Added version 1.0 to OWASP

* Added version 1.0 to OWASP

Co-authored-by: Simeon Cloutier <Simeon.Cloutier@allstate.com>

config/custom_configs.sh

@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+
+######### Custom variables #########
+
+# Show link to OWASP/SEDATED℠ GitHub repository in message output
+# If not set to "True" the link to OWASP/SEDATED will not be displayed
+show_SEDATED_link_custom="True" # Set to "True" to display link to OWASP/SEDATED GitHub repository ! case-sensitive !
+
+# This link will be displayed back to the developer when a push is rejected or when
+# enforced repo check is set to true and the repo is not included on the enforced_repos_list.txt file
+documentation_link_custom=""
+
+# This (use_enforced_repo_check_custom) variable is required to be set to "True" or "False"
+# When this (use_enforced_repo_check_custom) variable is set to "True":
+### all repos not included in the config/enforced_repos_list.txt file will merely
+### see the enforced_repo_check_true_message_custom and documentation_link_custom messages ouput
+### SEDATED℠ will only scan the code of the repos included in that list (config/enforced_repos_list.txt)
+# If this (use_enforced_repo_check_custom) variable is set to "False":
+### SEDATED℠ will scan the code of every repo it is enabled on
+use_enforced_repo_check_custom="" # Set to "True" or "False" ! case-sensitive !
+enforced_repo_check_true_message_custom="SEDATED will soon be enforced on this repository..."
+
+######### Custom functions #########
+
+# Sets user/org/group name variable as well as the repo name variable
+# If using GitHub set variable names from GITHUB variable
+# This function may need to adjusted based on implementation
+function SET_USER_REPO_NAME_CUSTOM() {
+  if [[ "$GITHUB_REPO_NAME" ]]; then
+    user_group_name="${GITHUB_REPO_NAME%/*}"
+    repo_name="${GITHUB_REPO_NAME#*/}"
+  else
+    path=$(pwd)
+    user_group_name=$(whoami)
+    repo_name=$(basename $path | sed 's/.git//')
+  fi
+}
+
+# $1 String error message to be printed
+function PRINT_ERROR_MESSAGE_CUSTOM() {
+  echo "XXXXXXXXXXXXXXXXXXXXXXX ERROR XXXXXXXXXXXXXXXXXXXXXXX"
+  echo ""
+  echo ">>>>>>>> ERROR: $1"
+  echo ""
+  echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+}
+
+# Take custom action when exiting
+function EXIT_SEDATED_CUSTOM() {
+  : # enter custom action to be taken
+}
+
+# Take custom action when repo_whitelist file cannot be accessed
+function UNABLE_TO_ACCESS_REPO_WHITELIST_CUSTOM() {
+  : # enter custom action to be taken
+}
+
+# Take custom action when a push is accepted
+function PUSH_ACCEPTED_CUSTOM() {
+  : # enter custom action to be taken
+}
+
+function UNABLE_TO_ACCESS_REGEXES_CUSTOM() {
+  : # enter custom action to be taken
+}
+
+function PUSH_REJECTED_WITH_VIOLATIONS_CUSTOM() {
+  : # enter custom action to be taken
+}
+
+function UNABLE_TO_ACCESS_COMMIT_WHITELIST_CUSTOM() {
+  : # enter custom action to be taken
+}

config/enforced_repos_list.txt.example

@@ -0,0 +1 @@
+example_org/example_enforced_repo

config/regexes.json

@@ -0,0 +1,41 @@
+{
+  "regexes": [
+    {"Filename":"^(?:\\+\\+\\+[[:space:]]b/)"},
+    {"RSA_Private_Key":"(?:-----BEGIN RSA PRIVATE KEY-----)"},
+    {"OPENSSH_Private_Key":"(?:-----BEGIN OPENSSH PRIVATE KEY-----)"},
+    {"DSA_Private_Key":"(?:-----BEGIN DSA PRIVATE KEY-----)"},
+    {"EC_Private_Key":"(?:-----BEGIN EC PRIVATE KEY-----)"},
+    {"PGP_Private_Key":"(?:-----BEGIN PGP PRIVATE KEY BLOCK-----)"},
+    {"AWS_Key":"AKIA[0-9A-Z]{16,17}"},
+    {"Google_Oauth_client_secret":"\"client_secret\":\"[a-zA-Z0-9\\_-]{24}\""},
+    {"Slack_token":"xox[pboa]-[0-9]{11,12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32}"},
+    {"Basic_Auth":"Authorization:[[:space:]]Basic[[:space:]](?:[a-zA-Z0-9\\+/]{4})*(?:[a-zA-Z0-9\\+/]{3}=|[a-zA-Z0-9\\+/]{2}==)?(?:$|[[:space:];'\"'\"'\"])"},
+    {".npmrc_auth":"(?i)^\\+[[:space:]]*\\_auth[[:space:]]*="},
+    {".npmrc_password":"^\\+[[:space:]]*\\_password[[:space:]]*="},
+    {"Secret_Generic_with_space_line_end":" secret[[:space:]]+[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]-]{8,}[[:space:]]*$"},
+    {"Secret_Generic_with_space_full_quotes":"secret[[:space:]]+[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]-]{8,}[[:space:];'\"'\"'\"]+"},
+    {"Secret_Generic_no_space_line_end":"secret['\"'\"'\"]?[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]-]{8,45}[[:space:]]*$"},
+    {"Secret_Generic_no_space_full_quotes":"secret['\"'\"'\"]?[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]-]{8,45}[[:space:];'\"'\"'\"]+"},
+    {"Keys_line_end":"(?:access|private|sensitive|secret|api|app(?:lication)?)[[:space:]_-]?key[[:space:]]+[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]_-]{8,}[[:space:]]*$"},
+    {"Keys_line_end":"(?:access|private|sensitive|secret|api|app(?:lication)?)[[:space:]_-]?key[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]_-]{8,}[[:space:]]*$"},
+    {"Keys":"(?:access|private|sensitive|secret|api|app(?:lication)?)[[:space:]_-]?key[[:space:]]+[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]_-]{8,}[[:space:];'\"'\"'\"]+"},
+    {"Keys":"(?:access|private|sensitive|secret|api|app(?:lication)?)[[:space:]_-]?key[=:]{1,2}[[:space:]]*['\"'\"'\"]?[[:alnum:]_-]{8,}[[:space:];'\"'\"'\"]+"},
+    {"Password_Generic_with_quotes":"(?:(?:pass(?:w(?:or)?d)?)|(?:psw(?:r)?d))['\"'\"'\"]?[=:]{1,2}[[:space:]]*['\"'\"'\"][a-z0-9!?$)%@#*&_^-]{6,45}[[:space:];'\"'\"'\"]+"},
+    {"Password_Generic_with_space_and_quotes":"(?:(?:pass(?:w(?:or)?d)?)|(?:psw(?:r)?d))['\"'\"'\"]?[[:space:]]+[=:]{1,2}[[:space:]]+[@]?['\"'\"'\"][a-z0-9!?$)%@#*&_^-]{6,45}[[:space:];'\"'\"'\"]+"},
+    {"Password_Generic_with_end_only_quotes":"password['\"'\"'\"]?[=]+[[:space:]]*[a-z0-9!?$)%@#*&_^-]{6,45}[[:space:];'\"'\"'\"]+"},
+    {"Password_Generic_with_space_and_end_only_quotes":"password['\"'\"'\"]?[[:space:]][[:space:]=]+[a-z0-9!?$)%@#*&_^-]{6,45}[[:space:];'\"'\"'\"]]+"},
+    {"Password_Objective_C":"password[[:space:]=:]+@['\"'\"'\"][a-z0-9!?$)%@#*&_^-]{6,45}['\"'\"'\"]"},
+    {"Password_value":"password.*value[=]\"[a-z0-9!?$)%@#*&_^-]{6,45}\""},
+    {"Password_primary":"password[[:space:]]primary[=]['\"'\"'\"][a-z0-9!?$()%@#*&_^-]{6,45}['\"'\"'\"]"},
+    {"Password_set":"(?:(?:pass(?:w(?:or)?d)?)|(?:psw(?:r)?d))[(]['\"'\"'\"][a-z0-9!$%@#*&_^-]{6,45}['\"'\"'\"][)][;]"},
+    {"Password_no_quotes_with_space":"(?:(?:pass(?:w(?:or)?d)?)|(?:psw(?:r)?d))[[:space:]][[:space:]]*[=]{1,2}[[:space:]]*[[:space:]][^$][a-z0-9!?$)%@#*&_^-]{6,45}[[:space:]]*$"},
+    {"Password_no_quotes":"(?:(?:pass(?:w(?:or)?d)?)|(?:psw(?:r)?d))[=]{1,2}[[:space:]]*[a-z0-9!?$)%@#*&_^-]{6,45}[[:space:]]*$"},
+    {"Password_admin":"(?:(?:pass(?:w(?:or)?d)?)|(?:psw(?:r)?d))['\"'\"'\"]?[=:]{1,2}[[:space:]]*['\"'\"'\"]?admin[[:space:];'\"'\"'\"]+"},
+    {"Password_admin_with_space":"(?:(?:pass(?:w(?:or)?d)?)|(?:psw(?:r)?d))['\"'\"'\"]?[[:space:]]+[=:]{1,2}[[:space:]]+['\"'\"'\"]?admin[[:space:];'\"'\"'\"]+"},
+    {"Pass_String":"pass[=:]+[[:space:]]+string[[:space:]]+['\"'\"'\"]?[a-zA-Z0-9!?$)%@#*&_^-]{6,45}[[:space:];'\"'\"'\"]+"},
+    {"GitHub_Token":"github.*['\"'\"'\"][[:alnum:]]{35,40}['\"'\"'\"]"},
+    {"Facebook_Token":"facebook.*['\"'\"'\"][0-9a-f]{32,255}['\"'\"'\"]"},
+    {"Twitter_Token":"twitter.*['\"'\"'\"][[:alnum:]]{35,44}['\"'\"'\"]"},
+    {"Heroku_Key":"heroku.*[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}"}
+  ]
+}

config/whitelists/commit_whitelist.txt.example

@@ -0,0 +1,2 @@
+0000000000000000000000000000000000000000
+1234567890example1234567890commit1234567

config/whitelists/repo_whitelist.txt.example

@@ -0,0 +1 @@
+example_org/example_whitelisted_repo