keyhog-scanner 0.5.40

keyhog-scanner: high-performance SIMD-accelerated secret detection engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

use keyhog_core::{Chunk, ChunkMetadata};
use keyhog_scanner::CompiledScanner;

mod support;
use support::paths::detector_dir;

fn scan(text: &str) -> Vec<String> {
    let detectors = keyhog_core::load_detectors(&detector_dir()).expect("load");
    let scanner = CompiledScanner::compile(detectors).expect("compile");
    let chunk = Chunk {
        data: text.into(),
        metadata: ChunkMetadata {
            source_type: "probe".into(),
            path: Some("contract.txt".into()),
            ..Default::default()
        },
    };
    scanner
        .scan(&chunk)
        .into_iter()
        .map(|m| m.credential.as_ref().to_string())
        .collect()
}

#[test]
fn probe_splitio_and_aws() {
    let splitio = scan("split_io_api_key=YWJjZGVmZ2hpamtsbW5vcA==");
    eprintln!("splitio creds: {splitio:?}");
    assert!(
        splitio
            .iter()
            .any(|c| c.contains("YWJjZGVmZ2hpamtsbW5vcA=")),
        "splitio should surface base64 credential"
    );

    let aws = scan("AWS_SECRET_ACCESS_KEY=ev0BsFtSD7S/4VWYObxiEhME3hJBXeYzR43jgiB1");
    eprintln!("aws creds: {aws:?}");
    assert!(
        aws.iter()
            .any(|c| c.contains("ev0BsFtSD7S/4VWYObxiEhME3hJBXeYzR43jgiB1")),
        "aws secret should fire"
    );
}