Skip to main content

Secret Scanner for Slack, Jira, Confluence, Asana, Wrike, Linear and Zendesk. Prevent credential leaks with n0s1.

Project description

n0s1 - Secret Scanner

n0s1 (pronunciation) is a secret scanner for Slack, Jira, Confluence, Asana, Wrike, Linear and Zendesk. It scans all channels/tickets/items/issues within the chosen platform in search of any leaked secrets in the titles, bodies, messages and comments. It is open-source and it can be easily extended to support scanning many others ticketing and messaging platforms.

These secrets are identified by comparing them against an adaptable configuration file named regex.yaml. Alternative TOML format is also supported: regex.toml. The scanner specifically looks for sensitive information, which includes:

  • Github Personal Access Tokens
  • GitLab Personal Access Tokens
  • AWS Access Tokens
  • PKCS8 private keys
  • RSA private keys
  • SSH private keys
  • npm access tokens

Currently supported target platforms:

Install

python3 -m ensurepip --upgrade
python3 -m pip install --upgrade n0s1
n0s1 --help

Quick Start

CLI:

python3 -m pip install n0s1
n0s1 jira_scan --server "https://<YOUR_JIRA_SERVER>.atlassian.net" --api-key "<YOUR_JIRA_API_TOKEN>"

Docker:

docker run spark1security/n0s1 jira_scan --server "https://<YOUR_JIRA_SERVER>.atlassian.net" --api-key "<YOUR_JIRA_API_TOKEN>"

From source:

git clone https://github.com/spark1security/n0s1.git
cd n0s1/src/n0s1
python3 -m venv n0s1_python
source n0s1_python/bin/activate
python3 -m pip install -r ../../requirements.txt
python3 n0s1.py jira_scan --server "https://<YOUR_JIRA_SERVER>.atlassian.net" --api-key "<YOUR_JIRA_API_TOKEN>"
deactivate

GitHub Actions:

jobs:
  jira_secret_scanning:
    steps:
      - uses: spark1security/n0s1-action@main
        env:
          JIRA_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
        with:
          scan-target: 'jira_scan'
          user-email: 'service_account@<YOUR_COMPANY>.atlassian.net'
          platform-url: 'https://<YOUR_COMPANY>.atlassian.net'

GitLab CI - Add the following job to your .gitlab-ci.yml file:

jira-scan:
  stage: test
  image:
    name: spark1security/n0s1
    entrypoint: [""]
  script:
    - n0s1 jira_scan --email "service_account@<YOUR_COMPANY>.atlassian.net" --api-key $JIRA_TOKEN --server "https://<YOUR_COMPANY>.atlassian.net" --report-file gl-dast-report.json --report-format gitlab
    - apt-get update
    - apt-get -y install jq
    - cat gl-dast-report.json | jq
  artifacts:
    reports:
      dast:
        - gl-dast-report.json

Want more? Check out Spark 1

If you liked n0s1, you will love Spark 1 which builds on top of n0s1 to provide even more enhanced capabilities for a complete security management offering.

Don't forget to check out the https://spark1.us website for more information about our products and services.

If you'd like to contact Spark 1 or request a demo, please use the free consultation form.

Community

n0s1 is a Spark 1 open source project.
Learn about our open source work and portfolio here.
Contact us about any matter by opening a GitHub Discussion here

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

n0s1-1.0.24.tar.gz (58.2 kB view details)

Uploaded Source

Built Distribution

n0s1-1.0.24-py3-none-any.whl (70.3 kB view details)

Uploaded Python 3

File details

Details for the file n0s1-1.0.24.tar.gz.

File metadata

  • Download URL: n0s1-1.0.24.tar.gz
  • Upload date:
  • Size: 58.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.9.6

File hashes

Hashes for n0s1-1.0.24.tar.gz
Algorithm Hash digest
SHA256 98cdbc914201446ac1cc37b41998587055fc76224aff4cf8ce90b479d44db5fb
MD5 d92309ff6d8ceca2791443b0d6e3f8d9
BLAKE2b-256 e0e4889020e0ea62530ff2bd3cb55a62c0d05f5544848bc2cd5d425fe459142f

See more details on using hashes here.

File details

Details for the file n0s1-1.0.24-py3-none-any.whl.

File metadata

  • Download URL: n0s1-1.0.24-py3-none-any.whl
  • Upload date:
  • Size: 70.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.9.6

File hashes

Hashes for n0s1-1.0.24-py3-none-any.whl
Algorithm Hash digest
SHA256 f9c7f59e8c51acacd0df22faf3b00b02f98958687f7d65773cd6bfe129b61e57
MD5 50c7f623ab65cdbd374278719fa48765
BLAKE2b-256 347354669d5e2ad86ef3801fb7b9ddb596c61c8810aa0cc1f06f1ced40ed9f33

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page