keyhog-core 0.5.4

keyhog-core — shared data model and detector specifications for the KeyHog secret scanner
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

# Docs: https://docs.bitquery.io/
# Format: 32 character hexadecimal string
# Verify: POST to graphql endpoint with X-API-KEY header, returns 200 if valid
# Prefix: none (32 char hex, requires context anchoring)

[detector]
id = "bitquery-api-key"
name = "Bitquery API Key"
service = "bitquery"
severity = "high"
keywords = ["bitquery", "BITQUERY", "api_key", "apikey"]

[[detector.patterns]]
regex = "(?:BITQUERY|bitquery)[_a-zA-Z0-9]*[=:\\s\"'']+([a-f0-9]{32})"
description = "Bitquery API key with context anchor"
group = 1

[detector.verify]
method = "POST"
url = "https://graphql.bitquery.io"
body = '{"query": "{ bitcoin { blocks { count } } }"}'

[detector.verify.auth]
type = "header"
name = "X-API-KEY"
template = "{{match}}"

[detector.verify.success]
status = 200