scanner.scan_type package

Submodules

scanner.scan_type.multi_pattern module

class credsweeper.scanner.scan_type.multi_pattern.MultiPattern

Bases: ScanType

Check if line is a part of a multi-line credential and second part is present within MAX_SEARCH_MARGIN lines.

Parameters:

MAX_SEARCH_MARGIN – Int constant. Number of lines around current to perform search for the second part

MAX_SEARCH_MARGIN = 10

classmethod run(config, rule, target)

Check if multiline credential present if the file within MAX_SEARCH_MARGIN range from current line_num.

Parameters:

• config (Config) – user configs

• rule (Rule) – Rule object to check current line. Should be a multi-pattern rule

• target (AnalysisTarget) – Analysis target

Return type:

Optional[Candidate]

Returns:

Candidate object if pattern defined in a rule is present in a line and second part of multi-pattern rule is

present within MAX_SEARCH_MARGIN from the line. False otherwise

scanner.scan_type.pem_key_pattern module

class credsweeper.scanner.scan_type.pem_key_pattern.PemKeyPattern

Bases: ScanType

Check if line is a start of a PEM key.

Parameters:

• ignore_starts – Leading lines in pem file that should be ignored

• remove_characters – This characters would be striped from PEM lines before entropy check

ignore_starts = ['Proc-Type', 'Version', 'DEK-Info']

classmethod is_pem_key(lines)

Check if provided lines is a PEM key.

Parameters:

lines (List[str]) – Lines to be checked

Return type:

bool

Returns:

Boolean. True if PEM key, False otherwise

remove_characters = ' \'";,[]\n\r\t\\+#*'

classmethod remove_leading_config_lines(lines)

Remove non-key lines from the beginning of a list.

Example lines with non-key leading lines:

Proc-Type: 4,ENCRYPTED
DEK-Info: DEK-Info: AES-256-CBC,2AA219GG746F88F6DDA0D852A0FD3211

ZZAWarrA1...

Parameters:

lines (List[str]) – Lines to be checked

Return type:

List[str]

Returns:

List of strings without leading non-key lines

classmethod run(config, rule, target)

Check if current line is a start of a PEM key.

Parameters:

• config (Config) – user configs

• rule (Rule) – Rule object to check current line. Should be a pem-pattern rule

• target (AnalysisTarget) – Analysis target

Return type:

Optional[Candidate]

Returns:

Candidate object if pattern defined in a rule is present in a line and filters defined in rule do not remove current line. None otherwise

classmethod strip_lines(lines)

Remove common symbols that can surround PEM keys inside code.

Examples:

`# ZZAWarrA1`
`* ZZAWarrA1`
`  "ZZAWarrA1\\n" + `

Parameters:

lines (List[str]) – Lines to be striped

Return type:

List[str]

Returns:

lines with special characters removed from both ends

scanner.scan_type.scan_type module

class credsweeper.scanner.scan_type.scan_type.ScanType

Bases: ABC

Base class for all Scanners.

Scanner allow to check if regex pattern defined in a rule is present in a line.

classmethod filtering(config, line_data, filters)

Check if line data should be removed based on filters.

If use_filters option is false, always return False

Parameters:

• config (Config) – dict of credsweeper configuration

• line_data (LineData) – Line data to check with filters

• filters (List[Filter]) – Filters to use

Returns:

True if line_data should be removed. False otherwise. If use_filters option is false, always return False

Return type:

boolean

classmethod get_line_data(config, line, line_num, file_path, pattern, filters)

Check if regex pattern is present in line, and line should not be removed by filters.

Parameters:

• config (Config) – dict of credsweeper configuration

• line (str) – Line to check

• line_num (int) – Line number of a current line

• file_path (str) – Path to the file that contain current line

• pattern (Pattern) – Compiled regex object to be searched in line

• filters (List[Filter]) – Filters to use

Return type:

Optional[LineData]

Returns:

LineData object if pattern a line and filters do not remove current line. None otherwise

classmethod is_pattern_detected_line(line, pattern)

Check if pattern present in the line.

Parameters:

• line (str) – Line to check

• pattern (Pattern) – Compiled regex object

Return type:

bool

Returns:

Boolean. True if pattern is present. False otherwise

classmethod is_valid_line(line, pattern, line_num=-1, file_path=None)

Check if line is not too long and pattern present in the line.

Parameters:

• line (str) – Line to check

• pattern (Pattern) – Compiled regex object to be searched in line

• line_num (int) – Number of line in the file

• file_path (Optional[str]) – Path to the file

Return type:

bool

Returns:

Boolean. True if pattern is present and line is not too long. False otherwise

classmethod is_valid_line_length(line, line_num=-1, file_path=None)

Check if line is not too long for the scanner.

Parameters:

• line (str) – Line to check

• line_num (int) – Number of line in the file

• file_path (Optional[str]) – Path to the file

Return type:

bool

Returns:

Boolean. True if line is not too long. False otherwise

abstract classmethod run(config, rule, target)

Check if regex pattern defined in a rule is present in a line.

Parameters:

• config (Config) – user configs

• rule (Rule) – Rule object to check current line

• target (AnalysisTarget) – Analysis target

Return type:

Optional[Candidate]

Returns:

Candidate object if pattern defined in a rule is present in a line and filters defined in rule do not remove current line. None otherwise

scanner.scan_type.single_pattern module

class credsweeper.scanner.scan_type.single_pattern.SinglePattern

Bases: ScanType

Check if single line rule present in the line.

classmethod run(config, rule, target)

Check if regex pattern defined in a rule is present in a line.

Parameters:

• config (Config) – config object of user configs

• rule (Rule) – Rule object to check current line

• target (AnalysisTarget) – Analysis target

Return type:

Optional[Candidate]

Returns:

Candidate object if pattern defined in a rule is present in a line and filters defined in rule do not

remove current line. None otherwise

Module contents