Skip to content

Commit

Permalink
info leaks: added reference to token-hunter
Browse files Browse the repository at this point in the history
  • Loading branch information
@jstucke
jstucke committed Nov 24, 2023
1 parent 798bcf7 commit db790e8
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions src/plugins/analysis/information_leaks/code/information_leaks.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
}

URL_REGEXES = {
# based on https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/token-hunter regex
'credentials_in_url': re.compile(
rb'([a-zA-Z]{3,10}://[a-zA-Z0-9]{3,20}:[^/\s:@]{3,20}@[A-Za-z0-9._/:%?&${}=-]{7,100})["\'\s\x00]?'
)
Expand Down

0 comments on commit db790e8

Please sign in to comment.