generated from codacy/codacy-public-template
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
b26f859
commit 4e3599f
Showing
3 changed files
with
47 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,40 +1,42 @@ | ||
| rules: | ||
| - id: codacy.csharp.security.hard-coded-password | ||
| severity: ERROR | ||
| languages: | ||
| - csharp | ||
| pattern: var $PASSWORD = "$VALUE"; | ||
| regex: "(?i).*(password|motdepasse|heslo|adgangskode|wachtwoord|salasana|passwort|passord|senha|geslo|clave|losenord|clave|parola|secret|pwd).*" | ||
| message: Hardcoded passwords are a security risk. They can be easily found by attackers and used to gain unauthorized access to the system. | ||
| metadata: | ||
| owasp: | ||
| - A3:2017 Sensitive Data Exposure | ||
| description: Hardcoded passwords are a security risk. | ||
| category: security | ||
| technology: | ||
| - .net | ||
| impact: HIGH | ||
| - id: codacy.generic.plsql.empty-strings | ||
| severity: WARNING | ||
| languages: | ||
| - generic | ||
| pattern: var $STRING = ''; | ||
| regex: "(?i).*''.*" | ||
| message: Empty strings can lead to unexpected behavior and should be handled carefully. | ||
| metadata: | ||
| description: Detects empty strings in the code which might cause issues or bugs. | ||
| category: security | ||
| impact: MEDIUM | ||
| - id: codacy.generic.plsql.find-all-passwords | ||
| severity: ERROR | ||
| languages: | ||
| - generic | ||
| pattern: var $PASSWORD = "$VALUE"; | ||
| regex: "(?i).*(password|psw|pwd|pass|adgangskode|benutzerkennwort|chiffre|clave|codewort|contrasena|contrasenya|geheimcode|geslo|heslo|jelszo|kennwort|losenord|losung|losungswort|lozinka|modpas|motdepasse|parol|parola|parole|pasahitza|pasfhocal|passe|passord|passwort|pasvorto|paswoord|salasana|schluessel|schluesselwort|senha|sifre|wachtwoord|wagwoord|watchword|zugangswort|PAROLACHIAVE|PAROLA CHIAVE|PAROLECHIAVI|PAROLE CHIAVI|paroladordine|verschluesselt|sisma).*(?<!pass|passable|passage|passenger|passer|passing|passion|passive|passover|passport|passed|compass|bypass).*" | ||
| message: Hardcoded or exposed passwords are a security risk. They can be easily found by attackers and used to gain unauthorized access to the system. | ||
| metadata: | ||
| owasp: | ||
| - A3:2017 Sensitive Data Exposure | ||
| description: Finding all occurrences of passwords in different languages and formats, while avoiding common false positives. | ||
| category: security | ||
| impact: HIGH | ||
| - id: codacy.csharp.security.hard-coded-password | ||
| severity: ERROR | ||
| languages: | ||
| - csharp | ||
| pattern: var $PASSWORD = "$VALUE"; | ||
| regex: "(?i).*(password|motdepasse|heslo|adgangskode|wachtwoord|salasana|passwort|passord|senha|geslo|clave|losenord|clave|parola|secret|pwd).*" | ||
| message: Hardcoded passwords are a security risk. They can be easily found by attackers and used to gain unauthorized access to the system. | ||
| metadata: | ||
| owasp: | ||
| - A3:2017 Sensitive Data Exposure | ||
| description: Hardcoded passwords are a security risk. | ||
| category: security | ||
| technology: | ||
| - .net | ||
| impact: HIGH | ||
| - id: codacy.generic.plsql.empty-strings | ||
| severity: WARNING | ||
| languages: | ||
| - generic | ||
| pattern: var $STRING = ''; | ||
| message: Empty strings can lead to unexpected behavior and should be handled carefully. | ||
| metadata: | ||
| description: Detects empty strings in the code which might cause issues or bugs. | ||
| category: security | ||
| impact: MEDIUM | ||
| - id: codacy.generic.plsql.find-all-passwords | ||
| severity: ERROR | ||
| languages: | ||
| - generic | ||
| pattern: | | ||
| var $PASSWORD = $...VALUE; | ||
| options: | ||
| generic_ellipsis_max_span: 0 | ||
| message: > | ||
| Hardcoded or exposed passwords are a security risk. They can be easily found by attackers and used to gain unauthorized access to the system. | ||
| metadata: | ||
| owasp: | ||
| - A3:2017 Sensitive Data Exposure | ||
| description: Finding all occurrences of passwords in different languages and formats, while avoiding common false positives. | ||
| category: security | ||
| impact: HIGH |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <module name="root"> | ||
| <module name="codacy.csharp.security.hard-coded-password" /> | ||
| <module name="codacy.generic.empty-strings"/> | ||
| <module name="codacy.generic.find_all_passwords"/> | ||
| <module name="codacy.generic.plsql.empty-strings"/> | ||
| <module name="codacy.generic.plsql.find-all-passwords"/> | ||
| </module> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters