trufflehog icon indicating copy to clipboard operation
trufflehog copied to clipboard

Published 20 hours ago verified publisher icon trufflesecurity

Bannerbear Detector V2

Open shahzadhaider1 opened this issue 4 months ago • 0 comments

Description:

This pull request introduces a new V2 detector for Bannerbear API keys. The new version adds support for modern key formats and implements live API verification to eliminate false positives.

Implementation Details

  • New V2 Detector: A new bannerbearv2 detector was created to house the updated logic.
  • Precise Regex: The detector uses the pattern \b(bb_(?:pr|ma)_[a-f0-9]{30})\b to accurately identify both key formats.
  • API Verification: A verification function calls the GET /v2/auth endpoint.
    • A 200 OK response validates a Project API Key.
    • A 400 Bad Request with a specific error message validates a Master API Key, in line with the official API documentation.
  • Keywords: Added bannerbear, bb_pr_, and bb_ma_ to the keyword list for efficient scanning.

Testing

To ensure correctness and reliability, this change includes:

  • Pattern Tests: Tests validating the regex against positive and negative samples.
  • Integration Tests: Live API tests confirming the verification logic for valid Project keys and invalid keys.

Closes OSS-143

Checklist:

  • [x] Tests passing (make test-community)?
  • [x] Lint passing (make lint this requires golangci-lint)?

bannerbear-detector-tests

shahzadhaider1 avatar Jun 13 '25 13:06 shahzadhaider1