Open bugbaba opened 1 year ago
Hi, I would like to contribute to this issue, is it still open / possible ?
@Fenrisfulsur yes its still open.
Ok, I will start to work on it then.
Hi, I have a question regarding the test case i have to provided with the detector, I've read the Adding_Detectors_external.md, is it mandatory to provide a working test that can verify the secret ? because in my case it would require setting up a mysql database. Can i provided only "found, unverified" test case ?
Community Note
Description
Hello Team :)
Currently the truffleHog is not having any detector for PyMySQL connection object. Its a famouse python library to connect with mysql database.
Problem to be Addressed
PyMySQL connection objection not detected by trufflehog.
Description of the Preferred Solution
Add a detector to detect PyMySQL connection object in the code. We should look for
pymysql.connect(.*)
in th code and then parse the host, username, password to verify the credentials.Additional Context
Basic regex which can be used for detection part : https://regex101.com/r/nMcIUK/1
References
Official PyMySQL documentation: https://pymysql.readthedocs.io/en/latest/index.html
-- Regards, @bugbaba