salvacybersec/keyhunter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(11-16): auto-generated OSINT phase contexts

Browse Source
This commit is contained in:
salvacybersec
2026-04-06 11:40:44 +03:00
parent 3aadeb2d1c
commit 9ad9767109
6 changed files with 266 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
.planning/phases/13-osint_package_registries_container_iac/13-CONTEXT.md Normal file
View File

@@ -0,0 +1,45 @@
# Phase 13: OSINT Package Registries, Containers & IaC - Context
**Gathered:** 2026-04-06
**Status:** Ready for planning
**Mode:** Auto-generated
<domain>
## Phase Boundary
Adds ReconSource implementations for package registry searches (npm, PyPI, Crates.io, RubyGems, Maven, NuGet, Go Proxy), container image inspection (Docker Hub, Docker Compose files), and infrastructure-as-code sources (Kubernetes configs, Terraform Registry) to detect API keys embedded in published packages, images, and IaC definitions.
</domain>
<decisions>
## Implementation Decisions
### Claude's Discretion
All implementation choices are at Claude's discretion. Follow the established Phase 10 pattern: each source implements recon.ReconSource, uses pkg/recon/sources/httpclient.go for HTTP, uses httptest for tests. Each source goes in its own file.
</decisions>
<code_context>
## Existing Code Insights
### Reusable Assets
- pkg/recon/sources/ — established source implementation pattern from Phase 10
- pkg/recon/sources/httpclient.go — shared retry HTTP client
- pkg/recon/sources/register.go — RegisterAll (extend per phase)
- pkg/recon/source.go — ReconSource interface
</code_context>
<specifics>
## Specific Ideas
- NpmSource — search npm registry for packages leaking API keys
- PyPISource — search PyPI for packages with embedded keys
- CratesIOSource — search Crates.io for Rust packages with key leaks
- RubyGemsSource — search RubyGems for gems with exposed keys
- MavenSource — search Maven Central for Java artifacts with keys
- NuGetSource — search NuGet for .NET packages with key exposure
- GoProxySource — search Go module proxy for modules with keys
- ComposeSource — scan Docker Compose files for hardcoded keys
- DockerHubSource — inspect public Docker Hub images for embedded keys
- KubernetesConfigSource — scan public Kubernetes configs/manifests for secrets
- TerraformRegistrySource — search Terraform Registry modules for leaked keys
</specifics>
<deferred>
## Deferred Ideas
None — straightforward source implementations.
</deferred>