Open AlfredBerg opened 1 month ago
trufflehog 3.81.9
The slack webhook should be detected
The detector finds the webhook, but it is then filtered out by FilterKnownFalsePositives. The slack webhook is filtered out here https://github.com/trufflesecurity/trufflehog/blob/3b0b2909ca94209ad753f0eccfd185e8be0f3d62/pkg/detectors/falsepositives.go#L82 since it matches https: over in the badlist https://github.com/trufflesecurity/trufflehog/blob/3b0b2909ca94209ad753f0eccfd185e8be0f3d62/pkg/detectors/badlist.txt#L210 At least https: and http: should probably be removed from that list.
FilterKnownFalsePositives
https:
http:
slack
https://hooks.slack.com/services/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
trufflehog --no-update filesystem slack
TruffleHog Version
trufflehog 3.81.9
Trace Output
Expected Behavior
The slack webhook should be detected
Actual Behavior
The detector finds the webhook, but it is then filtered out by
FilterKnownFalsePositives. The slack webhook is filtered out here https://github.com/trufflesecurity/trufflehog/blob/3b0b2909ca94209ad753f0eccfd185e8be0f3d62/pkg/detectors/falsepositives.go#L82 since it matcheshttps:over in the badlist https://github.com/trufflesecurity/trufflehog/blob/3b0b2909ca94209ad753f0eccfd185e8be0f3d62/pkg/detectors/badlist.txt#L210At least
https:andhttp:should probably be removed from that list.Steps to Reproduce
slackwith a valid slack webhook (looks something likehttps://hooks.slack.com/services/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, this one is not valid though)trufflehog --no-update filesystem slackEnvironment
Additional Context
References
1953