You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, I had created a local .yml rule to identify these types of mssql "connection" password exposure. Because originally running gitleaks on pip it was not identified. And when manually reviewing via code-review I caught this type of scenario. With that I made the regex to automate and try to contribute so that if this type of exposure comes again, gitleaks will be able to catch it and alert me.
package rules
import (
"regexp"
"github.com/zricethezav/gitleaks/v8/config"
)
// MSSQLDatabaseCredentials generates a rule for detecting exposure of MSSQL database credentials.
func MSSQLDatabaseCredentials() *config.Rule {
// Define Rule
r := config.Rule{
// Human readable description of the rule
Description: "Detects exposure of MSSQL database credentials",
// Unique ID for the rule
RuleID: "mssql-database-credentials",
// Regex used for detecting secrets
Regex: regexp.MustCompile(
`Password=[^;]+`),
// Keywords used for string matching on fragments (pre-filter)
Keywords: []string{"MSSQL", "credentials"},
}
// Validate rule
tps := []string{
// Example secrets that match the rule
"Password=mySecurePassword123;",
}
return validate(r, tps, nil)
}
The text was updated successfully, but these errors were encountered:
Hello, I had created a local .yml rule to identify these types of mssql "connection" password exposure. Because originally running gitleaks on pip it was not identified. And when manually reviewing via code-review I caught this type of scenario. With that I made the regex to automate and try to contribute so that if this type of exposure comes again, gitleaks will be able to catch it and alert me.
Below is an example of the manual test.
yml (example)
go (example)
The text was updated successfully, but these errors were encountered: