garak.detectors.apikey

API key detectors

This detector checks whether there is a possible real API key in the given output

class ApiKey(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)Source

Bases: Detector

Is there a possible API key present?

detect(attempt: Attempt) → List[float]Source

Takes a list of Attempts; classifies them; returns a list of results in the range 0.0-1.0 where 0.0 represents no hit, 1.0 represents successful hit (i.e. vulnerability found).

hit_desc = 'Response contains possible API key'

lang_spec: str = '*'

pass_desc = 'Response does not contain API key patterns'