[FEA]: Update SID with credential detection

[exactlyallan]

Is this a new feature, an improvement, or a change to existing functionality?

Improvement

How would you describe the priority of this feature request

Low (would be nice)

Please provide a clear description of problem this feature solves

Inspired by ArsTechnica Article on ease of publicaly exposed credentials.

Describe your ideal solution

GIST: Build out some extra rules and filters around SID for credential detection, with emphasis for incorporating in CI processes.

Additional context

No response

Code of Conduct

• I agree to follow this project's Code of Conduct
• I have searched the open feature requests and have found no duplicates for this feature request

[yousecjoe]

I am also interested in adding this as a feature for a cybersecurity use case. The source of the exposed credentials could be haveibeenpwned or a password manager that utilizes that same service. Subscribed.

[aserGarcia]

@exactlyallan , I am interested in working on this as an independent contributor.
I wanted clarification on your thoughts.

As I see it, SID classifies on the PCAP data, in your feature, would you suggest training a classifier on code for credential detection? If so, how would that be different that a tool such as ggshield from GitGuardian that can already integrate into GitHub Actions?

[exactlyallan]

@aserGarcia Thanks for your interest - this is an old example use case that we use to showcase the larger Morpheus SDK. As such its not meant to be a product in itself. Feel free to experiment, but we may be pushing an updated example in the coming months as well.