GitHub OAuth App Keys

Description

General

• Documentation: https://docs.github.com/en/free-pro-team@latest/rest/reference/apps#oauth-applications
• Summary: GitHub Applications are plugins that can be installed on GitHub accounts. This detector focuses on detecting the app's credentials used to retrieve data from GitHub. Note that these credentials are different from GitHub App Keys, the main differences are listed here. When a user installs a GitHub application, he allows the app to act on his behalf within the defined scope. To get more information on the name of the app and the user or oganization it is tied to, visit https://github.com/login/oauth/authorize?client_id=CLIENT_ID_GOES_HERE.
• IPs allowlist: This feature is not currently available.
• Scopes: The app has the scope granted by the user when installing it.

Revoke the secret

This feature is not described in the documentation.

Check for suspicious activity

This feature is not described in the documentation.

Details for Github oauth app keys

• Family: Api

• Category: Version control platform

• Company: GitHub

• High recall: False

• Validity check available: True

• On-premise instances exist: True

• Only valid secrets raise an alert: True

• Minimum number of matches: 2

• Occurrences found for one million commits: 70.38

• Prefixed: False

• PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r|m)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - git(hub|ment|alk)- type: ContentWhitelistPreValidator  patterns:  - secret  - key

Examples

- text: >    gitalk:      clientID: c151f93feb034ed7da85      clientSecret: 0fd3f9942d1e65a267a5541ee1fc31d78d8aefda  client_id: c151f93feb034ed7da85  client_secret: 0fd3f9942d1e65a267a5541ee1fc31d78d8aefda