diff --git a/exposures/tokens/mapbox/mapbox-token-disclosure.yaml b/exposures/tokens/mapbox/mapbox-token-disclosure.yaml new file mode 100644 index 00000000000..d80c3d45508 --- /dev/null +++ b/exposures/tokens/mapbox/mapbox-token-disclosure.yaml @@ -0,0 +1,30 @@ +id: mapbox-token-disclosure + +info: + name: Mapbox Token Disclosure + author: Devang-Solanki + severity: medium + reference: + - https://docs.gitguardian.com/secrets-detection/detectors/specifics/mapbox_token + - https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/mapbox.go + metadata: + verified: "true" + tags: token,exposure,mapbox,disclosure + +requests: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + name: mapbox-public-token + part: body + regex: + - 'pk\.eyJ1Ijoi\w+\.[\w-]*' + + - type: regex + name: mapbox-secret-token + part: body + regex: + - 'sk\.eyJ1Ijoi\w+\.[\w-]*' diff --git a/exposures/tokens/razorpay/razorpay-clientid-disclosure.yaml b/exposures/tokens/razorpay/razorpay-clientid-disclosure.yaml new file mode 100644 index 00000000000..f43055a70f1 --- /dev/null +++ b/exposures/tokens/razorpay/razorpay-clientid-disclosure.yaml @@ -0,0 +1,21 @@ +id: razorpay-clientid-disclosure + +info: + name: Razorpay Client ID Disclosure + author: Devang-Solanki + severity: high + reference: + - https://github.com/streaak/keyhacks#Razorpay-keys + - https://docs.gitguardian.com/secrets-detection/detectors/specifics/razorpay_apikey + tags: exposure,token,razorpay + +requests: + - method: GET + path: + - "{{BaseURL}}" + + extractors: + - type: regex + part: body + regex: + - "rzp_(live|test)_.{14}" diff --git a/file/keys/fcm-api-key.yaml b/file/keys/fcm-api-key.yaml new file mode 100644 index 00000000000..382f9e8c0fb --- /dev/null +++ b/file/keys/fcm-api-key.yaml @@ -0,0 +1,16 @@ +id: fcm-api-key + +info: + name: Firebase Cloud Messaging Token + author: Devang-Solanki + severity: medium + tags: token,file,fcm,firebase,google + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - '[A-Za-z0-9-_]+:APA91b[A-Za-z0-9-_#]+' \ No newline at end of file diff --git a/file/keys/mapbox-token.yaml b/file/keys/mapbox-token.yaml new file mode 100644 index 00000000000..265faf5fe83 --- /dev/null +++ b/file/keys/mapbox-token.yaml @@ -0,0 +1,29 @@ +id: mapbox-token + +info: + name: Mapbox Token + author: Devang-Solanki + severity: medium + reference: + - https://docs.gitguardian.com/secrets-detection/detectors/specifics/mapbox_token + - https://github.com/zricethezav/gitleaks/blob/master/cmd/generate/config/rules/mapbox.go + metadata: + verified: "true" + tags: token,file,mapbox + +file: + - extensions: + - all + + extractors: + - type: regex + name: mapbox-public-token + part: body + regex: + - 'pk\.eyJ1Ijoi\w+\.[\w-]*' + + - type: regex + name: mapbox-secret-token + part: body + regex: + - 'sk\.eyJ1Ijoi\w+\.[\w-]*' diff --git a/file/keys/razorpay-client-id.yaml b/file/keys/razorpay-client-id.yaml new file mode 100644 index 00000000000..02e2a473b3b --- /dev/null +++ b/file/keys/razorpay-client-id.yaml @@ -0,0 +1,19 @@ +id: razorpay-client-id + +info: + name: Razorpay Client ID + author: Devang-Solanki + severity: high + reference: + - https://github.com/streaak/keyhacks#Razorpay-keys + - https://docs.gitguardian.com/secrets-detection/detectors/specifics/razorpay_apikey + tags: token,file,razorpay + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - "rzp_(live|test)_.{14}" diff --git a/file/keys/zapier-webhook.yaml b/file/keys/zapier-webhook.yaml new file mode 100644 index 00000000000..1959f5574a9 --- /dev/null +++ b/file/keys/zapier-webhook.yaml @@ -0,0 +1,19 @@ +id: zapier-webhook + +info: + name: Zapier Webhook + author: Devang-Solanki + severity: high + reference: + - https://github.com/streaak/keyhacks#Zapier-Webhook-Token + - https://docs.gitguardian.com/secrets-detection/detectors/specifics/zapier_webhook_url + tags: token,file,zapier + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - 'https://(?:www.)?hooks\.zapier\.com/hooks/catch/[A-Za-z0-9]+/[A-Za-z0-9]+/'