Closed gemesa closed 9 months ago
Try /truenas AND /\b(\d+-[a-zA-Z0-9]{64})\b//
in GitHub search to see some examples. Without the additional search term, the regex is too expensive for GitHub to give results for (again, caused by lack of a distinctive prefix in the token format).
TrueNAS has 2 APIs: WebSocket and REST API. I tested both and created 2 separate rules, what do you think?
Note, this TrueNAS API Key is not something that other secret scanners (Truffle Hog, GitLeaks, GitHub Advanced Security, GitGuardian) seem to have rules for. Thank you for your original research @gemesa!