keyhog-core 0.2.1

Core types, traits, and detector specs for the secret scanner
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

# Docs: https://developer.stackblitz.com/platform/api/authentication
# Format: StackBlitz project tokens or API keys with sb_ prefix or context-anchored
# Verify: no public verification endpoint
# Prefix: sb_, sbp_

[detector]
id = "stackblitz-credentials"
name = "StackBlitz Credentials"
service = "stackblitz"
severity = "high"
keywords = ["sb_", "sbp_", "STACKBLITZ", "stackblitz"]

[[detector.patterns]]
regex = "sb_[a-zA-Z0-9_-]{20,}"
description = "StackBlitz token with sb_ prefix"

[[detector.patterns]]
regex = "sbp_[a-zA-Z0-9_-]{20,}"
description = "StackBlitz project token with sbp_ prefix"

[[detector.patterns]]
regex = "(?:STACKBLITZ|stackblitz)[_\\s]*(TOKEN|API|KEY)[=:\\s\"'']+([a-zA-Z0-9_-]{20,})"
description = "StackBlitz credential with context anchor"
group = 2