Name:dumpsterdiver
Category:Static Code Analysis
Publisher:trickest
Created:6/23/2021
Container:quay.io/trickest/dumpsterdiver:a54c190
Output Type:
License:Unknown

Parameters

remove
boolean
-rWhen this flag is set, then files which don't contain any secret (or anything interesting if -a flag is set) will be removed.
secret
boolean
-sWhen this flag is set, then all files will be additionally analyzed in search of hardcoded passwords.
grep-words
string
--grep-wordsSpecifies the grep words to look for. Multiple words should be separated by space. Wildcards are supported. Requires adding -a flag to the syntax.
search-level
string
--levelSearch level for key length. Options: --level 0 - short keys (20-40B), e.g. AWS Access Key ID. --level 1 (default) - typical keys (40-70B), e.g. AWS Secret Access Key or Azure Shared Key. --level 2 - long keys (1000-1800B), e.g. SSH private key. --level 3 - any key (20-1800B). Be careful with this setting, because it may generate lots of false positives.
path-to-files
folder
required
-pPath to the folder containing files to be analyzed
max-key-length
string
--max-keySpecifies the maximum key length to be analyzed (default is 80).
min-key-length
string
--min-keySpecifies the minimum key length to be analyzed (default is 20).
bad-expressions
string
--bad-expressionsSpecifies bad expressions. If the DumpsterDiver find such expression in a file, then this file won't be analyzed. Multiple bad expressions should be separated by space.
files-to-exclude
string
--exclude-filesSpecifies file names or extensions which shouldn't be analyzed. File extension should contain . character (e.g. .pdf). Multiple file names and extensions should be separated by space.
advanced-analysis
boolean
-awhen this flag is set, then all files will be additionally analyzed using rules specified in rules.yaml file.
max-password-length
string
--max-passSpecifies the maximum password length to be analyzed (default is 12). Requires adding -s flag to the syntax.
min-password-length
string
--min-passSpecifies the minimum password length to be analyzed (default is 8). Requires adding -s flag to the syntax.
password-complexity
string
--pass-complexSpecifies the edge of password complexity between 1 (trivial passwords) to 9 (very complex passwords) (default is 8). Requires adding -s flag to the syntax.
enge-of-high-entropy
string
--entropySpecifies the edge of high entropy (default is 4.3).