Add Bitbucket App Password rule (#219)

CHANGELOG.md

@@ -23,6 +23,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - The built-in support for enumerating and interacting with GitHub is now a compile time-selectable feature that is enabled by default ([#213](https://github.com/praetorian-inc/noseyparker/pull/213)).
   This makes it possible to build a slimmer release for environments where GitHub functionality is unused.
 
+- New rule has been added:
+
+  - Bitbucket App Password ([#219](https://github.com/praetorian-inc/noseyparker/pull/219))
+
 ### Fixes
 
 - The `Google OAuth Credentials` rule has been revised to avoid runtime errors about an empty capture group.

README.md

@@ -6,7 +6,7 @@ Nosey Parker is a command-line tool that finds secrets and sensitive information
 
 **Key features:**
 - It can natively scan files, directories, and Git repository history
-- It uses regular expression matching with a set of [144 patterns](crates/noseyparker/data/default/builtin/rules) chosen for high signal-to-noise based on experience and feedback from offensive security engagements
+- It uses regular expression matching with a set of [145 patterns](crates/noseyparker/data/default/builtin/rules) chosen for high signal-to-noise based on experience and feedback from offensive security engagements
 - It deduplicates its findings, grouping matches together that share the same secret, which in practice can reduce review burden by 100x or more
 - It is fast: it can scan at hundreds of megabytes per second on a single core, and is able to scan 100GB of Linux kernel source history in less than 2 minutes on an older MacBook Pro
 - It scales: it has scanned inputs as large as 20TiB during security engagements

crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_check_builtins-2.snap

@@ -2,4 +2,4 @@
 source: crates/noseyparker-cli/tests/rules/mod.rs
 expression: stdout
 ---
-144 rules and 3 rulesets: no issues detected
+145 rules and 3 rulesets: no issues detected

crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_json-2.snap

@@ -410,6 +410,28 @@ expression: stdout
         ]
       }
     },
+    {
+      "id": "np.bitbucket.1",
+      "structural_id": "0316294736c698a4549f746b6d7d214dfdf4cff1",
+      "name": "Bitbucket App Password",
+      "syntax": {
+        "name": "Bitbucket App Password",
+        "id": "np.bitbucket.1",
+        "pattern": "(?x)\n\\b\n(ATBB[a-zA-Z0-9]{32})\n\\b\n",
+        "examples": [
+          "git ls-remote https://gemesa:ATBB3g7gLXseCxPjJs1CQNMyEjwf1D12516D@bitbucket.org/***/***"
+        ],
+        "negative_examples": [],
+        "references": [
+          "https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/",
+          "https://support.atlassian.com/bitbucket-cloud/docs/using-app-passwords/"
+        ],
+        "categories": [
+          "api",
+          "secret"
+        ]
+      }
+    },
     {
       "id": "np.blynk.1",
       "structural_id": "7d7b4a3c990889ccbda6d47ec656719c22f9413c",
@@ -3482,7 +3504,7 @@ expression: stdout
     {
       "id": "default",
       "name": "Nosey Parker default rules",
-      "num_rules": 123
+      "num_rules": 124
     },
     {
       "id": "np.assets",

crates/noseyparker-cli/tests/rules/snapshots/test_noseyparker__rules__rules_list_noargs-2.snap

@@ -20,6 +20,7 @@ expression: stdout
  np.azure.1           Azure Connection String                                   api, fuzzy, secret 
  np.azure.2           Azure App Configuration Connection String                 api, fuzzy, secret 
  np.azure.3           Azure Personal Access Token                               api, fuzzy, secret 
+ np.bitbucket.1       Bitbucket App Password                                    api, secret 
  np.blynk.1           Blynk Device Access Token                                 api, secret 
  np.blynk.2           Blynk Organization Access Token                           api, secret 
  np.blynk.3           Blynk Organization Access Token                           api, secret 
@@ -151,6 +152,6 @@ expression: stdout
 
  Ruleset ID   Ruleset Name                         Rules 
 ─────────────────────────────────────────────────────────
- default      Nosey Parker default rules             123 
+ default      Nosey Parker default rules             124 
  np.assets    Nosey Parker asset detection rules      15 
  np.hashes    Nosey Parker password hash rules         6

crates/noseyparker/data/default/builtin/rules/bitbucket.yml

@@ -0,0 +1,21 @@
+rules:
+
+- name: Bitbucket App Password
+  id: np.bitbucket.1
+
+  pattern: |
+    (?x)
+    \b
+    (ATBB[a-zA-Z0-9]{32})
+    \b
+
+  examples:
+  - 'git ls-remote https://gemesa:ATBB3g7gLXseCxPjJs1CQNMyEjwf1D12516D@bitbucket.org/***/***'
+
+  references:
+  - https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/
+  - https://support.atlassian.com/bitbucket-cloud/docs/using-app-passwords/
+
+  categories:
+  - api
+  - secret

crates/noseyparker/data/default/builtin/rulesets/default.yml

@@ -24,6 +24,7 @@ rulesets:
   - np.azure.1        # Azure Connection String
   - np.azure.2        # Azure App Configuration Connection String
   - np.azure.3        # Azure Personal Access Token
+  - np.bitbucket.1    # Bitbucket App Password
   - np.blynk.1        # Blynk Device Access Token
   - np.blynk.2        # Blynk Organization Access Token
   - np.blynk.3        # Blynk Organization Access Token