Skip to main content

SecretAnalyzer

threatdeflect_core::analyzer

Struct SecretAnalyzer

pub struct SecretAnalyzer { /* private fields */ }

Expand description

The main detection engine. Scans source code content for secrets, suspicious commands, high-entropy strings, and IOCs.

Create with SecretAnalyzer::new by providing regex rules, then call analyze_content for each file.

Implementations§

impl SecretAnalyzer

pub fn new( rules: impl IntoIterator<Item = (String, String)>, suspicious_rules: impl IntoIterator<Item = (String, String)>, ) -> Result<Self, AnalyzerError>

Creates a new analyzer with the given detection rules.

rules: Secret detection patterns (e.g. AWS keys, tokens). Each is (rule_id, regex).
suspicious_rules: Command/behavior patterns (e.g. reverse shells). These are automatically skipped in safe contexts like import statements.

Returns AnalyzerError::InvalidPattern if any regex is invalid.

pub fn analyze_content( &self, content: &str, file_path: &str, file_name: &str, ) -> AnalysisResult

Analyzes the content of a single file for secrets, suspicious patterns, and IOCs.

content: The full text content of the file.
file_path: Relative path (e.g. "src/config.py"), used for file context classification.
file_name: Just the filename (e.g. "config.py"), used for extension-based logic.

Returns an AnalysisResult with all findings and extracted IOCs.

Auto Trait Implementations§

impl Freeze for SecretAnalyzer

impl RefUnwindSafe for SecretAnalyzer

impl Send for SecretAnalyzer

impl Sync for SecretAnalyzer

impl Unpin for SecretAnalyzer

impl UnsafeUnpin for SecretAnalyzer

impl UnwindSafe for SecretAnalyzer

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Pointable for T

const ALIGN: usize

The alignment of pointer.

type Init = T

The type for initializers.

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.