<div align="center">
<img src="https://raw.githubusercontent.com/spark1security/n0s1/main/docs/imgs/logo.png" width="200">
[![GitHub Release][release-img]][release]
[![License: Apache-2.0][license-img]][license]
![Docker Pulls][docker-pulls]
[🏠 Homepage][homepage]
[📖 Documentation][docs]
</div>
# n0s1 - Secret Scanner
n0s1 ([pronunciation](https://en.wiktionary.org/wiki/nosy#Pronunciation)) is a secret scanner for Slack, Jira, Confluence, Asana, Wrike, Linear and Zendesk. It scans all channels/tickets/items/issues within the chosen platform in search of any leaked secrets in the titles, bodies, messages and comments. It is open-source and it can be easily extended to support scanning many others ticketing and messaging platforms.
These secrets are identified by comparing them against an adaptable configuration file named [regex.yaml](https://github.com/spark1security/n0s1/blob/main/src/n0s1/config/regex.yaml). Alternative TOML format is also supported: [regex.toml](https://github.com/spark1security/n0s1/blob/main/src/n0s1/config/regex.toml). The scanner specifically looks for sensitive information, which includes:
* Github Personal Access Tokens
* GitLab Personal Access Tokens
* AWS Access Tokens
* PKCS8 private keys
* RSA private keys
* SSH private keys
* npm access tokens
### Currently supported target platforms:
* [Slack](https://slack.com)
* [Jira](https://www.atlassian.com/software/jira)
* [Confluence](https://www.atlassian.com/software/confluence)
* [Asana](https://asana.com)
* [Wrike](https://www.wrike.com)
* [Linear](https://linear.app/)
* [Zendesk](https://www.zendesk.com/)
### Install
```bash
python3 -m ensurepip --upgrade
python3 -m pip install --upgrade n0s1
n0s1 --help
```
### Quick Start
[CLI:](https://pypi.org/project/n0s1/)
```bash
python3 -m pip install n0s1
n0s1 jira_scan --server "https://<YOUR_JIRA_SERVER>.atlassian.net" --api-key "<YOUR_JIRA_API_TOKEN>"
```
[Docker:](https://hub.docker.com/r/spark1security/n0s1)
```bash
docker run spark1security/n0s1 jira_scan --server "https://<YOUR_JIRA_SERVER>.atlassian.net" --api-key "<YOUR_JIRA_API_TOKEN>"
```
[From source:](https://github.com/spark1security/n0s1#quick-start)
```bash
git clone https://github.com/spark1security/n0s1.git
cd n0s1/src/n0s1
python3 -m venv n0s1_python
source n0s1_python/bin/activate
python3 -m pip install -r ../../requirements.txt
python3 n0s1.py jira_scan --server "https://<YOUR_JIRA_SERVER>.atlassian.net" --api-key "<YOUR_JIRA_API_TOKEN>"
deactivate
```
[GitHub Actions:](https://github.com/marketplace/actions/spark-1-n0s1)
```yaml
jobs:
jira_secret_scanning:
steps:
- uses: spark1security/n0s1-action@main
env:
JIRA_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
with:
scan-target: 'jira_scan'
user-email: 'service_account@<YOUR_COMPANY>.atlassian.net'
platform-url: 'https://<YOUR_COMPANY>.atlassian.net'
```
GitLab CI - Add the following job to your .gitlab-ci.yml file:
```yaml
jira-scan:
stage: test
image:
name: spark1security/n0s1
entrypoint: [""]
script:
- n0s1 jira_scan --email "service_account@<YOUR_COMPANY>.atlassian.net" --api-key $JIRA_TOKEN --server "https://<YOUR_COMPANY>.atlassian.net" --report-file gl-dast-report.json --report-format gitlab
- apt-get update
- apt-get -y install jq
- cat gl-dast-report.json | jq
artifacts:
reports:
dast:
- gl-dast-report.json
```
## Want more? Check out Spark 1
If you liked n0s1, you will love Spark 1 which builds on top of n0s1 to provide even more enhanced capabilities for a complete security management offering.
Don't forget to check out the <https://spark1.us> website for more information about our products and services.
If you'd like to contact Spark 1 or request a demo, please use the [free consultation form](https://spark1.us/contact-us-1).
## Community
n0s1 is a [Spark 1](https://spark1.us) open source project.
Learn about our open source work and portfolio [here](https://spark1.us/n0s1).
Contact us about any matter by opening a GitHub Discussion [here](https://github.com/spark1security/n0s1/issues)
[docker-pulls]: https://img.shields.io/docker/pulls/spark1security/n0s1?logo=docker&label=docker%20pulls%20%2F%20n0s1
[release]: https://github.com/spark1security/n0s1/releases
[release-img]: https://img.shields.io/github/v/release/spark1security/n0s1.svg?logo=github
[github-downloads-img]: https://img.shields.io/github/downloads/spark1security/n0s1/total?logo=github
[license]: https://github.com/spark1security/n0s1/blob/main/LICENSE
[license-img]: https://img.shields.io/badge/license-GPLv3-blue
[homepage]: https://spark1.us/n0s1
[docs]: https://docs.google.com/document/d/1p8L2dOdCwcIphMprtnewCoKOy9VeQFcC9ZIsLUWs_xE/edit?usp=sharing
Raw data
{
"_id": null,
"home_page": "https://spark1.us/n0s1",
"name": "n0s1",
"maintainer": null,
"docs_url": null,
"requires_python": "<4,>=3.9",
"maintainer_email": null,
"keywords": "security, cybersecurity, scanner, secret scanner, secret leak, data leak, Slack, Jira, Confluence, Asana, Wrike, Linear, Zendesk, security scanner, data loss prevention",
"author": "Spark 1",
"author_email": "contact@spark1.us",
"download_url": "https://files.pythonhosted.org/packages/e0/e4/889020e0ea62530ff2bd3cb55a62c0d05f5544848bc2cd5d425fe459142f/n0s1-1.0.24.tar.gz",
"platform": null,
"description": "<div align=\"center\">\n<img src=\"https://raw.githubusercontent.com/spark1security/n0s1/main/docs/imgs/logo.png\" width=\"200\">\n\n[![GitHub Release][release-img]][release]\n[![License: Apache-2.0][license-img]][license]\n![Docker Pulls][docker-pulls]\n\n[\ud83c\udfe0 Homepage][homepage]\n[\ud83d\udcd6 Documentation][docs]\n</div>\n\n\n# n0s1 - Secret Scanner\nn0s1 ([pronunciation](https://en.wiktionary.org/wiki/nosy#Pronunciation)) is a secret scanner for Slack, Jira, Confluence, Asana, Wrike, Linear and Zendesk. It scans all channels/tickets/items/issues within the chosen platform in search of any leaked secrets in the titles, bodies, messages and comments. It is open-source and it can be easily extended to support scanning many others ticketing and messaging platforms.\n\nThese secrets are identified by comparing them against an adaptable configuration file named [regex.yaml](https://github.com/spark1security/n0s1/blob/main/src/n0s1/config/regex.yaml). Alternative TOML format is also supported: [regex.toml](https://github.com/spark1security/n0s1/blob/main/src/n0s1/config/regex.toml). The scanner specifically looks for sensitive information, which includes:\n* Github Personal Access Tokens\n* GitLab Personal Access Tokens\n* AWS Access Tokens\n* PKCS8 private keys\n* RSA private keys\n* SSH private keys\n* npm access tokens\n\n### Currently supported target platforms:\n* [Slack](https://slack.com)\n* [Jira](https://www.atlassian.com/software/jira)\n* [Confluence](https://www.atlassian.com/software/confluence)\n* [Asana](https://asana.com)\n* [Wrike](https://www.wrike.com)\n* [Linear](https://linear.app/)\n* [Zendesk](https://www.zendesk.com/)\n\n### Install\n```bash\npython3 -m ensurepip --upgrade\npython3 -m pip install --upgrade n0s1\nn0s1 --help\n```\n\n### Quick Start\n[CLI:](https://pypi.org/project/n0s1/)\n```bash\npython3 -m pip install n0s1\nn0s1 jira_scan --server \"https://<YOUR_JIRA_SERVER>.atlassian.net\" --api-key \"<YOUR_JIRA_API_TOKEN>\"\n```\n\n[Docker:](https://hub.docker.com/r/spark1security/n0s1)\n```bash\ndocker run spark1security/n0s1 jira_scan --server \"https://<YOUR_JIRA_SERVER>.atlassian.net\" --api-key \"<YOUR_JIRA_API_TOKEN>\"\n```\n\n[From source:](https://github.com/spark1security/n0s1#quick-start)\n```bash\ngit clone https://github.com/spark1security/n0s1.git\ncd n0s1/src/n0s1\npython3 -m venv n0s1_python\nsource n0s1_python/bin/activate\npython3 -m pip install -r ../../requirements.txt\npython3 n0s1.py jira_scan --server \"https://<YOUR_JIRA_SERVER>.atlassian.net\" --api-key \"<YOUR_JIRA_API_TOKEN>\"\ndeactivate\n```\n\n[GitHub Actions:](https://github.com/marketplace/actions/spark-1-n0s1)\n```yaml\njobs:\n jira_secret_scanning:\n steps:\n - uses: spark1security/n0s1-action@main\n env:\n JIRA_TOKEN: ${{ secrets.JIRA_API_TOKEN }}\n with:\n scan-target: 'jira_scan'\n user-email: 'service_account@<YOUR_COMPANY>.atlassian.net'\n platform-url: 'https://<YOUR_COMPANY>.atlassian.net'\n```\n\nGitLab CI - Add the following job to your .gitlab-ci.yml file:\n```yaml\njira-scan:\n stage: test\n image:\n name: spark1security/n0s1\n entrypoint: [\"\"]\n script:\n - n0s1 jira_scan --email \"service_account@<YOUR_COMPANY>.atlassian.net\" --api-key $JIRA_TOKEN --server \"https://<YOUR_COMPANY>.atlassian.net\" --report-file gl-dast-report.json --report-format gitlab\n - apt-get update\n - apt-get -y install jq\n - cat gl-dast-report.json | jq\n artifacts:\n reports:\n dast:\n - gl-dast-report.json\n```\n\n## Want more? Check out Spark 1\n\nIf you liked n0s1, you will love Spark 1 which builds on top of n0s1 to provide even more enhanced capabilities for a complete security management offering.\n\nDon't forget to check out the <https://spark1.us> website for more information about our products and services.\n\nIf you'd like to contact Spark 1 or request a demo, please use the [free consultation form](https://spark1.us/contact-us-1).\n\n## Community\n\nn0s1 is a [Spark 1](https://spark1.us) open source project. \nLearn about our open source work and portfolio [here](https://spark1.us/n0s1). \nContact us about any matter by opening a GitHub Discussion [here](https://github.com/spark1security/n0s1/issues)\n\n\n\n[docker-pulls]: https://img.shields.io/docker/pulls/spark1security/n0s1?logo=docker&label=docker%20pulls%20%2F%20n0s1\n[release]: https://github.com/spark1security/n0s1/releases\n[release-img]: https://img.shields.io/github/v/release/spark1security/n0s1.svg?logo=github\n[github-downloads-img]: https://img.shields.io/github/downloads/spark1security/n0s1/total?logo=github\n[license]: https://github.com/spark1security/n0s1/blob/main/LICENSE\n[license-img]: https://img.shields.io/badge/license-GPLv3-blue\n[homepage]: https://spark1.us/n0s1\n[docs]: https://docs.google.com/document/d/1p8L2dOdCwcIphMprtnewCoKOy9VeQFcC9ZIsLUWs_xE/edit?usp=sharing\n\n\n\n\n\n",
"bugtrack_url": null,
"license": null,
"summary": "Secret Scanner for Slack, Jira, Confluence, Asana, Wrike, Linear and Zendesk. Prevent credential leaks with n0s1.",
"version": "1.0.24",
"project_urls": {
"Bug Reports": "https://github.com/spark1security/n0s1/issues",
"Funding": "https://gofund.me/c6a0520c",
"Homepage": "https://spark1.us/n0s1",
"Source": "https://github.com/spark1security/n0s1"
},
"split_keywords": [
"security",
" cybersecurity",
" scanner",
" secret scanner",
" secret leak",
" data leak",
" slack",
" jira",
" confluence",
" asana",
" wrike",
" linear",
" zendesk",
" security scanner",
" data loss prevention"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "347354669d5e2ad86ef3801fb7b9ddb596c61c8810aa0cc1f06f1ced40ed9f33",
"md5": "50c7f623ab65cdbd374278719fa48765",
"sha256": "f9c7f59e8c51acacd0df22faf3b00b02f98958687f7d65773cd6bfe129b61e57"
},
"downloads": -1,
"filename": "n0s1-1.0.24-py3-none-any.whl",
"has_sig": false,
"md5_digest": "50c7f623ab65cdbd374278719fa48765",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4,>=3.9",
"size": 70331,
"upload_time": "2024-10-12T17:34:52",
"upload_time_iso_8601": "2024-10-12T17:34:52.522760Z",
"url": "https://files.pythonhosted.org/packages/34/73/54669d5e2ad86ef3801fb7b9ddb596c61c8810aa0cc1f06f1ced40ed9f33/n0s1-1.0.24-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "e0e4889020e0ea62530ff2bd3cb55a62c0d05f5544848bc2cd5d425fe459142f",
"md5": "d92309ff6d8ceca2791443b0d6e3f8d9",
"sha256": "98cdbc914201446ac1cc37b41998587055fc76224aff4cf8ce90b479d44db5fb"
},
"downloads": -1,
"filename": "n0s1-1.0.24.tar.gz",
"has_sig": false,
"md5_digest": "d92309ff6d8ceca2791443b0d6e3f8d9",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4,>=3.9",
"size": 58195,
"upload_time": "2024-10-12T17:34:54",
"upload_time_iso_8601": "2024-10-12T17:34:54.328983Z",
"url": "https://files.pythonhosted.org/packages/e0/e4/889020e0ea62530ff2bd3cb55a62c0d05f5544848bc2cd5d425fe459142f/n0s1-1.0.24.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-10-12 17:34:54",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "spark1security",
"github_project": "n0s1",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "requests",
"specs": []
},
{
"name": "toml",
"specs": []
},
{
"name": "jira",
"specs": []
},
{
"name": "pyyaml",
"specs": []
},
{
"name": "atlassian-python-api",
"specs": []
},
{
"name": "asana",
"specs": [
[
"==",
"3.2.2"
]
]
},
{
"name": "zenpy",
"specs": []
},
{
"name": "WrikePy",
"specs": []
},
{
"name": "BeautifulSoup4",
"specs": []
},
{
"name": "slack_sdk",
"specs": []
}
],
"lcname": "n0s1"
}
JSON
