[request] Add PyMySQL connection object detector

[bugbaba]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Hello Team :)

Currently the truffleHog is not having any detector for PyMySQL connection object. Its a famouse python library to connect with mysql database.

Problem to be Addressed

PyMySQL connection objection not detected by trufflehog.

Description of the Preferred Solution

Add a detector to detect PyMySQL connection object in the code. We should look for pymysql.connect(.*) in th code and then parse the host, username, password to verify the credentials.

Additional Context

Basic regex which can be used for detection part : https://regex101.com/r/nMcIUK/1

References

Official PyMySQL documentation: https://pymysql.readthedocs.io/en/latest/index.html

--
Regards,
@bugbaba

[Fenrisfulsur]

Hi, I would like to contribute to this issue, is it still open / possible ?

[bugbaba]

@Fenrisfulsur yes its still open.

[Fenrisfulsur]

Ok, I will start to work on it then.

[Fenrisfulsur]

Hi, I have a question regarding the test case i have to provided with the detector, I've read the Adding_Detectors_external.md, is it mandatory to provide a working test that can verify the secret ? because in my case it would require setting up a mysql database. Can i provided only "found, unverified" test case ?