Skip to content

Akamai credential pattern #731

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
babenek merged 2 commits into from
Jun 19, 2025
Merged

Akamai credential pattern #731

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3afc53e
AKAMAI credentials
babenek Jun 19, 2025
4014e46
Benchmark fix
babenek Jun 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 11 additions & 10 deletions .ci/benchmark.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
META MD5 2757003b8dc1ce9e817498f27a089160
DATA MD5 9ea9295b0757eff281d8c15df8805646
DATA: 16703750 interested lines. MARKUP: 61929 items
META MD5 0097e6ada1b9b6a55fbaa486e2996654
DATA MD5 0874bbca3b6d927910e8f907aaa33196
DATA: 16703750 interested lines. MARKUP: 61935 items
FileType FileNumber ValidLines Positives Negatives Templates
--------------- ------------ ------------ ----------- ----------- -----------
676 69398 135 415 72
Expand Down Expand Up @@ -66,7 +66,7 @@ FileType FileNumber ValidLines Positives Negatives Templat
.gd 1 37 1
.gml 3 3075 16
.gni 3 5017 19
.go 1275 717403 1358 4118 741
.go 1275 717403 1366 4118 741
.golden 5 1168 1 13 29
.gradle 50 4295 7 90 100
.graphql 8 454 2 13
Expand Down Expand Up @@ -118,7 +118,7 @@ FileType FileNumber ValidLines Positives Negatives Templat
.markdown 38 5862 54 4 1
.markerb 3 12 3
.marko 1 21 2
.md 760 180503 893 2307 584
.md 760 180503 894 2308 584
.mdx 3 549 7
.mjml 1 18 1
.mjs 22 4424 124 341
Expand Down Expand Up @@ -213,7 +213,7 @@ FileType FileNumber ValidLines Positives Negatives Templat
.tl 2 2161 154 2
.tmpl 5 336 3 9
.token 1 1 3
.toml 86 2471 53 103 156
.toml 86 2471 54 104 156
.tpl 1 43 1
.travis 1 34 2 3 1
.ts 609 109982 213 1772 197
Expand All @@ -232,14 +232,15 @@ FileType FileNumber ValidLines Positives Negatives Templat
.yml 555 54516 1230 902 364
.zsh 6 872 12
.zsh-theme 1 97 1
TOTAL: 11478 16703750 15059 46311 4909
credsweeper result_cnt : 14686, lost_cnt : 0, true_cnt : 14469, false_cnt : 217
TOTAL: 11478 16703750 15069 46313 4909
credsweeper result_cnt : 14696, lost_cnt : 0, true_cnt : 14479, false_cnt : 217
Rules Positives Negatives Templates Reported TP FP TN FN FPR FNR ACC PRC RCL F1
------------------------------ ----------- ----------- ----------- ---------- ----- ---- ----- ---- -------- -------- -------- -------- -------- --------
API 240 3172 187 229 229 0 3359 11 0.000000 0.045833 0.996944 1.000000 0.954167 0.976546
AWS Client ID 191 19 0 183 183 0 19 8 0.000000 0.041885 0.961905 1.000000 0.958115 0.978610
AWS Multi 82 10 0 34 34 0 10 48 0.000000 0.585366 0.478261 1.000000 0.414634 0.586207
AWS S3 Bucket 67 23 0 92 67 23 0 0 1.000000 0.000000 0.744444 0.744444 1.000000 0.853503
Akamai Credentials 6 2 0 6 6 0 2 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
Atlassian Old PAT token 5 8 0 11 5 6 2 0 0.750000 0.000000 0.538462 0.454545 1.000000 0.625000
Auth 1076 2759 81 1060 1052 8 2832 24 0.002817 0.022305 0.991828 0.992453 0.977695 0.985019
Azure Access Token 21 0 0 13 13 0 0 8 0.380952 0.619048 1.000000 0.619048 0.764706
Expand Down Expand Up @@ -280,8 +281,8 @@ Seed 1 6 0
Slack Token 4 1 0 4 4 0 1 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
Stripe Credentials 2 0 0 2 2 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
Tencent WeChat API App ID 8 0 0 8 8 0 0 0 0.000000 1.000000 1.000000 1.000000 1.000000
Token 929 4174 455 857 854 3 4626 75 0.000648 0.080732 0.985966 0.996499 0.919268 0.956327
Token 933 4174 455 861 858 3 4626 75 0.000648 0.080386 0.985976 0.996516 0.919614 0.956522
Twilio Credentials 30 39 0 30 30 0 39 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
URL Credentials 225 168 197 225 225 0 365 0 0.000000 0.000000 1.000000 1.000000 1.000000 1.000000
UUID 1866 265 0 1849 1848 1 264 18 0.003774 0.009646 0.991084 0.999459 0.990354 0.994886
15059 46311 4909 14695 14469 217 46094 590 0.004686 0.039179 0.986850 0.985224 0.960821 0.972869
15069 46313 4909 14705 14479 217 46096 590 0.004686 0.039153 0.986853 0.985234 0.960847 0.972888
8 changes: 4 additions & 4 deletions .github/workflows/benchmark.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: a8b03b86f0c2c5236f4df61abc86c8774275af86
ref: d425c1b7600407ca5a82f2379fdc8627d194fb39

- name: Markup hashing
run: |
Expand Down Expand Up @@ -87,7 +87,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: a8b03b86f0c2c5236f4df61abc86c8774275af86
ref: d425c1b7600407ca5a82f2379fdc8627d194fb39

- name: Markup hashing
run: |
Expand Down Expand Up @@ -190,7 +190,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: a8b03b86f0c2c5236f4df61abc86c8774275af86
ref: d425c1b7600407ca5a82f2379fdc8627d194fb39

- name: Markup hashing
run: |
Expand Down Expand Up @@ -378,7 +378,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - 2024.10.23
with:
repository: Samsung/CredData
ref: a8b03b86f0c2c5236f4df61abc86c8774275af86
ref: d425c1b7600407ca5a82f2379fdc8627d194fb39

- name: Markup hashing
run: |
Expand Down
14 changes: 14 additions & 0 deletions credsweeper/rules/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,20 @@
- code
- doc

- name: Akamai Credentials
severity: high
confidence: strong
type: pattern
values:
- (?P<value>akab-[0-9a-z]{16}-[0-9a-z]{16})(?!\.[0-9a-z-]{1,80}\.akamaiapis\.net)
filter_type: GeneralPattern
required_substrings:
- akab-
min_line_len: 38
target:
- code
- doc

- name: AWS Client ID
severity: high
confidence: moderate
Expand Down
6 changes: 3 additions & 3 deletions tests/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
from pathlib import Path

# total number of files in test samples
SAMPLES_FILES_COUNT = 162
SAMPLES_FILES_COUNT = 163

# the lowest value of ML threshold is used to display possible lowest values
NEGLIGIBLE_ML_THRESHOLD = 0.0001

# credentials count after scan with negligible ML threshold
SAMPLES_CRED_COUNT = 505
SAMPLES_CRED_COUNT = 506

# Number of filtered credentials with ML
ML_FILTERED = 22
Expand All @@ -16,7 +16,7 @@
SAMPLES_POST_CRED_COUNT = SAMPLES_CRED_COUNT - ML_FILTERED

# with option --doc & NEGLIGIBLE_ML_THRESHOLD
SAMPLES_IN_DOC = 857
SAMPLES_IN_DOC = 858

# archived credentials that are not found without --depth
SAMPLES_IN_DEEP_1 = SAMPLES_POST_CRED_COUNT + 128
Expand Down
21 changes: 21 additions & 0 deletions tests/data/depth_3.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,27 @@
}
]
},
{
"rule": "Akamai Credentials",
"severity": "high",
"confidence": "strong",
"ml_probability": null,
"line_data_list": [
{
"line": "T: akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"line_num": 1,
"path": "./tests/samples/akamai",
"info": "FILE:./tests/samples/akamai|RAW",
"variable": null,
"variable_start": -2,
"variable_end": -2,
"value": "akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"value_start": 3,
"value_end": 41,
"entropy": 4.15557
}
]
},
{
"rule": "API",
"severity": "low",
Expand Down
21 changes: 21 additions & 0 deletions tests/data/doc.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,27 @@
}
]
},
{
"rule": "Akamai Credentials",
"severity": "high",
"confidence": "strong",
"ml_probability": null,
"line_data_list": [
{
"line": "T: akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"line_num": 1,
"path": "./tests/samples/akamai",
"info": "FILE:./tests/samples/akamai|RAW",
"variable": null,
"variable_start": -2,
"variable_end": -2,
"value": "akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"value_start": 3,
"value_end": 41,
"entropy": 4.15557
}
]
},
{
"rule": "Atlassian Old PAT token",
"severity": "info",
Expand Down
21 changes: 21 additions & 0 deletions tests/data/ml_threshold.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,27 @@
}
]
},
{
"rule": "Akamai Credentials",
"severity": "high",
"confidence": "strong",
"ml_probability": null,
"line_data_list": [
{
"line": "T: akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"line_num": 1,
"path": "./tests/samples/akamai",
"info": "",
"variable": null,
"variable_start": -2,
"variable_end": -2,
"value": "akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"value_start": 3,
"value_end": 41,
"entropy": 4.15557
}
]
},
{
"rule": "API",
"severity": "low",
Expand Down
21 changes: 21 additions & 0 deletions tests/data/output.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,27 @@
}
]
},
{
"rule": "Akamai Credentials",
"severity": "high",
"confidence": "strong",
"ml_probability": null,
"line_data_list": [
{
"line": "T: akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"line_num": 1,
"path": "./tests/samples/akamai",
"info": "",
"variable": null,
"variable_start": -2,
"variable_end": -2,
"value": "akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3",
"value_start": 3,
"value_end": 41,
"entropy": 4.15557
}
]
},
{
"rule": "API",
"severity": "low",
Expand Down
2 changes: 2 additions & 0 deletions tests/samples/akamai
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
T: akab-tblc7jkffv3wfxh3-h5stbzeswb3v4kj3
F: akab-h5stbzeswb3v4kj3-tblc7jkffv3wfxh3.drain.akamaiapis.net
Loading