about Whispers

Whispers, it was a powerful tool for the analysis of codes. It could help the vast majority of research workers to analyze all kinds of common data forms, and search for hard codes and dangerous functions. Whispers could run in the command line terminal, or they could also be integrated into the CI/CD channel p>

detection function

password API token AWS key, private key, personal key, personal key, personal key, personal key, certificate, sensitive file

support the form of the dangerous function of the token

Whispers. In essence, it was a construction version analysis tool, not a code analysis tool p>

the data forms supported by the current version of Whispers are listed below:

YAMLJSONXML npmrc. pypirc. htpasswd. propertiespip. The confconf / iniDockerfileDockercfgShell scriptsPython3

Python3 file would be decoded by AST, because it was supported by the native language p>

declaration and assignment forms

the tool can decode the following language files into text, Besides, he also checked the common declaration of variables and the assignment mode:

JavaScriptJavaGoPHP

special file support

AWS JDBC Jenkins, SpringFramework Java Dockercfg Dockercfg registration certificate, GitHub token, Java tool install the tool through the GitHub lonehttps://github.com/Skyscanner/whisperscdwhispersmakeinstall The

tool used the

command-line interface:

whispers–helpwhispers–infowhisperssource/code/fileOrDirwhispers–configconfig ymlsource/code/fileOrDirwhispers–output/tmp/secrets. ymlsource/code/fileOrDirwhispers–rulesaws-id,aws-secretsource/code/fileOrDirwhispers–severityBLOCKER,CRITICALsource/code/fileOrDirwhispers–exitcode7source/code/fileOrDir

Python£º

fromwhispers. cliimportparse_ argsfromwhispers. coreimportrunsrc=” tests/fixtures” configfile=” whispers/config. yml” args=parse_ Args ([” -c” configFile, src]) forsecretinrun (args): Print (secret) forsecretinrun (args). config. The reference form of YML was as follows:

include:files:-&quot yml” exclude:files:-“**/ test/**/*”-& quot;**/ tests/**/*” Keys:-^foovalues:-bar$rules:starks:message:WhispersfromtheNorthseverity:CRITICALvalue:regex: (Aria|Ned) Starkignorecase:True

config He copied the YML file to a new one and passed it to Whispers:

whispers–configconfig Yml–rulesstarkssrc/file/or/dir

whispers/rules

rule-id:#uniquerulenamedescription:ValuesformattedlikeAWSSessionTokenmessage: AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL, MAJOR, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL, CRITICAL, CRITICAL, MAJOR, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER,

rule-id:#uniquerulenamedescription:ValuesformattedlikeAWSSessionTokenmessage:

rule-id:#uniquerulenamedescription:ValuesformattedlikeAWSSessionTokenmessage: AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL, CRITICAL, MAJOR, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL

rule-id:#uniquerulenamedescription:ValuesformattedlikeAWSSessionTokenmessage:

rule-id:#uniquerulenamedescription:ValuesformattedlikeAWSSessionTokenmessage:

rule-id:#uniquerulenamedescription:ValuesformattedlikeAWSSessionTokenmessage:

rule-id:#uniquerulenamedescription:ValuesformattedlikeAWSSessionTokenmessage: AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL, CRITICAL, CRITICAL, CRITICAL, MAJOR, MINOR AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL, CRITICAL, CRITICAL, MAJOR, CRITICAL, MAJOR, MAJOR, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL CRITICAL, CRITICAL, MAJOR, CRITICAL, MAJOR, MAJOR, MINOR, MAJOR, MAJOR, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, AWSSessionToken#reportwillshowthismessageseverity:BLOCKER#oneofBLOCKER, CRITICAL CRITICAL CRITICAL CRITICAL CRITICAL or, INFOkey:#specifykeyformatregex:(aws.?session.?token)? ignorecase:True#case-insensitivematchingvalue:#specifyvalueformatregex:^(?=.*[a-z])(?=.*[A-Z])[A-Za-z0-9+/]{270,450} $ignorecase:False#case-sensitivematchingminlen:270#valueisatleastthislongisBase64:True#valueisbase64-encodedisAscii:False#valueisbinarydatawhendecodedisUri:False#valueisnotformattedlikeaURIsimilar:0.35#maximumallowedsimilaritybetweenkeyandvalue#(1.0beingexactlythesame) All the analysis functions of the

classPluginName:defpairs (self, file) and

Whispers were achieved through the add in. Each add in would use the pairs () method to realize a class and return the key pair that matched the rule:

classPluginName:defpairs (pairs, pairs): yield” key”,& quot; value” p>

project address

Whispers: