Skip to content

Nosey Parker v0.13.0
Compare
Choose a tag to compare
@bradlarsen bradlarsen released this 24 Apr 19:23
· 349 commits to main since this release
v0.13.0
254fec3

A prebuilt multiplatform Docker image for this release is available for x86_64 and ARM64 architectures:

docker pull ghcr.io/praetorian-inc/noseyparker:v0.13.0

Changes

  • Nosey Parker now statically links against a bundled version of Vectorscan for regular expression matching instead of Hyperscan (#5). This makes building from source simpler, particularly for ARM-based platforms. This also simplifies distribution, as a precompiled noseyparker binary now has no runtime library dependencies on non-default libraries.

  • Several existing rules were modified to reduce false positives and false negatives:

    • Generic API Key
    • Telegram Bot Token

Additions:

  • New rules have been added:

    • Generic Username and Password (quoted)
    • Generic Username and Password (unquoted)
    • Generic Password (double quoted)
    • Generic Password (single quoted)
    • Grafana API Token
    • Grafana Cloud API Token
    • Grafana Service Account Token
    • Postman API Key

  • References have been added for several rules:

    • Twilio API Key
    • Dynatrace Token

Fixes

  • The Docker image now has the git binary installed. Previously this was missing, causing the scan command to fail when the --git-url, --github-user, or --github-organization input specifiers were used (#38).
Assets 4
Loading
0 Join discussion