Flawnter Custom Data Finder extension lets you define your own custom regex rules to find the data you need. Simply add one regex statement per line in a file called custom-data-finder-rules.
This file needs to be in same path as the custom data finder jar file.
The Format of the rule for Custom Data Finder is as follows: title:severity:type:regex rule. Each column is separated by colon (:).
Title - This is the title of the finding you want to show in the report if it finds a match.
Severity - This is the finding severity you want to show in the report. It can be one of the following values (info,low,medium,high,critical).
Type - This is the finding type. Can be security or quality.
Regex - This is the regex rule to match the pattern in the file it is scanning. If a match is found, a finding is created.
Example rules to find hard-coded usernames and passwords:
Hard-coded Username:low:security:(?i)(username|userid|user[-_]?name|user[-_]?id)\s*=\s*['"].+['"]
Hard-coded Password:high:security:(?i)(password|pwd)\s*[=:]\s*(.{0,32})