-
Notifications
You must be signed in to change notification settings - Fork 25
/
Copy pathpatterns.yml
34 lines (31 loc) · 1.27 KB
/
patterns.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
name: JWT
patterns:
- name: JWT
type: jwt
description: "JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties."
regex:
pattern: |
e(?:y[IJ]|yL[CD]|yA[JKgi]|w[ko][JKgi])[A-Za-z0-9_-]{10,}(?:fQ|[3HXn]0|[1BFJNRVZdhlpx]9)={0,2}\.e(?:y[IJ]|yL[CD]|yA[JKgi]|w[ko][JKgi])[A-Za-z0-9_-]{10,}(?:fQ|[3HXn]0|[1BFJNRVZdhlpx]9)={0,2}(?:\.?[A-Za-z0-9_-]+={0,2})?
start: |
[^0-9A-Za-z_.-]|\A
end: |
[^0-9A-Za-z_.=-]|\z
# don't match on JWT that are used in private GitHub issues - they now always start with:
# {"iss":"github.com","aud":"raw.githubusercontent.com",
additional_not_match:
- eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIs
test:
data: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoic2VydmljZV9yb2xlIiwiaWF0IjoxNjM2MzcxNDkzLCJleHAiOjE5NTE5NDc0OTN9.T365h6AcgnvibAWvN_rIiaFnOK5R1ZGqdEkPI45zsNs
expected:
- name: owasp-juice-shop.ts
start_offset: 8105
end_offset: 8801
- name: example.txt
start_offset: 16
end_offset: 171
- name: test_jwt.txt
start_offset: 6
end_offset: 163
- name: test_jwt.txt
start_offset: 170
end_offset: 381