inkz

Keybase proof

I hereby claim:

• I am inkz on github.
• I am inkz (https://keybase.io/inkz) on keybase.
• I have a public key whose fingerprint is 8310 30E0 ACE9 0C42 882F 3070 8189 36A1 E08C 79E5

To claim this, I am signing this object:

inkz

rules:
- id: strategies
  pattern-either:
    - pattern: var $F = require("passport-jwt").Strategy;
    - pattern: var $F = require("passport-facebook").Strategy;
    - pattern: var $F = require("passport-google-oauth2").Strategy;
    - pattern: var $F = require("passport-oauth2").Strategy;
    - pattern: var $F = require("passport-twitter").Strategy;
    - pattern: var $F = require("passport-google-oauth1").Strategy;
    - pattern: var $F = require("passport-oauth1").Strategy;

inkz

rules:
- id: disallow-old-tls-versions
  patterns:
  - pattern-either:
    - pattern: |
        tls.Config{..., MinVersion: $TLS.$VERSION, ...}
    - pattern: |
        $CONFIG = &tls.Config{...}
        ...
        $CONFIG.MinVersion = $TLS.$VERSION

inkz

rules:
- id: find-dependencies-js
  pattern-either:
  - pattern: import $X
  - patterns:
    - pattern: require($X)
    - pattern: require("...")
  message: $X
  languages:
  - javascript

inkz

rules:
- id: find-sink-python
  pattern: |
    def $HANDLER(event, context):
      ...
      $SINK(...,<... event ...>,...)
  message: $SINK
  languages:
  - python
  severity: ERROR

inkz

rules:
- id: find-aws-service-python
  pattern: |
    boto3.client($SERVICE)
  message: $SERVICE
  severity: ERROR
  languages:
  - python
- id: find-aws-service-js1
  pattern: |

inkz

rules:
- id: find-aws-service-python
  pattern: |
    boto3.client($SERVICE)
  message: $SERVICE
  severity: ERROR
  languages:
  - python
- id: find-aws-service-js1
  pattern: |

inkz

# usage . aws-2fa.sh 1234
# unset previous session params
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
unset AWS_SESSION_TOKEN

# ARN value
arn='arn-value-here'

# get new session token from AWS

inkz

rules:
- id: prototype-pollution-assignment
  languages:
  - javascript
  - typescript
  message: |
    Possibility of prototype polluting assignment detected.
    By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones.
    This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).
    Possible mitigations might be: freezing the object prototype, using an object without prototypes (via Object.create(null) ), blocking modifications of attributes that resolve to object prototype, using Map instead of object.

inkz

rules:
- id: insecure-object-assign
  mode: taint
  message: |
    Depending on the context, user control data in `Object.assign` can cause web response to include data that it should not have or can lead to a mass assignment vulnerability.
  metadata:
    cwe: "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"
    owasp: 'A1: Injection'
    references:
    - https://nodesecroadmap.fyi/chapter-1/threat-EXF.html