truffleHogRegexes icon indicating copy to clipboard operation
truffleHogRegexes copied to clipboard

Published 20 hours ago verified publisher icon dxa4481

Improve detection of slack tokens

Open byo opened this issue 6 years ago • 3 comments

Current regex for slack tokens seems to be to narrow to handle all slack tokens. I did check three leaked slack tokens (just search for xoxa or xoxp in all github issues), one of them obfuscated, others seem to be a correct ones which does not match the regex.

Also current regex does not match refresh tokens starting with xoxr (https://api.slack.com/docs/token-types).

byo avatar Oct 22 '18 13:10 byo

@dxa4481 hi - discovered this as well. The regex for slack tokens here https://github.com/l4yton/RegHex seems to be more inclusive.

andrew-kline avatar Jun 16 '21 13:06 andrew-kline

Thanks for the reference, I'll update the regex

dxa4481 avatar Jun 16 '21 17:06 dxa4481

Added a few more letters in there (like reghex has) hopefully that covers them all, let me know what you think

dxa4481 avatar Jun 16 '21 17:06 dxa4481