From 4ad4e717a40aa11cdb8f76e2274eed93c06d821c Mon Sep 17 00:00:00 2001
From: blupants <blupants.robot@gmail.com>
Date: Sun, 14 Jul 2024 17:20:28 -0500
Subject: [PATCH] Added support to Slack secret scanning.

---
 src/n0s1/controllers/slack_controller.py | 7 +++++--
 src/n0s1/n0s1.py                         | 4 ++--
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/n0s1/controllers/slack_controller.py b/src/n0s1/controllers/slack_controller.py
index cada78b..44e7c91 100644
--- a/src/n0s1/controllers/slack_controller.py
+++ b/src/n0s1/controllers/slack_controller.py
@@ -37,8 +37,11 @@ def get_data(self, include_coments=False, limit=None):
         range_days = 1
         now = datetime.datetime.now()
 
-        start_day = now - datetime.timedelta(days=range_days)
+        # Slack query by timestamp works like "greater than >" and "less than <" operators as opposed to ">=" and "<=".
+        # If you want to pull messages from 2024-07-14 you have to provide the following query: after:2024-07-13 before:2024-07-15
+        # Notice that the messages from the starting date (after:2024-07-13) and the end date (before:2024-07-15) are not included to the query results
         end_day = now + datetime.timedelta(days=1)
+        start_day = now - datetime.timedelta(days=range_days)
 
         start_day_str = start_day.strftime("%Y-%m-%d")
         end_day_str = end_day.strftime("%Y-%m-%d")
@@ -60,7 +63,7 @@ def get_data(self, include_coments=False, limit=None):
                         ticket = self.pack_data(message, item, url, iid)
                         yield ticket
 
-            end_day = start_day
+            end_day = start_day + datetime.timedelta(days=1)
             start_day = start_day - datetime.timedelta(days=range_days)
             start_day_str = start_day.strftime("%Y-%m-%d")
             end_day_str = end_day.strftime("%Y-%m-%d")
diff --git a/src/n0s1/n0s1.py b/src/n0s1/n0s1.py
index e784e16..46fb3c8 100755
--- a/src/n0s1/n0s1.py
+++ b/src/n0s1/n0s1.py
@@ -447,11 +447,11 @@ def scan(regex_config, controller, scan_arguments):
             data = item.get("data", None)
             data_type = item.get("data_type", None)
             if data_type and data_type.lower() == "str".lower():
-                if data and data.find(label) == -1:
+                if data and data.lower().find(label.lower()) == -1:
                     scan_text_and_report_leaks(controller, data, name, regex_config, scan_arguments, ticket)
             elif data_type:
                 for item_data in data:
-                    if item_data and item_data.find(label) == -1:
+                    if item_data and item_data.lower().find(label.lower()) == -1:
                         scan_text_and_report_leaks(controller, item_data, name, regex_config, scan_arguments, ticket)