GitHub OAuth App Keys
Description
General
- Documentation: https://docs.github.com/en/free-pro-team@latest/rest/reference/apps#oauth-applications
- Summary: GitHub Applications are plugins that can be installed on GitHub accounts. This detector focuses on detecting the app's credentials used to retrieve data from GitHub. Note that these credentials are different from GitHub App Keys, the main differences are listed here. When a user installs a GitHub application, they allow the app to act on their behalf within the defined scope. To get more information on the name of the app and the user or oganization it is tied to, visit https://github.com/login/oauth/authorize?client_id=CLIENT_ID_GOES_HERE.
- IPs allowlist: This feature is not currently available.
- Scopes: The app has the scope granted by the user when installing it.
Revoke the secret
This feature is not described in the documentation.
Check for suspicious activity
This feature is not described in the documentation.
Details for GitHub OAuth App Keys
-
Family: credentials
-
Category: version_control_platform
-
Company: GitHub
-
High recall: False
-
Validity check available: True
-
Analyzer available: False
-
On-premise instances exist: True
-
Only valid secrets raise an alert: True
-
Minimum number of matches: 2
-
Occurrences found for one million commits: 25.67
-
Prefixed: False
-
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- git(hub|ment|alk)
- type: ContentWhitelistPreValidator
patterns:
- secret
- key
Examples
- text: |
gitalk:
clientID: c151f93feb034ed7da85
clientSecret: 0fd3f9942d1e65a267a5541ee1fc31d78d8aefda
client_id: c151f93feb034ed7da85
client_secret: 0fd3f9942d1e65a267a5541ee1fc31d78d8aefda
- text: |
gitalk:
clientID: c151f93feb034ed7da85
clientSecret: 0fd3f9942d1e65a267a5541ee1fc31d78d8aefda
client_id: c151f93feb034ed7da85
client_secret: 0fd3f9942d1e65a267a5541ee1fc31d78d8aefda
