } } ] }, { - "rule": "Password", + "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { - "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", + "line": "salt1 = b\"\\x23!\\xae2389x&543@\"", "line_num": 1, - "path": "./tests/samples/passwd.groovy", + "path": "./tests/samples/salt.py", "info": "", - "value": "cAc48k1Zd7", - "value_start": 20, - "value_end": 30, - "variable": "gi_reo_gi_passwd", + "value": "\\x23!\\xae2389x&543@", + "value_start": 10, + "value_end": 29, + "variable": "salt1", + "variable_start": 0, + "variable_end": 5, + "entropy_validation": { + "iterator": "BASE64STDPAD_CHARS", + "entropy": 2.5242742202043824, + "valid": false + } + } + ] + }, + { + "rule": "Salt", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 0.904, + "line_data_list": [ + { + "line": "salt2 = r\"\"\"\\0x12\\0x3s\"\"\"", + "line_num": 2, + "path": "./tests/samples/salt.py", + "info": "", + "value": "\\0x12\\0x3s", + "value_start": 12, + "value_end": 22, + "variable": "salt2", "variable_start": 0, - "variable_end": 16, + "variable_end": 5, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.121928094887362, + "entropy": 2.25754247590989, "valid": false } } ] }, { - "rule": "Password", + "rule": "Salt", "severity": "medium", "confidence": "moderate", "ml_probability": 0.998, "line_data_list": [ { - "line": "gi_reo_gi_passwd = \"cAc48k1Zd7\"; password_confirmation = \"cAc48k1Zd7\";", - "line_num": 1, - "path": "./tests/samples/passwd.groovy", + "line": "salt3 = u\"\\u0020827634876\"", + "line_num": 3, + "path": "./tests/samples/salt.py", "info": "", - "value": "cAc48k1Zd7", - "value_start": 58, - "value_end": 68, - "variable": "password_confirmation", - "variable_start": 33, - "variable_end": 54, + "value": "\\u0020827634876", + "value_start": 10, + "value_end": 25, + "variable": "salt3", + "variable_start": 0, + "variable_end": 5, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.121928094887362, + "entropy": 2.7961053890903864, "valid": false } } ] }, { - "rule": "Password", + "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.983, + "ml_probability": 0.995, "line_data_list": [ { - "line": "password = \"cackle!\"", - "line_num": 1, - "path": "./tests/samples/password.gradle", + "line": "salt4 = {\"salt5\": \"my124%#$@s\\x04clt\\0\"}", + "line_num": 4, + "path": "./tests/samples/salt.py", "info": "", - "value": "cackle!", - "value_start": 12, - "value_end": 19, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "value": "my124%#$@s\\x04clt\\0", + "value_start": 19, + "value_end": 38, + "variable": "salt5", + "variable_start": 10, + "variable_end": 15, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.120589933192232, + "entropy": 2.6959504039350857, "valid": false } } ] }, { - "rule": "Password", + "rule": "Salt", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.998, "line_data_list": [ { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 9, - "path": "./tests/samples/password.patch", + "line": "json_escaped = \"{\\\\\\\"salt8\\\\\\\":\\\\\\\"4b9a6d8b638eb0c6\\\\\\\"}\"", + "line_num": 5, + "path": "./tests/samples/salt.py", "info": "", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, + "value": "4b9a6d8b638eb0c6", + "value_start": 35, + "value_end": 51, + "variable": "salt8", + "variable_start": 21, + "variable_end": 26, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.2806390622295662, + "valid": true } } ] }, { - "rule": "Password", + "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 0.977, "line_data_list": [ { - "line": "password = \"MYPSWRD!@#$%^&*\"", - "line_num": 1, - "path": "./tests/samples/password.tfvars", + "line": "TokenRequest", + "line_num": 9, + "path": "./tests/samples/sample.html", "info": "", - "value": "MYPSWRD!@#$%^&*", - "value_start": 12, - "value_end": 27, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "value": "g1re0g1T0keN3zWx", + "value_start": 40, + "value_end": 56, + "variable": "token", + "variable_start": 28, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 1.8232156112839757, + "entropy": 3.5, "valid": false } } @@ -8564,22 +7901,22 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.989, + "ml_probability": 1.0, "line_data_list": [ { - "line": "my_pw: nCzx8A8#!", - "line_num": 2, - "path": "./tests/samples/password_TRUE", + "line": " placeholder=\"Your password: "g1re0g1Pa5$w0Rd"\"", + "line_num": 16, + "path": "./tests/samples/sample.html", "info": "", - "value": "nCzx8A8#!", - "value_start": 7, - "value_end": 16, - "variable": "my_pw", - "variable_start": 0, - "variable_end": 5, + "value": "g1re0g1Pa5$w0Rd", + "value_start": 38, + "value_end": 53, + "variable": "Your password", + "variable_start": 17, + "variable_end": 30, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, + "entropy": 3.2464312225679506, "valid": false } } @@ -8589,910 +7926,873 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.993, + "ml_probability": 0.998, "line_data_list": [ { - "line": "val password: String = \"exord13Paw64\", // scala", - "line_num": 3, - "path": "./tests/samples/password_TRUE", + "line": " ", + "line_num": 21, + "path": "./tests/samples/sample.html", "info": "", - "value": "exord13Paw64", - "value_start": 24, - "value_end": 36, + "value": "g1re0g2Pa5$w0Rd", + "value_start": 39, + "value_end": 54, "variable": "password", - "variable_start": 4, - "variable_end": 12, + "variable_start": 30, + "variable_end": 38, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.2862156256610597, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.379764555901284, + "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", + "rule": "SendGrid API Key", + "severity": "high", "confidence": "moderate", - "ml_probability": 0.687, + "ml_probability": null, "line_data_list": [ { - "line": "if passworsd == \"q4c1a2oPd\": # __eq__ separator", - "line_num": 5, - "path": "./tests/samples/password_TRUE", + "line": "SG.gireogigireogigi.gireogigireogigi", + "line_num": 1, + "path": "./tests/samples/sendgrid_api_key", "info": "", - "value": "q4c1a2oPd", - "value_start": 17, - "value_end": 26, - "variable": "passworsd", - "variable_start": 3, - "variable_end": 12, + "value": "SG.gireogigireogigi.gireogigireogigi", + "value_start": 0, + "value_end": 36, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.169925001442312, + "entropy": 2.3705246708692047, "valid": false } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.992, + "rule": "Shopify Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "if passworsd != \"x6s7djtEa\": # __ne__ separator", - "line_num": 6, - "path": "./tests/samples/password_TRUE", + "line": " \"shopyfy_k\": \"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\",", + "line_num": 1, + "path": "./tests/samples/shopify_token", "info": "", - "value": "x6s7djtEa", - "value_start": 17, - "value_end": 26, - "variable": "passworsd", - "variable_start": 3, - "variable_end": 12, + "value": "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", + "value_start": 18, + "value_end": 56, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.169925001442312, - "valid": false + "iterator": "BASE36_CHARS", + "entropy": 3.6658566472141003, + "valid": true } } ] }, { - "rule": "Password", - "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "rule": "Slack Token", + "severity": "high", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "password=2bkJgtJDiLcq1t", - "line_num": 7, - "path": "./tests/samples/password_TRUE", + "line": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", + "line_num": 1, + "path": "./tests/samples/slack_token.hs", "info": "", - "value": "2bkJgtJDiLcq1t", - "value_start": 9, - "value_end": 23, - "variable": "password", - "variable_start": 0, - "variable_end": 8, + "value": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", + "value_start": 0, + "value_end": 31, + "variable": null, + "variable_start": -2, + "variable_end": -2, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.521640636343319, + "entropy": 4.029574370937287, "valid": false } } ] }, { - "rule": "CMD Password", - "severity": "high", - "confidence": "moderate", - "ml_probability": 0.976, + "rule": "Slack Webhook", + "severity": "medium", + "confidence": "strong", + "ml_probability": null, "line_data_list": [ { - "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", - "line_num": 8, - "path": "./tests/samples/password_TRUE", + "line": " \"hook\": \"https://hooks.slack.com/services/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\",", + "line_num": 1, + "path": "./tests/samples/slack_webhook.template", "info": "", - "value": "nCzx8A8#!", - "value_start": 46, - "value_end": 55, - "variable": "passin", - "variable_start": 33, - "variable_end": 39, + "value": "/T1029384756/B102984756/sjsbfzowhhqbsgftrvajxzpg", + "value_start": 45, + "value_end": 93, + "variable": "hooks.slack.com/services", + "variable_start": 21, + "variable_end": 45, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, - "valid": false + "entropy": 4.761842188131013, + "valid": true } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", + "confidence": "weak", "ml_probability": 0.976, "line_data_list": [ { - "line": "RUN openssl x509 -req -days 365 -passin \"pass:nCzx8A8#!\" -sha256 -in server.csr -CA ca.pem -CAkey ca-key", - "line_num": 8, - "path": "./tests/samples/password_TRUE", + "line": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'SqLpa5sW0rD';", + "line_num": 1, + "path": "./tests/samples/sql_password", "info": "", - "value": "nCzx8A8#!", - "value_start": 46, - "value_end": 55, - "variable": "pass", - "variable_start": 41, - "variable_end": 45, + "value": "SqLpa5sW0rD", + "value_start": 72, + "value_end": 83, + "variable": "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY", + "variable_start": 0, + "variable_end": 70, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.2432750011217983, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "confidence": "weak", + "ml_probability": 0.995, "line_data_list": [ { - "line": "MYSQL_DATABASE_USER=CRED;MYSQL_DATABASE_PASSWORD=2IWJD88FH4Y;", - "line_num": 12, - "path": "./tests/samples/password_TRUE", + "line": "'create user name identified by 'SqLpa5sW0rD' --", + "line_num": 2, + "path": "./tests/samples/sql_password", "info": "", - "value": "2IWJD88FH4Y", - "value_start": 49, - "value_end": 60, - "variable": "MYSQL_DATABASE_PASSWORD", - "variable_start": 25, - "variable_end": 48, + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "create user name identified by", + "variable_start": 1, + "variable_end": 31, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.2776134368191165, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.993, + "confidence": "weak", + "ml_probability": 0.986, "line_data_list": [ { - "line": "+ \"password\": \"dkajco1\"", - "line_num": 10, - "path": "./tests/samples/password_utf16.patch", + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", + "line_num": 3, + "path": "./tests/samples/sql_password", "info": "", - "value": "dkajco1", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.8073549220576046, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.959, + "confidence": "weak", + "ml_probability": 0.99, "line_data_list": [ { - "line": "+ \"password\": \"dkajc\u00f61\"", - "line_num": 9, - "path": "./tests/samples/password_western.patch", + "line": "\uff1a`CREATE USER 'haproxy'@'%' IDENTIFIED BY 'SqLpa5sW0rD';`", + "line_num": 4, + "path": "./tests/samples/sql_password", "info": "", - "value": "dkajc\u00f61", - "value_start": 16, - "value_end": 23, - "variable": "password", - "variable_start": 4, - "variable_end": 12, + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE USER 'haproxy'@'%' IDENTIFIED BY", + "variable_start": 2, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.4063042189065182, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "PayPal Braintree Access Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.986, "line_data_list": [ { - "line": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", - "line_num": 1, - "path": "./tests/samples/paypal_key", + "line": "exec(\"CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD\");", + "line_num": 5, + "path": "./tests/samples/sql_password", "info": "", - "value": "access_token$production$gireogi121451781$abcaeaabadef01134517891121451781", - "value_start": 0, - "value_end": 73, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 59, + "value_end": 70, + "variable": "CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY", + "variable_start": 6, + "variable_end": 58, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 4.125814952938168, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "PEM Private Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "str value = \"-----BEGIN RSA PRIVATE KEY-----\\n\" +", - "line_num": 2, - "path": "./tests/samples/pem_key", - "info": "", - "value": "-----BEGIN RSA PRIVATE KEY-----", - "value_start": 13, - "value_end": 44, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.529698260800009, - "valid": false - } - }, - { - "line": "\"MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+ \\n\"", - "line_num": 3, - "path": "./tests/samples/pem_key", - "info": "", - "value": "MIICXQIBAAKBgQDwcEN7vZygGg6DvPpsw17hRD6S5N8+huaqs1JGXQfPhbvLTUsHdzGLVNQ/Z0wQVGdPiaJDflqhcT1IH8BLD4SHn+", - "value_start": 1, - "value_end": 103, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.429600283437102, - "valid": true - } - }, - { - "line": "\t+ \"WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o\\r \\n\"", - "line_num": 4, - "path": "./tests/samples/pem_key", - "info": "", - "value": "WuRIzX77P7oVKM2CoTA6VzT6s/bvr7HxFLl4NhohfyDsV0YCDc4I6EHGWMCUHZb0IWxzEGRWD3jbG8KAZUsQIDAQABAoGAOD7a2o", - "value_start": 4, - "value_end": 104, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.307627100346911, - "valid": true - } - }, - { - "line": "\" CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr \"", - "line_num": 5, - "path": "./tests/samples/pem_key", - "info": "", - "value": "CRujY+PP0hS/4sHOBdDvnxa2wdW8NVNNagdCBhvP5Y1edBNMnkWOyuM4e7HzUgO0+8ndWis1OSJTz9EFTyHJm6GOn+/JR62NWNr", - "value_start": 3, - "value_end": 102, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.391947595190542, - "valid": true - } - }, - { - "line": "\t\t\"9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC \\\\", + "line": "expected_statement = \"\"\"CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", "line_num": 6, - "path": "./tests/samples/pem_key", + "path": "./tests/samples/sql_password", "info": "", - "value": "9lfCb8cWq0eoOk3UUO9P+1nZNHjE/iDhuTi3x/5naW4SzdkZfxHo/NMI6i5w1ZnQ60CQQD9d0G9gBy6lPhC", - "value_start": 3, - "value_end": 86, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 65, + "value_end": 76, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 24, + "variable_end": 63, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.410712925114302, - "valid": true + "entropy": 3.459431618637298, + "valid": false } - }, + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ { - "line": "\"\"\" mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV \"\"\" +", - "line_num": 7, - "path": "./tests/samples/pem_key", + "line": "CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB;", + "line_num": 8, + "path": "./tests/samples/sql_password", "info": "", - "value": "mbHzYovVjSnyfzUtyWPNSrXNiUCR5vu2f6eCgSVzFZ0oHAv8nLaYnXrhyT25lwzNK5OhR/oPAkEA8tep3NmfxV", - "value_start": 4, - "value_end": 90, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 41, + "value_end": 52, + "variable": "CREATE USER foo WITH ENCRYPTED PASSWORD", + "variable_start": 0, + "variable_end": 39, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.417032341684991, - "valid": true + "entropy": 3.459431618637298, + "valid": false } - }, + } + ] + }, + { + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, + "line_data_list": [ { - "line": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B\\r\\n", - "line_num": 8, - "path": "./tests/samples/pem_key", + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 9, + "path": "./tests/samples/sql_password", "info": "", - "value": "QSBfKGfotblIG709xxfd6vHfDS0eZuTFUxkZDcayZDhMDjTMZxP8rokSbMaOSqUseUeYhx5TqFPwJAAhC0smyWz1ZjZ3eFIayN4yGRU+6B", - "value_start": 0, - "value_end": 106, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "PASSWORD", + "variable_start": 26, + "variable_end": 34, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.497697548960291, - "valid": true + "entropy": 3.459431618637298, + "valid": false } - }, + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ { - "line": "\"amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB\\\\", + "line": "ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", "line_num": 9, - "path": "./tests/samples/pem_key", + "path": "./tests/samples/sql_password", "info": "", - "value": "amwXqhaPwKr7obS2HFiR7thKi9ODQk5oMpi8TCYMWEahgB+g9RMD0u6ZNQJBAMla\\\\\\\\nUJmySGuRnbAYu7PJURH90AOG0QOQ1Jp6yBMKgYIB", - "value_start": 1, - "value_end": 110, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 38, + "value_end": 49, + "variable": "ALTER LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 36, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.30959588168204, - "valid": true + "entropy": 3.459431618637298, + "valid": false } - }, + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.979, + "line_data_list": [ { - "line": "Uaxk9J5Th8BXPyC1mclPMS7J\\\\\\\\ngMuobiFdIpryq51pvHkCQQDInvDaKI24Ho+cj6SCKnEO4kbjh/yx1XGwNmY0ld1i\\\\r5micHFiMI7/IcVZ4\\n", + "line": "ALTER ROLE postgres PASSWORD 'SqLpa5sW0rD'; SELECT pg_reload_conf()\"", "line_num": 10, - "path": "./tests/samples/pem_key", + "path": "./tests/samples/sql_password", "info": "", - "value": "Uaxk9J5Th8BXPyC1mclPMS7J", - "value_start": 0, - "value_end": 24, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 30, + "value_end": 41, + "variable": "ALTER ROLE postgres PASSWORD", + "variable_start": 0, + "variable_end": 28, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.418295834054489, + "entropy": 3.459431618637298, "valid": false } - }, + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.998, + "line_data_list": [ { - "line": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----\"\"\";", + "line": "ALTER USER username WITH PASSWORD 'SqLpa5sW0rD';", "line_num": 11, - "path": "./tests/samples/pem_key", + "path": "./tests/samples/sql_password", "info": "", - "value": "2cl1OwdGjRdmO1LT6P1cl8UYIj/S\\n-----END RSA PRIVATE KEY-----", - "value_start": 0, - "value_end": 59, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "ALTER USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.872106351098176, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "PEM Private Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "Password", + "severity": "medium", + "confidence": "moderate", + "ml_probability": 1.0, "line_data_list": [ { - "line": "char pk[] = \"\\\\n-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----\\n\";", - "line_num": 14, - "path": "./tests/samples/pem_key", + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", "info": "", - "value": "-----BEGIN EC PRIVATE KEY-----\\nMHcCAQEEID4VC4s0b2n3yvypHb2GO9prFUctYt\\r\\r\\n\\nHmGCMvpxkpexbHoAoGCCqGSM49\\\\\\\\\\nAwEHoUQDQgAE2GwUUuO9/dKl51bOryWzHF8wTSezSqdRIucGhDRsmDITLcNEZw3V\\\\\\\\rIaQP59Ufkz8NIkLeIAa1HZGZxCVMQ907FA==\\\\n-----END EC PRIVATE KEY-----", - "value_start": 16, - "value_end": 262, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "PASSWORD", + "variable_start": 27, + "variable_end": 35, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.884128060579623, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "PEM Private Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", - "line_num": 27, - "path": "./tests/samples/pem_key", + "line": "CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD';", + "line_num": 12, + "path": "./tests/samples/sql_password", "info": "", - "value": "-----BEGIN OPENSSH LOW ENTROPY PRIVATE KEY-----", - "value_start": 0, - "value_end": 47, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 39, + "value_end": 50, + "variable": "CREATE LOGIN username WITH PASSWORD =", + "variable_start": 0, + "variable_end": 37, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.0185646866544076, + "entropy": 3.459431618637298, "valid": false } - }, - { - "line": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", - "line_num": 28, - "path": "./tests/samples/pem_key", - "info": "", - "value": "12345678901231278634987284736283548102438723941563428762374129402103402394932746672734543664375t7323341253845186253784==", - "value_start": 0, - "value_end": 120, - "variable": null, - "variable_start": -2, - "variable_end": -2, - "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.2083460372948154, - "valid": true - } - }, + } + ] + }, + { + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, + "line_data_list": [ { - "line": "-----END LOW ENTROPY PRIVATE KEY-----", - "line_num": 29, - "path": "./tests/samples/pem_key", + "line": "CREATE USER chuck WITH PASSWORD 'SqLpa5sW0rD' SUPERUSER;", + "line_num": 13, + "path": "./tests/samples/sql_password", "info": "", - "value": "-----END LOW ENTROPY PRIVATE KEY-----", - "value_start": 0, - "value_end": 37, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 33, + "value_end": 44, + "variable": "CREATE USER chuck WITH PASSWORD", + "variable_start": 0, + "variable_end": 31, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.6977683083639423, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Picatic API Key", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "sk_live_gireogicracklegireogicrackle1231", - "line_num": 1, - "path": "./tests/samples/picatic_key", + "line": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD 'SqLpa5sW0rD' NOSUPERUSER;", + "line_num": 14, + "path": "./tests/samples/sql_password", "info": "", - "value": "sk_live_gireogicracklegireogicrackle1231", - "value_start": 0, - "value_end": 40, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 47, + "value_end": 58, + "variable": "CREATE USER IF NOT EXISTS sandy WITH PASSWORD", + "variable_start": 0, + "variable_end": 45, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.48760529131298, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Stripe Credentials", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "sk_live_gireogicracklegireogicrackle1231", - "line_num": 1, - "path": "./tests/samples/picatic_key", + "line": "CREATE USER myuser WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 15, + "path": "./tests/samples/sql_password", "info": "", - "value": "sk_live_gireogicracklegireogicrackle1231", - "value_start": 0, - "value_end": 40, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "CREATE USER myuser WITH PASSWORD", + "variable_start": 0, + "variable_end": 32, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.48760529131298, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "PyPi API Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", - "line_num": 1, - "path": "./tests/samples/pypi_token", + "line": "CREATE USER username WITH PASSWORD 'SqLpa5sW0rD';", + "line_num": 16, + "path": "./tests/samples/sql_password", "info": "", - "value": "pypi-AgEIcHlvdS5bcmcCJGDmMTllXWJjLTRhODAtNDBhYi01Y2Y4LThjNjcxZTg3MsRjOAACKlszLCJlPDYzYmUxOC0wNjQ3LTQ4AzQtODFhYy1jZGRlNTk2MGYxNDYiXQAABiDDbVAEnaUMn4zZHlFr5NWy7JEYfvoay--cVmKO5lr3Xp", - "value_start": 0, - "value_end": 179, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 36, + "value_end": 47, + "variable": "CREATE USER username WITH PASSWORD", + "variable_start": 0, + "variable_end": 34, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.493434473754406, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Salesforce Credentials", + "rule": "SQL Password", "severity": "medium", "confidence": "weak", - "ml_probability": null, + "ml_probability": 0.971, "line_data_list": [ { - "line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", - "line_num": 2, - "path": "./tests/samples/salesfoce", + "line": "ALTER USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 17, + "path": "./tests/samples/sql_password", "info": "", - "value": "00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1", - "value_start": 8, - "value_end": 120, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 49, + "value_end": 60, + "variable": "ALTER USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 47, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 5.076545709916438, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Salt", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.999, + "confidence": "weak", + "ml_probability": 0.84, "line_data_list": [ { - "line": "salt1 = b\"\\x23!\\xae2389x&543@\"", - "line_num": 1, - "path": "./tests/samples/salt.py", + "line": "ALTER USER 'super_user'@'10.10.10.%' identified by 'SqLpa5sW0rD';", + "line_num": 18, + "path": "./tests/samples/sql_password", "info": "", - "value": "\\x23!\\xae2389x&543@", - "value_start": 10, - "value_end": 29, - "variable": "salt1", + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "ALTER USER 'super_user'@'10.10.10.%' identified by", "variable_start": 0, - "variable_end": 5, + "variable_end": 50, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.5242742202043824, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Salt", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.727, + "confidence": "weak", + "ml_probability": 0.981, "line_data_list": [ { - "line": "salt2 = r\"\"\"\\0x12\\0x3s\"\"\"", - "line_num": 2, - "path": "./tests/samples/salt.py", + "line": "ALTER USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 19, + "path": "./tests/samples/sql_password", "info": "", - "value": "\\0x12\\0x3s", - "value_start": 12, - "value_end": 22, - "variable": "salt2", + "value": "SqLpa5sW0rD", + "value_start": 34, + "value_end": 45, + "variable": "ALTER USER username IDENTIFIED BY", "variable_start": 0, - "variable_end": 5, + "variable_end": 33, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.25754247590989, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Salt", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.97, + "confidence": "weak", + "ml_probability": 0.998, "line_data_list": [ { - "line": "salt3 = u\"\\u0020827634876\"", - "line_num": 3, - "path": "./tests/samples/salt.py", + "line": "CREATE USER username IDENTIFIED BY SqLpa5sW0rD;", + "line_num": 20, + "path": "./tests/samples/sql_password", "info": "", - "value": "\\u0020827634876", - "value_start": 10, - "value_end": 25, - "variable": "salt3", + "value": "SqLpa5sW0rD", + "value_start": 35, + "value_end": 46, + "variable": "CREATE USER username IDENTIFIED BY", "variable_start": 0, - "variable_end": 5, + "variable_end": 34, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.7961053890903864, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Salt", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.897, + "confidence": "weak", + "ml_probability": 0.997, "line_data_list": [ { - "line": "salt4 = {\"salt5\": \"my124%#$@s\\x04clt\\0\"}", - "line_num": 4, - "path": "./tests/samples/salt.py", + "line": "CREATE USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';", + "line_num": 21, + "path": "./tests/samples/sql_password", "info": "", - "value": "my124%#$@s\\x04clt\\0", - "value_start": 19, - "value_end": 38, - "variable": "salt5", - "variable_start": 10, - "variable_end": 15, + "value": "SqLpa5sW0rD", + "value_start": 50, + "value_end": 61, + "variable": "CREATE USER 'username'@'localhost' IDENTIFIED BY", + "variable_start": 0, + "variable_end": 48, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.6959504039350857, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Salt", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.997, + "confidence": "weak", + "ml_probability": 0.994, "line_data_list": [ { - "line": "json_escaped = \"{\\\\\\\"salt8\\\\\\\":\\\\\\\"4b9a6d8b638eb0c6\\\\\\\"}\"", - "line_num": 5, - "path": "./tests/samples/salt.py", + "line": "mysql -u root -pdbadmin -e \"CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';\"\u2013 ", + "line_num": 22, + "path": "./tests/samples/sql_password", "info": "", - "value": "4b9a6d8b638eb0c6", - "value_start": 35, - "value_end": 51, - "variable": "salt8", - "variable_start": 21, - "variable_end": 26, + "value": "SqLpa5sW0rD", + "value_start": 79, + "value_end": 90, + "variable": "CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY", + "variable_start": 28, + "variable_end": 77, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.2806390622295662, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Token", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 0.996, + "confidence": "weak", + "ml_probability": 1.0, "line_data_list": [ { - "line": "TokenRequest", - "line_num": 9, - "path": "./tests/samples/sample.html", + "line": "-c \"CREATE ROLE scram_test login password 'SqLpa5sW0rD'\"", + "line_num": 23, + "path": "./tests/samples/sql_password", "info": "", - "value": "g1re0g1T0keN3zWx", - "value_start": 40, - "value_end": 56, - "variable": "token", - "variable_start": 28, - "variable_end": 33, + "value": "SqLpa5sW0rD", + "value_start": 43, + "value_end": 54, + "variable": "CREATE ROLE scram_test login password", + "variable_start": 4, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.5, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", - "ml_probability": 1.0, + "confidence": "weak", + "ml_probability": 0.999, "line_data_list": [ { - "line": " placeholder=\"Your password: "g1re0g1Pa5$w0Rd"\"", - "line_num": 16, - "path": "./tests/samples/sample.html", + "line": "CREATE ROLE app_admin WITH LOGIN PASSWORD SqLpa5sW0rD;", + "line_num": 24, + "path": "./tests/samples/sql_password", "info": "", - "value": "g1re0g1Pa5$w0Rd", - "value_start": 38, + "value": "SqLpa5sW0rD", + "value_start": 42, "value_end": 53, - "variable": "Your password", - "variable_start": 17, - "variable_end": 30, + "variable": "CREATE ROLE app_admin WITH LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 41, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.2464312225679506, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Password", + "rule": "SQL Password", "severity": "medium", - "confidence": "moderate", + "confidence": "weak", "ml_probability": 0.999, "line_data_list": [ { - "line": " ", - "line_num": 21, - "path": "./tests/samples/sample.html", + "line": "CREATE ROLE flask_admin_geo LOGIN PASSWORD 'SqLpa5sW0rD';", + "line_num": 25, + "path": "./tests/samples/sql_password", "info": "", - "value": "g1re0g2Pa5$w0Rd", - "value_start": 39, - "value_end": 54, - "variable": "password", - "variable_start": 30, - "variable_end": 38, + "value": "SqLpa5sW0rD", + "value_start": 44, + "value_end": 55, + "variable": "CREATE ROLE flask_admin_geo LOGIN PASSWORD", + "variable_start": 0, + "variable_end": 42, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 3.379764555901284, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "SendGrid API Key", - "severity": "high", - "confidence": "moderate", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.904, "line_data_list": [ { - "line": "SG.gireogigireogigi.gireogigireogigi", - "line_num": 1, - "path": "./tests/samples/sendgrid_api_key", + "line": "create role forum_example_graph_demo login password 'SqLpa5sW0rD';", + "line_num": 26, + "path": "./tests/samples/sql_password", "info": "", - "value": "SG.gireogigireogigi.gireogigireogigi", - "value_start": 0, - "value_end": 36, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 53, + "value_end": 64, + "variable": "create role forum_example_graph_demo login password", + "variable_start": 0, + "variable_end": 51, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 2.3705246708692047, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Shopify Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.956, "line_data_list": [ { - "line": " \"shopyfy_k\": \"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\",", - "line_num": 1, - "path": "./tests/samples/shopify_token", + "line": "create role forum_example_graph login password 'SqLpa5sW0rD';", + "line_num": 27, + "path": "./tests/samples/sql_password", "info": "", - "value": "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", - "value_start": 18, - "value_end": 56, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 48, + "value_end": 59, + "variable": "create role forum_example_graph login password", + "variable_start": 0, + "variable_end": 46, "entropy_validation": { - "iterator": "BASE36_CHARS", - "entropy": 3.6658566472141003, - "valid": true + "iterator": "BASE64STDPAD_CHARS", + "entropy": 3.459431618637298, + "valid": false } } ] }, { - "rule": "Slack Token", - "severity": "high", - "confidence": "strong", - "ml_probability": null, + "rule": "SQL Password", + "severity": "medium", + "confidence": "weak", + "ml_probability": 0.814, "line_data_list": [ { - "line": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", - "line_num": 1, - "path": "./tests/samples/slack_token.hs", + "line": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD('SqLpa5sW0rD');", + "line_num": 28, + "path": "./tests/samples/sql_password", "info": "", - "value": "xoxa-FLYLIKEAGIREOGI-9d8cfc0f59", - "value_start": 0, - "value_end": 31, - "variable": null, - "variable_start": -2, - "variable_end": -2, + "value": "SqLpa5sW0rD", + "value_start": 52, + "value_end": 63, + "variable": "SET PASSWORD FOR 'username'@'localhost' = PASSWORD", + "variable_start": 0, + "variable_end": 50, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.029574370937287, + "entropy": 3.459431618637298, "valid": false } } ] }, { - "rule": "Slack Webhook", + "rule": "SQL Password", "severity": "medium", - "confidence": "strong", - "ml_probability": null, + "confidence": "weak", + "ml_probability": 0.852, "line_data_list": [ { - "line": " \"hook\": \"https://hooks.slack.com/services/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\",", - "line_num": 1, - "path": "./tests/samples/slack_webhook.template", + "line": "insert into mysql.user values(PASSWORD('SqLpa5sW0rD') );", + "line_num": 29, + "path": "./tests/samples/sql_password", "info": "", - "value": "/T1029384756/B102984756/sjsbfzowhhqbsgftrvajxzpg", - "value_start": 45, - "value_end": 93, - "variable": "hooks.slack.com/services", - "variable_start": 21, - "variable_end": 45, + "value": "SqLpa5sW0rD", + "value_start": 40, + "value_end": 51, + "variable": "insert into mysql.user values(PASSWORD", + "variable_start": 0, + "variable_end": 38, "entropy_validation": { "iterator": "BASE64STDPAD_CHARS", - "entropy": 4.761842188131013, - "valid": true + "entropy": 3.459431618637298, + "valid": false } } ] @@ -9876,7 +9176,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.997, "line_data_list": [ { "line": "gi_reo_gi_token = \"G1Re06G1BdgNseiJDN21Z094M\"", @@ -9901,7 +9201,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.992, + "ml_probability": 0.994, "line_data_list": [ { "line": "Token-> DemoToken: Nxs094M3ed2s1Re0F4M3ed2GZ8M= <- for User : demo", @@ -10001,7 +9301,7 @@ "rule": "URL Credentials", "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 1.0, "line_data_list": [ { "line": "url: mongodb://jrfdeg:dh3sjr8b@prod-best-sec.example.com:32768/architecture", @@ -10076,7 +9376,7 @@ "rule": "Key", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.994, + "ml_probability": 0.999, "line_data_list": [ { "line": "39084?Credential=546DFS64N90P3AW7DX&key=3487263-2384579834-234732875-345&hasToBefound=2", @@ -10126,7 +9426,7 @@ "rule": "URL Credentials", "severity": "high", "confidence": "moderate", - "ml_probability": 0.999, + "ml_probability": 0.998, "line_data_list": [ { "line": "email_as_login = \"smtps://example@gmail.com:FnD83JZs@smtp.gmail.com:465\";", @@ -10151,7 +9451,7 @@ "rule": "Token", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.998, + "ml_probability": 1.0, "line_data_list": [ { "line": "url3d = \"https://localhost.com/013948?26timestamp%3D1395782596%26token%3Dh1d3Me4ch534d801sl3jdk%26version%3D3.14%26si\";", @@ -10351,7 +9651,7 @@ "rule": "Password", "severity": "medium", "confidence": "moderate", - "ml_probability": 0.996, + "ml_probability": 1.0, "line_data_list": [ { "line": "password : cackle!", diff --git a/tests/ml_model/test_ml_validator.py b/tests/ml_model/test_ml_validator.py index 6178540f5..5ee43a507 100644 --- a/tests/ml_model/test_ml_validator.py +++ b/tests/ml_model/test_ml_validator.py @@ -48,22 +48,22 @@ def test_ml_validator_simple_n(self): candidate.line_data_list[0].value = "Ahga%$FiQ@Ei8" decision, probability = self.validate(candidate) - self.assertAlmostEqual(0.9997878074645996, probability, delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9999994039535522, probability, delta=NEGLIGIBLE_ML_THRESHOLD) candidate.line_data_list[0].path = "sample.yaml" candidate.line_data_list[0].file_type = ".yaml" decision, probability = self.validate(candidate) - self.assertAlmostEqual(0.9989185333251953, probability, delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9999819993972778, probability, delta=NEGLIGIBLE_ML_THRESHOLD) candidate.line_data_list[0].path = "test.zip" candidate.line_data_list[0].file_type = ".zip" decision, probability = self.validate(candidate) - self.assertAlmostEqual(0.9992884397506714, probability, delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.999995231628418, probability, delta=NEGLIGIBLE_ML_THRESHOLD) candidate.line_data_list[0].path = "other.txt" candidate.line_data_list[0].file_type = ".txt" decision, probability = self.validate(candidate) - self.assertAlmostEqual(0.9963308572769165, probability, delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9999191761016846, probability, delta=NEGLIGIBLE_ML_THRESHOLD) def test_ml_validator_auxiliary_p(self): candidate = Candidate.get_dummy_candidate(self.config, "mycred", "", "") @@ -82,25 +82,25 @@ def test_ml_validator_auxiliary_p(self): candidate_key = CandidateKey(candidate.line_data_list[0]) sample_as_batch = [(candidate_key, [candidate])] is_cred_batch, probability_batch = self.ml_validator.validate_groups(sample_as_batch, 2) - self.assertAlmostEqual(0.989341139793396, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9976176023483276, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) # auxiliary rule which was not trained - keeps the same ML probability aux_candidate.rule_name = "PASSWD_PAIR" sample_as_batch = [(candidate_key, [candidate, aux_candidate])] is_cred_batch, probability_batch = self.ml_validator.validate_groups(sample_as_batch, 2) - self.assertAlmostEqual(0.989341139793396, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9976176023483276, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) # auxiliary rule in train increases ML probability aux_candidate.rule_name = "Token" is_cred_batch, probability_batch = self.ml_validator.validate_groups(sample_as_batch, 2) - self.assertAlmostEqual(0.9856619834899902, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9970744848251343, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) # which real line may be candidate.line_data_list[0].line = "secret=func(token=238475614782)" aux_candidate.line_data_list[0].line = "secret=func(token=238475614782)" aux_candidate.line_data_list[0].variable = "token" is_cred_batch, probability_batch = self.ml_validator.validate_groups(sample_as_batch, 2) - self.assertAlmostEqual(0.9185001850128174, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9979498386383057, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) def test_ml_validator_auxiliary_n(self): candidate = Candidate.get_dummy_candidate(self.config, "secret", "", "") @@ -119,14 +119,14 @@ def test_ml_validator_auxiliary_n(self): candidate_key = CandidateKey(candidate.line_data_list[0]) sample_as_batch = [(candidate_key, [candidate])] is_cred_batch, probability_batch = self.ml_validator.validate_groups(sample_as_batch, 2) - self.assertAlmostEqual(0.9983870387077332, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9900616407394409, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) # auxiliary rule in train does not increase ML probability yet - will be used after next train aux_candidate.rule_name = "UUID" sample_as_batch = [(candidate_key, [candidate, aux_candidate])] is_cred_batch, probability_batch = self.ml_validator.validate_groups(sample_as_batch, 2) - self.assertAlmostEqual(0.9983870387077332, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) + self.assertAlmostEqual(0.9900616407394409, probability_batch[0], delta=NEGLIGIBLE_ML_THRESHOLD) def test_extract_features_n(self): candidate1 = Candidate.get_dummy_candidate(self.config, "___.x3", ".x3", "") @@ -149,10 +149,10 @@ def test_extract_features_p(self): candidate1.rule_name = "???????" features1_1 = self.ml_validator.extract_features([candidate1]) - self.assertEqual(6, np.count_nonzero(features1_1)) + self.assertEqual(7, np.count_nonzero(features1_1)) candidate1.rule_name = "Password" features1_1 = self.ml_validator.extract_features([candidate1]) - self.assertEqual(7, np.count_nonzero(features1_1)) + self.assertEqual(8, np.count_nonzero(features1_1)) candidate1.line_data_list[0].value = "example/" features1_2 = self.ml_validator.extract_features([candidate1]) self.assertEqual(14, np.count_nonzero(features1_2)) @@ -217,55 +217,55 @@ def test_encode_p(self): 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ], [ 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ], [ - 0.0, 0.0, 0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ], [ 0.0, 0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ], [ 0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ], [ 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ], [ 1.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ], [ 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, - 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 + 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0, 0.0 ]], self.ml_validator.encode("\xFE\xFF \n\t`\0", MIN_DATA_LEN).tolist()) diff --git a/tests/rules/common.py b/tests/rules/common.py index 52a927981..de9bbf48d 100644 --- a/tests/rules/common.py +++ b/tests/rules/common.py @@ -9,15 +9,16 @@ class BaseTestRule: def test_scan_p(self, file_path: pytest.fixture, lines: pytest.fixture, scanner_without_filters: pytest.fixture) -> None: - provider = StringContentProvider(lines) + provider = StringContentProvider(lines, file_path=file_path) scan_result = scanner_without_filters.scan(provider) assert len(scan_result) == 1 - @pytest.mark.parametrize("lines", [[""], ["String secret = new String()"], ["SZa6TWGF2XuWdl7c2s2xB1iSlnZJLbvH"]]) + @pytest.mark.parametrize("lines", + [[""], ["String secret = new String('p****');"], ["SZa6TWGF2XuWdl7c2s2xB1iSlnZJLbvH"]]) def test_scan_n(self, file_path: pytest.fixture, lines: List[str], scanner: pytest.fixture) -> None: - provider = StringContentProvider(lines) + provider = StringContentProvider(lines, file_path=file_path) scan_result = scanner.scan(provider) - assert len(scan_result) == 0 + assert len(scan_result) == 0, scan_result[0] class BaseTestNoQuotesRule: diff --git a/tests/samples/doc_credentials_n b/tests/samples/doc_credentials_n index 9885576b9..fa7794a78 100644 --- a/tests/samples/doc_credentials_n +++ b/tests/samples/doc_credentials_n @@ -1 +1,3 @@ the password is incorrect +Activation key : ZAQWS-XCDER-VBGTR-FRTGU-KLMNO +Activation key : ZAQWS-XCDER-*****-VBGTR-FRTGU diff --git a/tests/samples/doc_credentials_p b/tests/samples/doc_credentials_p index ca484b637..c1b929b5e 100644 --- a/tests/samples/doc_credentials_p +++ b/tests/samples/doc_credentials_p @@ -1 +1,2 @@ my password is 237dg546fs9 +Activation key : ZAQWS-XCDER-VBGTR-FRTGU-KLMNX diff --git a/tests/samples/sql_password b/tests/samples/sql_password new file mode 100644 index 000000000..85b8fb6aa --- /dev/null +++ b/tests/samples/sql_password @@ -0,0 +1,39 @@ +ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'SqLpa5sW0rD'; +'create user name identified by 'SqLpa5sW0rD' -- +exec("CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD"); +:`CREATE USER 'haproxy'@'%' IDENTIFIED BY 'SqLpa5sW0rD';` +exec("CREATE USER ExposedTest ACCOUNT UNLOCK IDENTIFIED BY SqLpa5sW0rD"); +expected_statement = """CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB; +CREATE USER $TEST_USER_NAME WITH SUPERUSER LOGIN NOINHERIT PASSWORD '$TEST_USER_PASS' CREATEROLE; -- todo filter +CREATE USER foo WITH ENCRYPTED PASSWORD 'SqLpa5sW0rD' CREATEDB; +ALTER LOGIN username WITH PASSWORD = 'SqLpa5sW0rD'; +ALTER ROLE postgres PASSWORD 'SqLpa5sW0rD'; SELECT pg_reload_conf()" +ALTER USER username WITH PASSWORD 'SqLpa5sW0rD'; +CREATE LOGIN username WITH PASSWORD = 'SqLpa5sW0rD'; +CREATE USER chuck WITH PASSWORD 'SqLpa5sW0rD' SUPERUSER; +CREATE USER IF NOT EXISTS sandy WITH PASSWORD 'SqLpa5sW0rD' NOSUPERUSER; +CREATE USER myuser WITH PASSWORD 'SqLpa5sW0rD'; +CREATE USER username WITH PASSWORD 'SqLpa5sW0rD'; +ALTER USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD'; +ALTER USER 'super_user'@'10.10.10.%' identified by 'SqLpa5sW0rD'; +ALTER USER username IDENTIFIED BY SqLpa5sW0rD; +CREATE USER username IDENTIFIED BY SqLpa5sW0rD; +CREATE USER 'username'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD'; +mysql -u root -pdbadmin -e "CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'SqLpa5sW0rD';"– +-c "CREATE ROLE scram_test login password 'SqLpa5sW0rD'" +CREATE ROLE app_admin WITH LOGIN PASSWORD SqLpa5sW0rD; +CREATE ROLE flask_admin_geo LOGIN PASSWORD 'SqLpa5sW0rD'; +create role forum_example_graph_demo login password 'SqLpa5sW0rD'; +create role forum_example_graph login password 'SqLpa5sW0rD'; +SET PASSWORD FOR 'username'@'localhost' = PASSWORD('SqLpa5sW0rD'); +insert into mysql.user values(PASSWORD('SqLpa5sW0rD') ); +UPDATE mysql.user SET authentication_string = PASSWORD ('SqLpa5sW0rD') WHERE User = 'username'; +"ALTER USER 'test'@'1.1.1.1' IDENTIFIED WITH 'mysql_native_password' AS '*SqLpa5sW0rD' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK;", +sh -c 'echo CREATE USER typeorm_mg IDENTIFIED BY SqLpa5sW0rD\; >>tmp.sql;' + +ALTER USER 'super_user'@'10.10.%' PASSWORD EXPIRE INTERVAL 90 DAY; +ALTER USER 'super_user'@'10.1.%' PASSWORD HISTORY 1; +ALTER USER 'username'@'%' PASSWORD EXPIRE INTERVAL 90 DAY; +ALTER USER 'u2'@'localhost' FAILED_LOGIN_ATTEMPTS 45PASSWORD_LOCK_TIME UNBOUNDED; +alter user "bob"@"localhost" identified with sha256_password by ''; +select concat("--alter user'", user, "'@'%' identified with sha256_password by 'pass';") from mysql.user diff --git a/tests/test_app.py b/tests/test_app.py index 5a2060cba..47f122dbb 100644 --- a/tests/test_app.py +++ b/tests/test_app.py @@ -162,7 +162,7 @@ def test_it_works_with_multiline_in_patch_p(self) -> None: rule: Token | severity: medium | confidence: moderate - | ml_probability: 0.9982267618179321 + | ml_probability: 0.9996484518051147 | line_data_list: [line: ' token = "V84C7sDU001tFFodKU95USNy97TkqXymnvsFmYhQ"' | line_num: 5 diff --git a/tests/test_main.py b/tests/test_main.py index 29d144750..e011702b0 100644 --- a/tests/test_main.py +++ b/tests/test_main.py @@ -452,7 +452,7 @@ def test_pdf_p(self) -> None: cred_sweeper = CredSweeper(depth=7) cred_sweeper.run(content_provider=content_provider) found_credentials = cred_sweeper.credential_manager.get_credentials() - self.assertSetEqual({"AWS Client ID", "Password", "Github Classic Token"}, + self.assertSetEqual({"AWS Client ID", "Password", "Github Classic Token", "Key"}, set(i.rule_name for i in found_credentials)) self.assertSetEqual({"Xdj@jcN834b", "AKIAGIREOGIAWSKEY123", "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"}, set(i.line_data_list[0].value for i in found_credentials))