Nosey Parker

Input Type:#

This parser takes JSON Lines Output from Nosey Parker: https://github.com/praetorian-inc/noseyparkerSupports

Supports versions 0.16.0 and 0.22.0

Things to note about the Nosey Parker Parser:#

• All findings are marked with a severity of ‘High’
• The deduplication algorithm marks a unique finding by the secret, filepath, and line number all together
• The Nosey Parker tool allows for both full history scans of a repo and targeted branch scans

  • The Parser does NOT differentiate between the 2 scan types (may be future functionality)

  • For full history scans:

    • The scan will pick up secrets committed in the past that have since been removed
    • If a secret is removed from source code, it will still show up in the next scan
    • When importing findings via the Dojo API, make sure to use the parameter do_not_reactivate which will keep existing findings closed, without reactivating them

  • For targeted branch scans:

    • Keep in mind there may be active secrets that are either in the git history or not in the current branch

JSON Lines Format:#

The parser only accepts .jsonl reports. Each line of the JSON Lines file from NoseyParker corresponds to a unique secret found with metadata for every match.

Sample Scan Data#

Sample scan data for testing purposes can be found here.

Default Deduplication Hashcode Fields#

By default, DefectDojo identifies duplicate Findings using these hashcode fields:

• title
• cwe
• line
• file path
• description