Chore/upgrade gitleaks (#68)

* chore: upgrade gitleaks and docs

* fix: update readme

* fix: remove afero fs

Co-authored-by: brittonhayes <brittonhayes@users.noreply.github.com>

.github/workflows/gobuild.yml

@@ -13,7 +13,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.17
+          go-version: 1.18
 
       - name: Build executables
         run: |

.github/workflows/release.yml

@@ -20,7 +20,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.17
+          go-version: 1.18
       - name: Run GoReleaser and release executables
         uses: goreleaser/goreleaser-action@v2
         with:

.github/workflows/test.yml

@@ -12,7 +12,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.17
+          go-version: 1.18
 
       - name: Test
         run: |

README.md

@@ -1,14 +1,13 @@
 # Pillager
 
-![Image](./logo.png)
+<img src="./logo.png" width="700">
 
 [![Go Reference](https://pkg.go.dev/badge/github.com/brittonhayes/pillager.svg)](https://pkg.go.dev/github.com/brittonhayes/pillager)
-
+![Latest Release](https://img.shields.io/github/v/release/brittonhayes/pillager?label=latest%20release)
 [![Go Report Card](https://goreportcard.com/badge/github.com/brittonhayes/pillager)](https://goreportcard.com/report/github.com/brittonhayes/pillager)
-
 ![Tests](https://github.com/brittonhayes/pillager/workflows/test/badge.svg)
 
-![Latest Release](https://img.shields.io/github/v/release/brittonhayes/pillager?label=latest%20release)
+Pillage filesystems for sensitive information with Go.
 
 ## Table of Contents
 
@@ -69,30 +68,40 @@ pillager
 pillager [cmd] --help
 ```
 
+## User Interface
+
+Pillager provides a terminal user interface built with [bubbletea](https://github.com/charmbracelet/bubbletea) if you'd like to scan for secrets interactively.
+
+[![asciicast](https://asciinema.org/a/WISZMVvKsfbFkLLQIWBRotknU.svg)](https://asciinema.org/a/WISZMVvKsfbFkLLQIWBRotknU)
+
 ## Configuration
 
 ### Gitleaks Rules
 
-Pillager provides full support for [Gitleaks](https://github.com/zricethezav/gitleaks) rules. This can either be passed
-in with a [rules.toml](./rules.toml) file, or you can use the default ruleset by leaving the rules flag blank.
+Pillager provides full support for Gitleaks[^gitleaks] rules. This can either be passed
+in with a rules.toml[^rules.toml] file, or you can use the default ruleset by leaving the rules flag blank.
+
+[rules.toml]: https://github.com/zricethezav/gitleaks/blob/57f9bc83d169bea363f2990a4de334b54efc3d7d/config/gitleaks.toml
 
 ```toml
 # rules.toml
 title = "pillager rules"
 
 [[rules]]
-description = "AWS Access Key"
+id = "gitlab-pat"
+description = "GitLab Personal Access Token"
+regex = '''glpat-[0-9a-zA-Z\-\_]{20}'''
+
+[[rules]]
+id = "aws-access-token"
+description = "AWS"
 regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}'''
-tags = ["key", "AWS"]
-[[rules.entropies]]
-Min = "3.5"
-Max = "4.5"
-Group = "1"
 
+# Cryptographic keys
 [[rules]]
-description = "Email Address"
-regex = '''(?i)([A-Za-z0-9!#$%&'*+\/=?^_{|.}~-]+@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?)'''
-tags = ["email", "User Info"]
+id = "PKCS8-PK"
+description = "PKCS8 private key"
+regex = '''-----BEGIN PRIVATE KEY-----'''
 ```
 
 ### Built-in Output Formats
@@ -239,12 +248,14 @@ it's worth your time to check it out.
 
 **Why is Gitleaks relevant to Pillager?**
 
+[gitleaks]: https://github.com/zricethezav/gitleaks
+
 Pillager implements the powerful [rules](https://github.com/zricethezav/gitleaks#rules-summary) functionality of
 Gitleaks while taking a different approach to presenting and handling the secrets found. While I have provided a
 baseline set of default rules, Pillager becomes much more powerful if you allow users to create rules for their own
 use-cases.
 
-Check out the included [rules.toml](./rules.toml) for a baseline ruleset.
+Check out the included [^rules.toml] for a baseline ruleset.
 
 ---
 
@@ -256,6 +267,8 @@ Check out the included [rules.toml](./rules.toml) for a baseline ruleset.
 > At it's core, Pillager is designed to assist you in determining if a system is affected by common sources of credential leakage as documented
 > by the MITRE ATT&CK framework.
 >
+> [mitre]: https://attack.mitre.org
+>
 > [MITRE ATT&CK Technique - T1552,003 - Unsecured Credentials: Bash History ](https://attack.mitre.org/techniques/T1552/003/)
 >
 > [MITRE ATT&CK Technique - T1552,001 - Unsecured Credentials: Credentials In Files](https://attack.mitre.org/techniques/T1552/001/)

Taskfile.yml

@@ -58,7 +58,7 @@ tasks:
   install:
     desc: install executable
     cmds:
-      - go install github.com/brittonhayes/pillager@latest
+      - go install github.com/brittonhayes/pillager/cmd/pillager@latest
 
   run:
     desc: run the executable

go.mod

@@ -1,6 +1,6 @@
 module github.com/brittonhayes/pillager
 
-go 1.17
+go 1.18
 
 require (
 	github.com/BurntSushi/toml v1.0.0
@@ -14,11 +14,10 @@ require (
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/pkg/errors v0.9.1
 	github.com/rs/zerolog v1.26.1
-	github.com/spf13/afero v1.8.1
-	github.com/spf13/cobra v1.3.0
+	github.com/spf13/cobra v1.4.0
 	github.com/spf13/viper v1.10.1
-	github.com/stretchr/testify v1.7.0
-	github.com/zricethezav/gitleaks/v8 v8.3.0
+	github.com/zricethezav/gitleaks/v8 v8.5.1
+	golang.org/x/term v0.0.0-20210422114643-f5beecf764ed
 	gopkg.in/yaml.v2 v2.4.0
 )
 
@@ -27,17 +26,18 @@ require (
 	github.com/Masterminds/semver v1.5.0 // indirect
 	github.com/atotto/clipboard v0.1.4 // indirect
 	github.com/containerd/console v1.0.3 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/fatih/semgroup v1.2.0 // indirect
 	github.com/fsnotify/fsnotify v1.5.1 // indirect
-	github.com/gitleaks/go-gitdiff v0.7.4 // indirect
+	github.com/gitleaks/go-gitdiff v0.7.5 // indirect
 	github.com/google/uuid v1.2.0 // indirect
+	github.com/h2non/filetype v1.1.3 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/huandu/xstrings v1.3.2 // indirect
 	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/inconshreveable/mousetrap v1.0.0 // indirect
 	github.com/kr/pretty v0.3.0 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
-	github.com/magiconair/properties v1.8.5 // indirect
+	github.com/magiconair/properties v1.8.6 // indirect
 	github.com/mattn/go-isatty v0.0.14 // indirect
 	github.com/mattn/go-runewidth v0.0.13 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
@@ -47,20 +47,18 @@ require (
 	github.com/muesli/reflow v0.3.0 // indirect
 	github.com/muesli/termenv v0.11.1-0.20220212125758-44cd13922739 // indirect
 	github.com/pelletier/go-toml v1.9.4 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/rogpeppe/go-internal v1.8.0 // indirect
+	github.com/spf13/afero v1.8.2 // indirect
 	github.com/spf13/cast v1.4.1 // indirect
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/subosito/gotenv v1.2.0 // indirect
 	github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect
 	golang.org/x/crypto v0.0.0-20211215165025-cf75a172585e // indirect
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
-	golang.org/x/sys v0.0.0-20211210111614-af8b64212486 // indirect
-	golang.org/x/term v0.0.0-20210422114643-f5beecf764ed // indirect
+	golang.org/x/sys v0.0.0-20220325203850-36772127a21f // indirect
 	golang.org/x/text v0.3.7 // indirect
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
-	gopkg.in/ini.v1 v1.66.2 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	gopkg.in/ini.v1 v1.66.4 // indirect
 )