List of current vulnerabilities that are detected by Soteri.
|
Rule Name |
Description |
|---|---|
|
|
AWS Identity and Access Management Client IDs uniquely reference users, access keys. These unique IDs can provide access to your AWS instance by allowing users to get keys. |
|
|
AWS Marketplace Web Service API Keys allow programmatic interfaces to Amazon Seller stores. |
|
|
AWS Secret Access Keys allow for authenticated AWS CLI, SDK, and API access. |
|
|
Azure Access Keys provide access to all data stored in Microsoft Azure. |
|
|
Dynatrace Client Secrets allow for access to your Dynatrace instance API. |
|
|
Elliptical Curve Private Keys - We detect many common SSH Private Key formats. |
|
|
Facebook Application IDs |
|
|
Facebook Application Secrets |
|
|
Generic API Key - Contains logic to detect generic API Keys. |
|
|
Generic Passwords - Contains logic to detect generic passwords. Note that this rule may generate many false positives, and is disabled by default. |
|
|
Generic Secrets - Contains logic to detect generic secrets. |
|
|
Github Authentication Tokens - This rule detects Github Authentication Tokens for personal use as well as for Github Application OAuth. |
|
|
Google API Keys |
|
|
Google OAuth URLs |
|
|
Google OAuth Tokens |
|
|
Heroku API Keys |
|
|
LinkedIn Client IDs |
|
|
LinkedIn Client Secrets |
|
|
Mailchimp API Key |
|
|
Mailgun API Key |
|
|
Generic Password in URL - Contains logic to detect passwords embedded in URLs |
|
|
|
|
|
PGP Private Keys |
|
|
PKSC8 Private Keys - We detect many common SSH Private Key formats. |
|
|
Python Package Index (PyPI) Upload Tokens allow verified publishing of python package to the global repository. |
|
|
We detect many common SSH Private Key formats. |
|
|
|
|
|
Shopify Partner API access Tokens provide access to the a given store's API. |
|
|
Shopify API Secrets give access to all aspects of the general Shopify API – this rule contains logic to detect Shared Secrets and Access Tokens for regular, Custom, and Private applications. |
|
|
Slack API Tokens give access to various API features. |
|
|
Slack Webhooks are secret URLs which give similar access as API Tokens. |
|
|
Square Access Tokens |
|
|
Square OAuth Secrets |
|
|
Generic SSH Private Key - We detect many common SSH Private Key formats. |
|
|
Public Key-half of key-based authentication. Weak public keys can be brute-force cracked by modern computers, and can represent equal vulnerability to the private-key half of the pair. Since properly-generated public keys are not a threat, this rule is disabled by default. |
|
|
Trojan Source detects left-to-right and right-to-left unicode control characters which can be used to obscure malicious code. For more information, see the Trojan Source paper and CVE-2021-42574 in the NIST Database. Note: the homoglyph attack described in this paper, and tracked as CVE-2021-42694 in the NIST Database, is not detected by this rule, as it can generate a lot of false positives for non-English languages. See Mitigating Trojan Source attacks for Soteri’s recommendations if you’re interested in detecting potential homoglyph attacks. |
|
|
Stripe API Key |
|
|
Twilio Account ID - part of the Twilio API |
|
|
Twilio API Key - part of the Twilio API |
|
|
Twitter Client ID |
|
|
Twitter Secret Key |