scanner.scan_type package¶

Submodules¶

scanner.scan_type.multi_pattern module¶

class credsweeper.scanner.scan_type.multi_pattern.MultiPattern[source]¶

Bases: credsweeper.scanner.scan_type.scan_type.ScanType

Check if line is a part of a multi-line credential and second part is present within MAX_SEARCH_MARGIN lines.

Parameters: MAX_SEARCH_MARGIN – Int constant. Number of lines around current to perform search for the second part

MAX_SEARCH_MARGIN = 10¶

classmethod run(config, line, line_num, file_path, rule, lines)[source]¶

Check if multiline credential present if the file within MAX_SEARCH_MARGIN range from current line_num.

Parameters

config (Config) – user configs
line (str) – Line to check
line_num (int) – Line number of a current line
file_path (str) – Path to the file that contain current line
rule (Rule) – Rule object to check current line. Should be a multi-pattern rule
lines (List[str]) – All lines if the file

Return type

Optional[Candidate]

Returns

Candidate object if pattern defined in a rule is present in a line and second part of multi-pattern rule is: present within MAX_SEARCH_MARGIN from the line. False otherwise

classmethod scan(config, candidate, line_num_margin, lines, file_path, rule)[source]¶

Search for second part of multiline rule near the current line.

Automatically update candidate with detected line if any.

Parameters

config (Config) – dict, scanner configuration
candidate (Candidate) – Current credential candidate detected in the line
line_num_margin (int) – Number of lines around candidate to perform search
lines (List[str]) – All lines if the file
file_path (str) – Path to the file that contain current line
rule (Rule) – Rule object to check current line. Should be a multi-pattern rule

Return type

bool

Returns

Boolean. True if second part detected. False otherwise

scanner.scan_type.pem_key_pattern module¶

class credsweeper.scanner.scan_type.pem_key_pattern.PemKeyPattern[source]¶

Bases: credsweeper.scanner.scan_type.scan_type.ScanType

Check if line is a start of a PEM key.

Parameters

ignore_starts – Leading lines in pem file that should be ignored
remove_characters – This characters would be striped from PEM lines before entropy check

ignore_starts = ['Proc-Type', 'Version', 'DEK-Info']¶

classmethod is_pem_key(lines)[source]¶

Check if provided lines is a PEM key.

Parameters: lines (List[str]) – Lines to be checked
Return type: bool
Returns: Boolean. True if PEM key, False otherwise

remove_characters = ' \'";,[]\n\r\t\\+#*'¶

classmethod remove_leading_config_lines(lines)[source]¶

Remove non-key lines from the beginning of a list.

Example lines with non-key leading lines:

Proc-Type: 4,ENCRYPTED
DEK-Info: DEK-Info: AES-256-CBC,2AA219GG746F88F6DDA0D852A0FD3211

ZZAWarrA1...

Parameters: lines (List[str]) – Lines to be checked
Return type: List[str]
Returns: List of strings without leading non-key lines

classmethod run(config, line, line_num, file_path, rule, lines)[source]¶

Check if current line is a start of a PEM key.

Parameters

config (Config) – user configs
line (str) – Line to check
line_num (int) – Line number of a current line
file_path (str) – Path to the file that contain current line
rule (Rule) – Rule object to check current line. Should be a pem-pattern rule
lines (List[str]) – All lines if the file

Return type

Optional[Candidate]

Returns

Candidate object if pattern defined in a rule is present in a line and filters defined in rule do not remove current line. None otherwise

classmethod strip_lines(lines)[source]¶

Remove common symbols that can surround PEM keys inside code.

Examples:

`# ZZAWarrA1`
`* ZZAWarrA1`
`  "ZZAWarrA1\\n" + `

Parameters: lines (List[str]) – Lines to be striped
Return type: List[str]
Returns: lines with special characters removed from both ends

scanner.scan_type.scan_type module¶

class credsweeper.scanner.scan_type.scan_type.ScanType[source]¶

Bases: abc.ABC

Base class for all Scanners.

Scanner allow to check if regex pattern defined in a rule is present in a line.

classmethod filtering(config, line_data, filters)[source]¶

Check if line data should be removed based on filters.

If use_filters option is false, always return False

Parameters

line_data (LineData) – Line data to check with filters
filters (List[Filter]) – Filters to use

Returns

True if line_data should be removed. False otherwise. If use_filters option is false, always return False

Return type

boolean

classmethod get_line_data(config, line, line_num, file_path, pattern, filters)[source]¶

Check if regex pattern is present in line, and line should not be removed by filters.

Parameters

line (str) – Line to check
line_num (int) – Line number of a current line
file_path (str) – Path to the file that contain current line
pattern (Pattern) – Compiled regex object to be searched in line
filters (List[Filter]) – Filters to use

Return type

Optional[LineData]

Returns

LineData object if pattern a line and filters do not remove current line. None otherwise

classmethod is_pattern_detected_line(line, pattern)[source]¶

Check if pattern present in the line.

Parameters

line (str) – Line to check
pattern (Pattern) – Compiled regex object

Return type

bool

Returns

Boolean. True if pattern is present. False otherwise

classmethod is_valid_line(line, pattern)[source]¶

Check if line is not too long and pattern present in the line.

Parameters

line (str) – Line to check
pattern (Pattern) – Compiled regex object to be searched in line

Return type

bool

Returns

Boolean. True if pattern is present and line is not too long. False otherwise

classmethod is_valid_line_length(line)[source]¶

Check if line is not too long for the scanner.

Parameters: line (str) – Line to check
Return type: bool
Returns: Boolean. True if line is not too long. False otherwise

abstract classmethod run(config, line, line_num, file_path, rule, lines)[source]¶

Check if regex pattern defined in a rule is present in a line.

Parameters

config (Config) – user configs
line (str) – Line to check
line_num (int) – Line number of a current line
file_path (str) – Path to the file that contain current line
rule (Rule) – Rule object to check current line
lines (List[str]) – All lines if the file

Return type

Optional[Candidate]

Returns

Candidate object if pattern defined in a rule is present in a line and filters defined in rule do not remove current line. None otherwise

scanner.scan_type.single_pattern module¶

class credsweeper.scanner.scan_type.single_pattern.SinglePattern[source]¶

Bases: credsweeper.scanner.scan_type.scan_type.ScanType

Check if single line rule present in the line.

classmethod run(config, line, line_num, file_path, rule, lines)[source]¶

Check if regex pattern defined in a rule is present in a line.

Parameters

config (Config) – config object of user configs
line (str) – Line to check
line_num (int) – Line number of a current line
file_path (str) – Path to the file that contain current line
rule (Rule) – Rule object to check current line
lines (List[str]) – All lines if the file

Return type

Optional[Candidate]

Returns

Candidate object if pattern defined in a rule is present in a line and filters defined in rule do not: remove current line. None otherwise

scanner.scan_type package¶

Submodules¶

scanner.scan_type.multi_pattern module¶

scanner.scan_type.pem_key_pattern module¶

scanner.scan_type.scan_type module¶

scanner.scan_type.single_pattern module¶

Module contents¶