admin管理员组

文章数量:1188413

I'm trying to configure Trufflehog tool to use custom regexp to detect simple secrets basing on my needs, e.g. to search for passwords or access tokens. Unfortunately I've not found a way to do it.

I've found also another post about a similar issue and I've tried to apply the suggestion included within this post's discussion to search for an api key through a custom detector.

I've created the testAPIkeyConfig.yaml file with the following content:

detectors:
- name: custom api detector
  keywords:
  - api
  regex:
    adjective: "[a-zA-Z0-9]{32}"

and the testAPIkey.json with the following content:

"API key": "([a-zA-Z0-9]{32})"

and I've executed the following command:

trufflehog filesystem testAPIkey.json --config testAPIkeyConfig.yaml

The output by trufflehog is not the expected one. The API key is not highlighted by the tool; this is the output:

trufflehog filesystem testAPIkey.json --config testAPIkeyConfig.yaml



                本文标签:
                static analysisTrufflehognot able to use regexp to through custom detectorStack Overflow

                        版权声明:本文标题:static analysis - Trufflehog - not able to use regexp to through custom detector - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人,
                        转载请联系作者并注明出处:http://www.betaflare.com/web/1738384588a2084119.html,
                        本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。