leaky-repo
87 строк · 2.5 Кб
1#########################################################################################################
2# We break secrets into two categories, "risk" and "informative".
3# Lines that are "risk" presents an actual risk, "informative" discloses potentially sensitive or useful information.
4# The CSV counts any line containing risk as "Risk", and lines with Informatives as "Informative".
5# Lines with both risk and informative are treated as a single line of risk to simplify counting.
6# Lines with multiple risks or informatives are still counted as 1.
7#########################################################################################################
8# name,num_risk,num_informative
9.bash_profile,6,5
10.bashrc,3,3
11
12# Here the users are informative, the auth is risk.
13# The URLs may be informative in rare cases, but will likely
14# just be docker hub in most cases.
15.docker/.dockercfg,2,2
16# Same as above
17.docker/config.json,2,2
18
19# For all 4 firefox profiles:
20# Risk: encryptedUsername, encryptedPassword
21# Informative: hostname, timeCreated, timeLastUsed, timePasswordChanged, timesUsed
22.mozilla/firefox/logins.json,8,20
23.ssh/id_rsa,1,0
24.ssh/id_rsa.pub,0,1
25cloud/.credentials,2,2
26cloud/.s3cfg,1,2
27cloud/.tugboat,1,2
28cloud/heroku.json,1,1
29db/dump.sql,10,0
30db/mongoid.yml,1,0
31etc/shadow,1,0
32filezilla/recentservers.xml,3,3
33filezilla/filezilla.xml,2,1
34high-entropy-misc.txt,0,2
35misc-keys/cert-key.pem,1,0
36
37# Putty has both public and private keys
38misc-keys/putty-example.ppk,1,1
39proftpdpasswd,1,0
40web/ruby/config/master.key,1,0
41web/ruby/secrets.yml,3,0
42web/var/www/.env,6,4
43.npmrc,2,1
44web/var/www/public_html/wp-config.php,9,3
45web/var/www/public_html/.htpasswd,1,0
46.git-credentials,1,0
47
48# Risk: userPassword, sshPassphrase, sshUserPassword
49# Informative: serverHost, sshHost, sshUserName, userName
50db/robomongo.json,3,4
51web/js/salesforce.js,1,0
52.netrc,2,0
53hub,1,1
54config,1,3
55db/.pgpass,1,0
56ventrilo_srv.ini,2,0
57web/var/www/public_html/config.php,1,3
58db/dbeaver-data-sources.xml,1,0
59
60# Risk: password
61# Informative: hostname, username
62.esmtprc,2,1
63web/django/settings.py,1,0
64
65# Risk: password
66# Informative: host, username, remotePath
67deployment-config.json,3,1
68
69# Risk: password, passphrase (for private key)
70# Informative: host, user, remote
71.ftpconfig,3,2
72
73# Risk: password
74# Informative: hostname, username
75.remote-sync.json,1,2
76
77# Risk: password
78# Informative: host, remotePath, username
79.vscode/sftp.json,1,3
80
81# Risk: password
82# Informative: host, remote_path, user
83sftp-config.json,1,3
84
85# Risk: fileTransfer password
86# Informative: webServer name+url
87.idea/WebServers.xml,1,1