feat(detectors): add Nigerian fintech & betting credential detector by @Lloydcoder #4588

LloydCoder · 2025-12-06T10:39:39Z

New community detector targeting leaked credentials from major Nigerian payment and betting platforms.

Covers:

Paystack secret keys
Flutterwave (Rave) keys
Remita merchant ID + hash
Interswitch Webpay MAC keys
SportyBet/BetKing JWT/admin tokens

Same patterns already merged into Nuclei templates: projectdiscovery/nuclei-templates#14253

Author: @LloydCoder (Tinlance)
Tested locally with trufflehog filesystem . — clean hits, no noise.

@LloydCoder

Adds high-signal detector for: • Paystack (live/test keys) • Flutterwave/Rave • Remita merchant+hash • Interswitch MAC keys • SportyBet/BetKing tokens Written by @LloydCoder (Tinlance) after shipping the same in Nuclei templates. Zero false positives expected due to keyword pre-filtering. 🇳🇬

CLAassistant · 2025-12-06T10:39:46Z

All committers have signed the CLA.

@LloydCoder

New high-impact rules detecting hardcoded credentials from major Nigerian payment and betting platforms: • Paystack (live/test keys) • Flutterwave/Rave • Remita merchant + hash • Interswitch MAC keys • SportyBet/BetKing JWT tokens Same patterns already shipped in: - Nuclei: projectdiscovery/nuclei-templates#14253 - TruffleHog: trufflesecurity/trufflehog#4588 Author: @LloydCoder (Tinlance) 🇳🇬

…Coder

…Coder Appends high-signal rules to default config for detecting leaked credentials from major Nigerian platforms: • Paystack secret keys • Flutterwave/Rave keys • Remita merchant + hash • Interswitch MAC keys • SportyBet/BetKing tokens Same patterns shipped in: - Nuclei: projectdiscovery/nuclei-templates#14253 - TruffleHog: trufflesecurity/trufflehog#4588 - Semgrep: semgrep/semgrep-rules#3719 Author: @LloydCoder (Tinlance) 🇳🇬 Tested with `gitleaks detect --config .` — clean, no FPs on sample repos.

@LloydCoder

New high-impact rules detecting hardcoded credentials from major Nigerian payment and betting platforms: • Paystack (live/test keys) • Flutterwave/Rave • Remita merchant + hash • Interswitch MAC keys • SportyBet/BetKing JWT tokens Same patterns already shipped in: - Nuclei: projectdiscovery/nuclei-templates#14253 - TruffleHog: trufflesecurity/trufflehog#4588 Author: @LloydCoder (Tinlance) 🇳🇬

LloydCoder requested a review from a team December 6, 2025 10:39

LloydCoder requested a review from a team as a code owner December 6, 2025 10:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

feat(detectors): add Nigerian fintech & betting credential detector by @Lloydcoder #4588

feat(detectors): add Nigerian fintech & betting credential detector by @Lloydcoder #4588

LloydCoder commented Dec 6, 2025

Uh oh!

CLAassistant commented Dec 6, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

feat(detectors): add Nigerian fintech & betting credential detector by @Lloydcoder #4588

Are you sure you want to change the base?

feat(detectors): add Nigerian fintech & betting credential detector by @Lloydcoder #4588

Conversation

LloydCoder commented Dec 6, 2025

Uh oh!

CLAassistant commented Dec 6, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

CLAassistant commented Dec 6, 2025 •

edited

Loading