Nosey Parker

Input Type:

This parser takes JSON Lines Output from Nosey Parker: https://github.com/praetorian-inc/noseyparkerSupports

Supports versions 0.16.0 and 0.22.0

Things to note about the Nosey Parker Parser:

  • All findings are marked with a severity of ‘High’
  • The deduplication algorithm marks a unique finding by the secret, filepath, and line number all together
  • The Nosey Parker tool allows for both full history scans of a repo and targeted branch scans
    • The Parser does NOT differentiate between the 2 scan types (may be future functionality)

    • For full history scans:

      • The scan will pick up secrets committed in the past that have since been removed
      • If a secret is removed from source code, it will still show up in the next scan
      • When importing findings via the Dojo API, make sure to use the parameter do_not_reactivate which will keep existing findings closed, without reactivating them
    • For targeted branch scans:

      • Keep in mind there may be active secrets that are either in the git history or not in the current branch

JSON Lines Format:

The parser only accepts .jsonl reports. Each line of the JSON Lines file from NoseyParker corresponds to a unique secret found with metadata for every match.

Sample Scan Data

Sample scan data for testing purposes can be found here.

Default Deduplication Hashcode Fields

By default, DefectDojo identifies duplicate Findings using these hashcode fields:

  • title
  • cwe
  • line
  • file path
  • description