Merge pull request #6741 from Devang-Solanki/main

Added secret detectors for FCM API keys, mapbox API keys, razorpay client id, zapier webhooks

exposures/tokens/mapbox/mapbox-token-disclosure.yaml

@@ -0,0 +1,30 @@
+id: mapbox-token-disclosure
+
+info:
+  name: Mapbox Token Disclosure
+  author: Devang-Solanki
+  severity: medium
+  reference:
+    - https://docs.gitguardian.com/secrets-detection/detectors/specifics/mapbox_token
+    - https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/mapbox.go
+  metadata:
+    verified: "true"
+  tags: token,exposure,mapbox,disclosure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        name: mapbox-public-token
+        part: body
+        regex:
+          - 'pk\.eyJ1Ijoi\w+\.[\w-]*'
+
+      - type: regex
+        name: mapbox-secret-token
+        part: body
+        regex:
+          - 'sk\.eyJ1Ijoi\w+\.[\w-]*'

exposures/tokens/razorpay/razorpay-clientid-disclosure.yaml

@@ -0,0 +1,21 @@
+id: razorpay-clientid-disclosure
+
+info:
+  name: Razorpay Client ID Disclosure
+  author: Devang-Solanki
+  severity: high
+  reference:
+    - https://github.com/streaak/keyhacks#Razorpay-keys
+    - https://docs.gitguardian.com/secrets-detection/detectors/specifics/razorpay_apikey
+  tags: exposure,token,razorpay
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "rzp_(live|test)_.{14}"

file/keys/fcm-api-key.yaml

@@ -0,0 +1,16 @@
+id: fcm-api-key
+
+info:
+  name: Firebase Cloud Messaging Token
+  author: Devang-Solanki
+  severity: medium
+  tags: token,file,fcm,firebase,google
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        regex:
+          - '[A-Za-z0-9-_]+:APA91b[A-Za-z0-9-_#]+'

file/keys/mapbox-token.yaml

@@ -0,0 +1,29 @@
+id: mapbox-token
+
+info:
+  name: Mapbox Token
+  author: Devang-Solanki
+  severity: medium
+  reference:
+    - https://docs.gitguardian.com/secrets-detection/detectors/specifics/mapbox_token
+    - https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/mapbox.go
+  metadata:
+    verified: "true"
+  tags: token,file,mapbox
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        name: mapbox-public-token
+        part: body
+        regex:
+          - 'pk\.eyJ1Ijoi\w+\.[\w-]*'
+
+      - type: regex
+        name: mapbox-secret-token
+        part: body
+        regex:
+          - 'sk\.eyJ1Ijoi\w+\.[\w-]*'

file/keys/razorpay-client-id.yaml

@@ -0,0 +1,19 @@
+id: razorpay-client-id
+
+info:
+  name: Razorpay Client ID
+  author: Devang-Solanki
+  severity: high
+  reference:
+    - https://github.com/streaak/keyhacks#Razorpay-keys
+    - https://docs.gitguardian.com/secrets-detection/detectors/specifics/razorpay_apikey
+  tags: token,file,razorpay
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        regex:
+          - "rzp_(live|test)_.{14}"

file/keys/zapier-webhook.yaml

@@ -0,0 +1,19 @@
+id: zapier-webhook
+
+info:
+  name: Zapier Webhook
+  author: Devang-Solanki
+  severity: high
+  reference:
+    - https://github.com/streaak/keyhacks#Zapier-Webhook-Token
+    - https://docs.gitguardian.com/secrets-detection/detectors/specifics/zapier_webhook_url
+  tags: token,file,zapier
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        regex:
+          - 'https://(?:www.)?hooks\.zapier\.com/hooks/catch/[A-Za-z0-9]+/[A-Za-z0-9]+/'