Update and rename low-severity-token.bcheck to tentative.bcheck and Change `else if ` to `if`

[xElkomy]

We implemented a minor adjustment using 'else if', as 'else if' ceases execution upon discovering the first secret. Conversely, using 'if' allows the process to continue, enabling the identification of any additional exposed secrets.

Thanks to @xhzeem for the advice and his note about it.

BCheck Contributions

• [x] BCheck compiles and executes as expected
• [x] BCheck contains appropriate metadata (name, version, author, description and appropriate tags)
• [x] Only .bcheck files have been added or modified
• [x] BCheck is in the appropriate folder
• [x] PR contains single or limited number of BChecks (Multiple PRs are preferred)
• [x] BCheck attempts to minimize false positives

[ps-porpoise]

Hey @xElkomy, I believe you'd also want to use the 'and continue' (docs here) to achieve the behaviour you're looking for. If you don't use that, then your BCheck will stop executing after it's reported its first issue. Note that to do this you'll have to update your language version to 'v2-beta'.

[xElkomy]

Thank you for your advice, I did it now.

[xElkomy]

The Script I used for create those bchecks by this python script:

import yaml
import requests
import os

bcheck_templates = {}

def download_rules(url):
    response = requests.get(url)
    if response.status_code == 200:
        return yaml.safe_load(response.text)
    else:
        raise Exception("Failed to download rules")

def create_bcheck_template(name, regex, confidence):
    bcheck_templates[str(confidence)] = f"""metadata:
 language: v2-beta
 name: "Information Disclosure Secret Finder - {confidence}"
 description: "Detects secret patterns in responses."
 author: "bugswagger, xelkomy, juba0x00, xhzeem"
 tags: "secret, bugswagger"

given response then
"""

def append_condition(name: str, confidence: str, regex: str)-> None:
    value = f"""
 if {{latest.response}} matches "{regex}" then
      report issue and continue:
        severity: medium
        confidence: {confidence}
        detail: "{name} secret pattern detected in the response."
        remediation: "Review and remove unnecessary exposure of secrets."
 end if
"""
    bcheck_templates[confidence] += value

def save_bcheck_file(name, content):
    filename = f"{name.replace(' ', '_').lower()}.bcheck"
    with open(filename, 'w') as file:
        file.write(content)

def main():
    url = "https://raw.githubusercontent.com/mazen160/secrets-patterns-db/master/db/rules-stable.yml"
    rules = download_rules(url)

    if not os.path.exists('bcheckskeys'):
        os.makedirs('bcheckskeys')
    os.chdir('bcheckskeys')

    patterns = rules['patterns']
    for pattern in patterns:
        regex = pattern['pattern']['regex'].replace(r'\"','"').replace('"', r'\"')
        name = pattern['pattern']['name']
        confidence = pattern['pattern']['confidence'].lower()

        # Replace confidence levels
        if confidence == 'high':
            confidence = 'certain'
        elif confidence == 'medium':
            confidence = 'firm'
        elif confidence == 'low':
            confidence = 'tentative'

        if name and regex and confidence:
            if confidence in bcheck_templates.keys():
                append_condition(name, confidence, regex)
            else:
                create_bcheck_template(name, regex, confidence)

    for key, value in bcheck_templates.items():
        print(f'saving {key}.bcheck')
        save_bcheck_file(key, value)

if __name__ == "__main__":
    main()

[xElkomy]

I made a small change on the names and you can suggets the name do you want as you want.