Onori, Loris
(2022)
Cyber threat intelligence: identifying hardcoded secrets in GitHub.
[Laurea magistrale], Università di Bologna, Corso di Studio in
Ingegneria informatica [LM-DM270], Documento full-text non disponibile
Il full-text non è disponibile per scelta dell'autore.
(
Contatta l'autore)
Abstract
The usage of version control systems and the capabilities of storing the source code in public platforms such as GitHub increased the number of passwords, API Keys and tokens that can be found and used causing a massive security issue for people and companies.
In this project, SAP's secret scanner Credential Digger is presented. How it can scan repositories to detect hardcoded secrets and how it manages to filter out the false positives between them.
Moreover, how I have implemented the Credential Digger's pre-commit hook.
A performance comparison between three different implementations of the hook based on how it interacts with the Machine Learning model is presented.
This project also includes how it is possible to use already detected credentials to decrease the number false positive by leveraging the similarity between leaks by using the Bucket System.
Abstract
The usage of version control systems and the capabilities of storing the source code in public platforms such as GitHub increased the number of passwords, API Keys and tokens that can be found and used causing a massive security issue for people and companies.
In this project, SAP's secret scanner Credential Digger is presented. How it can scan repositories to detect hardcoded secrets and how it manages to filter out the false positives between them.
Moreover, how I have implemented the Credential Digger's pre-commit hook.
A performance comparison between three different implementations of the hook based on how it interacts with the Machine Learning model is presented.
This project also includes how it is possible to use already detected credentials to decrease the number false positive by leveraging the similarity between leaks by using the Bucket System.
Tipologia del documento
Tesi di laurea
(Laurea magistrale)
Autore della tesi
Onori, Loris
Relatore della tesi
Scuola
Corso di studio
Ordinamento Cds
DM270
Parole chiave
Cybersecurity,Password detection,security scanner,Threat intelligence,security tool
Data di discussione della Tesi
6 Dicembre 2022
URI
Altri metadati
Tipologia del documento
Tesi di laurea
(NON SPECIFICATO)
Autore della tesi
Onori, Loris
Relatore della tesi
Scuola
Corso di studio
Ordinamento Cds
DM270
Parole chiave
Cybersecurity,Password detection,security scanner,Threat intelligence,security tool
Data di discussione della Tesi
6 Dicembre 2022
URI
Gestione del documento: