OTP / 2FA Secret markup (#241)

babenek · web-flow · commit 424d37f54a26 · 2025-08-05T12:46:05.000+03:00
* OTP / 2FA Secret markup

* one OTP / 2FA Secret markup
diff --git a/.ci/benchmark.txt b/.ci/benchmark.txt
@@ -1,6 +1,6 @@
-META MD5 50ed3ef305ad91f334214db4eb3e152d
-DATA MD5 dac0c4d817dcc1dc209724af30e2053d
-DATA: 16720463 interested lines. MARKUP: 61437 items
+META MD5 4b2bb7c290c4db1637f23e8852476589
+DATA MD5 48c031052cd50f92ae0e2ee87b96406c
+DATA: 16720463 interested lines. MARKUP: 61439 items
 FileType           FileNumber    ValidLines    Positives    Negatives
 ---------------  ------------  ------------  -----------  -----------
                           677         69567          133          489
@@ -77,7 +77,7 @@ FileType           FileNumber    ValidLines    Positives    Negatives
 .haml                       9           191                        17
 .hbs                        2            54                         3
 .hs                        14          4140           30           65
-.html                      76         31895          114          133
+.html                      76         31895          114          134
 .idl                        3          1625           37            5
 .iml                        6           699                        30
 .in                         7          2242           10           50
@@ -89,8 +89,8 @@ FileType           FileNumber    ValidLines    Positives    Negatives
 .java                     672        144069          489         1499
 .jenkinsfile                1            58            2            6
 .jinja2                     1            64                         2
-.js                       655        531277          582         2702
-.json                     885      13114471         1321        10119
+.js                       655        531277          585         2702
+.json                     885      13114471         1321        10120
 .jsp                       13          3202            1           37
 .jsx                        7           857                        19
 .jwt                        1             1            2
@@ -166,7 +166,7 @@ FileType           FileNumber    ValidLines    Positives    Negatives
 .pyx                        2          1094                        23
 .r                          4            62            5            2
 .rake                       2            51                         2
-.rb                       852        130684          420         2970
+.rb                       852        130684          424         2969
 .re                         1            31                         1
 .red                        1           159                         1
 .release                    1            13                         4
@@ -216,7 +216,7 @@ FileType           FileNumber    ValidLines    Positives    Negatives
 .toml                      86          2471           65          251
 .tpl                        1            43                         1
 .travis                     1            34            2            4
-.ts                       609        109982          226         1970
+.ts                       609        109982          240         1970
 .tsx                       54          7914            1          120
 .ttar                       1           452                         1
 .txt                      322         81679         5238         4385
@@ -229,10 +229,10 @@ FileType           FileNumber    ValidLines    Positives    Negatives
 .xib                       11           503                       164
 .xsl                        1           311                         1
 .yaml                     168         24422          195          377
-.yml                      555         54516         1870         1227
+.yml                      555         54516         1871         1227
 .zsh                        6           872                        12
 .zsh-theme                  1            97                         1
-TOTAL:                  11516      16720463        16205        50385
+TOTAL:                  11516      16720463        16227        50386
 credsweeper result_cnt : 0, lost_cnt : 0, true_cnt : 0, false_cnt : 0
 Rules                             Positives    Negatives    Reported    TP    FP     TN     FN       FPR       FNR       ACC  PRC         RCL  F1
 ------------------------------  -----------  -----------  ----------  ----  ----  -----  -----  --------  --------  --------  -----  --------  ----
@@ -270,10 +270,10 @@ Grafana Provisioned API Key              22            1                 0     0
 JSON Web Token                          168           61                 0     0     61    168  0.000000  1.000000  0.266376         0.000000
 JWK                                      55            0                 0     0      0     55            1.000000  0.000000         0.000000
 Jira / Confluence PAT token               0            4                 0     0      4      0  0.000000            1.000000
-Jira 2FA                                 36            2                 0     0      2     36  0.000000  1.000000  0.052632         0.000000
 Key                                    4210        16306                 0     0  16306   4210  0.000000  1.000000  0.794794         0.000000
 NKEY Seed                                58            0                 0     0      0     58            1.000000  0.000000         0.000000
 Nonce                                   117           49                 0     0     49    117  0.000000  1.000000  0.295181         0.000000
+OTP / 2FA Secret                         58            3                 0     0      3     58  0.000000  1.000000  0.049180         0.000000
 Other                                     9         7442                 0     0   7442      9  0.000000  1.000000  0.998792         0.000000
 PEM Private Key                        1142           76                 0     0     76   1142  0.000000  1.000000  0.062397         0.000000
 Password                               2497         9982                 0     0   9982   2497  0.000000  1.000000  0.799904         0.000000
@@ -288,4 +288,4 @@ Token                                   949         4640                 0     0
 Twilio Credentials                       30           39                 0     0     39     30  0.000000  1.000000  0.565217         0.000000
 URL Credentials                         220          379                 0     0    379    220  0.000000  1.000000  0.632721         0.000000
 UUID                                   1866          265                 0     0    265   1866  0.000000  1.000000  0.124355         0.000000
-                                      16205        50385           0     0     0  50385  16205  0.000000  1.000000  0.756645         0.000000
+                                      16227        50386           0     0     0  50386  16227  0.000000  1.000000  0.756399         0.000000
diff --git a/benchmark/scanner/scanner.py b/benchmark/scanner/scanner.py
@@ -347,7 +347,7 @@ def check_line_from_meta(self,
                 if self.fix:
                     subprocess.check_call(
                         ["sed", "-i",
-                         f"s/{row.Id},\\(.*\\)/{row.Id},\\1:{rule}/",
+                         f"s|{row.Id},\\(.*\\)|{row.Id},\\1:{rule}|",
                          f"{self.cred_data_dir}/meta/{row.RepoName}.csv"])
                     self.meta[MetaKey(data_path, line_start, line_end)].append(lost_meta)
                     lost_meta = None
diff --git a/meta/0b0a8cd6.csv b/meta/0b0a8cd6.csv
@@ -51,3 +51,5 @@ Id,FileID,Domain,RepoName,FilePath,LineStart,LineEnd,GroundTruth,ValueStart,Valu
 1481064,cc466c05,GitHub,0b0a8cd6,data/0b0a8cd6/test/cc466c05.json,165,165,T,31,35,,,Password
 1494788,cc466c05,GitHub,0b0a8cd6,data/0b0a8cd6/test/cc466c05.json,892,892,F,84,104,,,Gitlab Feed Token
 1494789,cc466c05,GitHub,0b0a8cd6,data/0b0a8cd6/test/cc466c05.json,900,900,F,160,180,,,Gitlab Feed Token
+11503169,16995abc,GitHub,0b0a8cd6,data/0b0a8cd6/test/16995abc.html,177,177,F,636,668,,,OTP / 2FA Secret
+11503170,cc466c05,GitHub,0b0a8cd6,data/0b0a8cd6/test/cc466c05.json,967,967,F,140,172,,,OTP / 2FA Secret
diff --git a/meta/2e6b3af5.csv b/meta/2e6b3af5.csv
@@ -55,7 +55,7 @@ Id,FileID,Domain,RepoName,FilePath,LineStart,LineEnd,GroundTruth,ValueStart,Valu
 28072,b49ef96a,GitHub,2e6b3af5,data/2e6b3af5/test/src/example/api/b49ef96a.java,26,26,X,37,49,,,Secret
 28073,ddeadce0,GitHub,2e6b3af5,data/2e6b3af5/test/src/example/api/ddeadce0.java,26,26,X,37,52,,,Secret
 28253,20f14c80,GitHub,2e6b3af5,data/2e6b3af5/test/src/20f14c80.java,28,28,F,19,106,,,Other
-28261,3ff907db,GitHub,2e6b3af5,data/2e6b3af5/test/src/api/3ff907db.java,18,18,X,62,78,,,Jira 2FA:Key
+28261,3ff907db,GitHub,2e6b3af5,data/2e6b3af5/test/src/api/3ff907db.java,18,18,X,62,78,,,OTP / 2FA Secret:Key
 30572,d13e91d9,GitHub,2e6b3af5,data/2e6b3af5/test/src/d13e91d9.java,22,22,T,58,106,,,Token
 30573,d13e91d9,GitHub,2e6b3af5,data/2e6b3af5/test/src/d13e91d9.java,33,33,T,58,106,,,Token
 30574,d13e91d9,GitHub,2e6b3af5,data/2e6b3af5/test/src/d13e91d9.java,43,43,T,59,107,,,Token
diff --git a/meta/39def7b4.csv b/meta/39def7b4.csv
@@ -682,7 +682,7 @@ Id,FileID,Domain,RepoName,FilePath,LineStart,LineEnd,GroundTruth,ValueStart,Valu
 101448,2010d338,GitHub,39def7b4,data/39def7b4/lib/rest/2010d338.rb,383,383,F,,,,,Secret
 101449,27be9d47,GitHub,39def7b4,data/39def7b4/lib/rest/27be9d47.rb,384,384,F,,,,,Secret
 101450,7d9f5b9d,GitHub,39def7b4,data/39def7b4/lib/rest/7d9f5b9d.rb,390,390,F,,,,,Secret
-101451,be070dc3,GitHub,39def7b4,data/39def7b4/spec/be070dc3.rb,79,79,T,88,120,,,Secret
+101451,be070dc3,GitHub,39def7b4,data/39def7b4/spec/be070dc3.rb,79,79,T,88,120,,,Secret:OTP / 2FA Secret
 101452,b5ca0850,GitHub,39def7b4,data/39def7b4/spec/b5ca0850.rb,25,25,F,,,,,Token
 101453,b5ca0850,GitHub,39def7b4,data/39def7b4/spec/b5ca0850.rb,32,32,F,,,,,Token
 101454,0bed0bb2,GitHub,39def7b4,data/39def7b4/security/lib/0bed0bb2.rb,37,37,F,,,,,Other
diff --git a/meta/41659445.csv b/meta/41659445.csv
@@ -58,11 +58,11 @@ Id,FileID,Domain,RepoName,FilePath,LineStart,LineEnd,GroundTruth,ValueStart,Valu
 26664,d4a2a492,GitHub,41659445,data/41659445/src/d4a2a492.ts,39,39,F,,,,,Secret
 26665,d4a2a492,GitHub,41659445,data/41659445/src/d4a2a492.ts,29,29,F,,,,,Secret
 27411,eb85e4f0,GitHub,41659445,data/41659445/test/src/util/eb85e4f0.ts,8,8,X,13,23,,,Secret
-28187,91fd135b,GitHub,41659445,data/41659445/src/util/91fd135b.ts,169,169,T,65,81,,,Jira 2FA:Secret
+28187,91fd135b,GitHub,41659445,data/41659445/src/util/91fd135b.ts,169,169,T,65,81,,,OTP / 2FA Secret:Secret
 31476,5398b006,GitHub,41659445,data/41659445/test/src/5398b006.js,131,131,F,,,,,Token:Secret
 32427,b2f74201,GitHub,41659445,data/41659445/test/src/b2f74201.ts,16,16,T,16,32,,,Password:Secret
 32428,c7cb0c45,GitHub,41659445,data/41659445/test/c7cb0c45.js,8,8,T,20,59,,,Secret
-32441,c7cb0c45,GitHub,41659445,data/41659445/test/c7cb0c45.js,18,18,T,20,36,,,Jira 2FA:Secret
+32441,c7cb0c45,GitHub,41659445,data/41659445/test/c7cb0c45.js,18,18,T,20,36,,,OTP / 2FA Secret:Secret
 32442,b3356305,GitHub,41659445,data/41659445/_/b3356305.md,94,94,T,16,48,,,Secret
 33951,b3356305,GitHub,41659445,data/41659445/_/b3356305.md,447,447,T,21,53,,,Secret
 34868,bf2cd4b4,GitHub,41659445,data/41659445/test/sample/bf2cd4b4.ts,8,8,F,12,18,,,Token
@@ -95,34 +95,34 @@ Id,FileID,Domain,RepoName,FilePath,LineStart,LineEnd,GroundTruth,ValueStart,Valu
 34937,bf2cd4b4,GitHub,41659445,data/41659445/test/sample/bf2cd4b4.ts,20,20,F,12,18,,,Token
 34938,faf09b36,GitHub,41659445,data/41659445/test/faf09b36.ts,120,120,F,12,20,,,Token
 34942,faf09b36,GitHub,41659445,data/41659445/test/faf09b36.ts,132,132,F,12,20,,,Token
-35218,5398b006,GitHub,41659445,data/41659445/test/src/5398b006.js,201,201,T,15,47,,,Secret
+35218,5398b006,GitHub,41659445,data/41659445/test/src/5398b006.js,201,201,T,15,47,,,Secret:OTP / 2FA Secret
 35220,bf2cd4b4,GitHub,41659445,data/41659445/test/sample/bf2cd4b4.ts,27,27,T,13,29,,,Secret
 35221,bf2cd4b4,GitHub,41659445,data/41659445/test/sample/bf2cd4b4.ts,9,9,T,13,29,,,Password:Secret
-35233,5398b006,GitHub,41659445,data/41659445/test/src/5398b006.js,210,210,T,15,47,,,Secret
+35233,5398b006,GitHub,41659445,data/41659445/test/src/5398b006.js,210,210,T,15,47,,,Secret:OTP / 2FA Secret
 35249,bf2cd4b4,GitHub,41659445,data/41659445/test/sample/bf2cd4b4.ts,33,33,T,13,29,,,Secret
 35250,bf2cd4b4,GitHub,41659445,data/41659445/test/sample/bf2cd4b4.ts,21,21,T,13,29,,,Secret
-35252,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,44,44,T,11,43,,,Secret
+35252,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,44,44,T,11,43,,,Secret:OTP / 2FA Secret
 35334,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,19,19,F,15,21,,,Token
 35335,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,9,9,F,15,21,,,Token
 35336,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,14,14,F,15,21,,,Token
 35337,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,39,39,F,15,21,,,Token
 35338,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,34,34,F,15,21,,,Token
-35339,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,23,23,T,16,48,,,Secret
-35340,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,33,33,T,16,48,,,Secret
+35339,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,23,23,T,16,48,,,Secret:OTP / 2FA Secret
+35340,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,33,33,T,16,48,,,Secret:OTP / 2FA Secret
 35341,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,8,8,T,16,48,,,Secret
 35342,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,13,13,T,16,48,,,Secret
-35343,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,28,28,T,16,48,,,Secret
-35344,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,18,18,T,16,48,,,Secret
-35345,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,38,38,T,16,48,,,Secret
+35343,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,28,28,T,16,48,,,Secret:OTP / 2FA Secret
+35344,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,18,18,T,16,48,,,Secret:OTP / 2FA Secret
+35345,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,38,38,T,16,48,,,Secret:OTP / 2FA Secret
 35349,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,24,24,F,15,21,,,Token
 35350,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,29,29,F,15,21,,,Token
-37409,5398b006,GitHub,41659445,data/41659445/test/src/5398b006.js,205,205,T,15,47,,,Secret
+37409,5398b006,GitHub,41659445,data/41659445/test/src/5398b006.js,205,205,T,15,47,,,Secret:OTP / 2FA Secret
 37410,bf2cd4b4,GitHub,41659445,data/41659445/test/sample/bf2cd4b4.ts,15,15,T,13,29,,,Password:Secret
 37420,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,68,68,X,12,18,,,Token
 37421,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,82,82,X,12,18,,,Token
-37422,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,67,67,T,13,45,,,Secret
+37422,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,67,67,T,13,45,,,Secret:OTP / 2FA Secret
 37423,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,73,73,T,13,45,,,Secret
-37424,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,80,80,T,13,45,,,Secret
+37424,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,80,80,T,13,45,,,Secret:OTP / 2FA Secret
 47806,eb85e4f0,GitHub,41659445,data/41659445/test/src/util/eb85e4f0.ts,119,119,X,15,25,,,Secret
 47991,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,78,78,F,,,,,Other
 47992,074dc7a7,GitHub,41659445,data/41659445/test/sample/074dc7a7.ts,64,64,F,,,,,Other
diff --git a/meta/873d2d8b.csv b/meta/873d2d8b.csv
@@ -14,8 +14,8 @@ Id,FileID,Domain,RepoName,FilePath,LineStart,LineEnd,GroundTruth,ValueStart,Valu
 32228,8b2f02c3,GitHub,873d2d8b,data/873d2d8b/example/8b2f02c3.js,95,95,T,18,58,,,Secret
 32370,43415c95,GitHub,873d2d8b,data/873d2d8b/src/template/43415c95.hbs,4,4,F,101,172,,,Other
 32371,43415c95,GitHub,873d2d8b,data/873d2d8b/src/template/43415c95.hbs,2,2,F,69,120,,,Other
-32389,201092fe,GitHub,873d2d8b,data/873d2d8b/example/conf/201092fe.js,8,8,T,16,32,,,Secret:Jira 2FA
-35251,fb92ea8f,GitHub,873d2d8b,data/873d2d8b/example/fb92ea8f.js,100,100,T,11,27,,,Secret:Jira 2FA
+32389,201092fe,GitHub,873d2d8b,data/873d2d8b/example/conf/201092fe.js,8,8,T,16,32,,,Secret:OTP / 2FA Secret
+35251,fb92ea8f,GitHub,873d2d8b,data/873d2d8b/example/fb92ea8f.js,100,100,T,11,27,,,Secret:OTP / 2FA Secret
 49166,b2bc4218,GitHub,873d2d8b,data/873d2d8b/docs/b2bc4218.md,315,315,F,,,,,Secret
 50066,b2bc4218,GitHub,873d2d8b,data/873d2d8b/docs/b2bc4218.md,498,498,F,,,,,Password
 100680,201092fe,GitHub,873d2d8b,data/873d2d8b/example/conf/201092fe.js,6,6,F,,,,,Other
diff --git a/meta/8ba59c91.csv b/meta/8ba59c91.csv
diff --git a/meta/8bc560cd.csv b/meta/8bc560cd.csv
diff --git a/meta/e3377359.csv b/meta/e3377359.csv
