-
Notifications
You must be signed in to change notification settings - Fork 25
/
Copy pathpatterns.yml
142 lines (140 loc) · 4.87 KB
/
patterns.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Commonly Used Secrets / Passwords
patterns:
- name: Common Passwords Shortlist
type: common_passwords_shortlist
regex:
version: 0.1
pattern: |
(?i)[!?%$@.*+_#-]*(1234?)?(p[@a][s5]{2}w[o0]rd|[a3@]dm[i1!]n|t[e3]mp(ora(ry|l))|[a4@]m[e3]r[i1!l]c[a4@]|[i1!]nd[i1!][a4@]|mumb[a4@][i1!]|123456(7|78|789|7890|78910)|((?-i)((abcd?e?f?|123|456|xyz|321|654|1?[qg]az|2?wsx|3?edc|4?rfv|5?tgb|6?yhn|za[qg]1?|xsw2?|cde3?|vfr4?|bgt5?|nhy6?|[qg]wer?|asdf?|zxcv?|1[qg]2w|3e4r|dog|ca[tr]|red|lol|azer?|qqq|www|zzz|xxx|yyy)[!?%$@.*+_#'-]?)+)|([qg][uw]|az)erty(uiop)?|m[o0]nk[e3][yi]|l[e3]tm[e3][i1!]n|dr[a4@]g[o0]n|0{6}|1{6}|2{6}|3{6}|4{6}|5{6}|6{6}|7{6}|8{6}|9{6}|b[a4@][s5$]k?[e3]t?b[a4@][l1!]{1,2}|[s5][o0]cc[e3@]r|[i1!]?l[o0]v[e3](y[o0]u|u|m[e3])?|tru[s5$]tn[o0](1|!|one)|[s5$]un[s5$]h[i1!]n[e3]|m[a4@][s5$]t[e3]r|w[e3][l1!]c[o0]m[e3]|[s5$]h[a4@]d[o0]w|[a4@][s5$]hl[e3]y|f[o0]{1,2}tb[a4@]l{1,2}|j[e3][s5$]u[s5$]|m[i1!]ch[a4@][e@]l|n[i1!]nj[a4@]|mu[s5$]t[a@]ng|chrys[l1!][e3@]r|t[o0]y[o0]t[a4@]|w[i1!]nt[e3]r|spr[i1!]ng|summ[e3]r|f[a4@]ll|[a4@]utumn)[!?%$@.*+_#-]*\d*[!?%$]*
start: |
(\b|\A)[a-zA-z][a-zA-Z0-9_-]+[A-Za-z][\t ]*(={1,3}|:)[\t ]*(b?["'])?
end: |
\z|[\r\n'"]
additional_not_match:
# very common FP
- ^red'?$
# some really common FPs in code
- ^(master|shadow|password|\$PASSWORD|MASTER|www\.)$
# web colours
- ^\#[0-9]+$
# long strings, unlikely to be a weak password
- ^.{20,}
test:
data: some_variable="p@55w0rd123"
start_offset: 15
end_offset: 26
comments:
- ⚠️ prone to high numbers of false positives, use with caution ⚠️
- very small common password shortlist from SecLists
- allows for numbers and common punctuation at the end
- case insensitive
- adds some l33tsp3@k variations
expected:
- name: top-passwords-shortlist.txt
start_offset: 9
end_offset: 17
- name: top-passwords-shortlist.txt
start_offset: 27
end_offset: 32
- name: top-passwords-shortlist.txt
start_offset: 42
end_offset: 51
- name: top-passwords-shortlist.txt
start_offset: 61
end_offset: 68
- name: top-passwords-shortlist.txt
start_offset: 78
end_offset: 83
- name: top-passwords-shortlist.txt
start_offset: 93
end_offset: 99
- name: top-passwords-shortlist.txt
start_offset: 109
end_offset: 116
- name: top-passwords-shortlist.txt
start_offset: 126
end_offset: 132
- name: top-passwords-shortlist.txt
start_offset: 142
end_offset: 145
- name: top-passwords-shortlist.txt
start_offset: 155
end_offset: 159
- name: top-passwords-shortlist.txt
start_offset: 169
end_offset: 175
- name: top-passwords-shortlist.txt
start_offset: 185
end_offset: 191
- name: top-passwords-shortlist.txt
start_offset: 201
end_offset: 208
- name: top-passwords-shortlist.txt
start_offset: 218
end_offset: 224
- name: top-passwords-shortlist.txt
start_offset: 234
end_offset: 241
- name: top-passwords-shortlist.txt
start_offset: 251
end_offset: 261
- name: top-passwords-shortlist.txt
start_offset: 271
end_offset: 277
- name: top-passwords-shortlist.txt
start_offset: 287
end_offset: 295
- name: top-passwords-shortlist.txt
start_offset: 305
end_offset: 313
- name: top-passwords-shortlist.txt
start_offset: 323
end_offset: 331
- name: top-passwords-shortlist.txt
start_offset: 341
end_offset: 347
- name: top-passwords-shortlist.txt
start_offset: 357
end_offset: 364
- name: top-passwords-shortlist.txt
start_offset: 374
end_offset: 380
- name: top-passwords-shortlist.txt
start_offset: 390
end_offset: 396
- name: top-passwords-shortlist.txt
start_offset: 406
end_offset: 413
- name: top-passwords-shortlist.txt
start_offset: 423
end_offset: 428
- name: top-passwords-shortlist.txt
start_offset: 438
end_offset: 445
- name: top-passwords-shortlist.txt
start_offset: 455
end_offset: 460
- name: top-passwords-shortlist.txt
start_offset: 470
end_offset: 477
- name: top-passwords-shortlist.txt
start_offset: 487
end_offset: 495
- name: top-passwords-shortlist.txt
start_offset: 505
end_offset: 511
- name: top-passwords-shortlist.txt
start_offset: 521
end_offset: 527
- name: top-passwords-shortlist.txt
start_offset: 537
end_offset: 543
- name: top-passwords-shortlist.txt
start_offset: 553
end_offset: 559
- name: top-passwords-shortlist.txt
start_offset: 569
end_offset: 573
- name: top-passwords-shortlist.txt
start_offset: 583
end_offset: 589