test: Add secret detection benchmark dataset and ground truth

Add comprehensive benchmark dataset with 32 documented secrets for testing
secret detection workflows (gitleaks, trufflehog, llm_secret_detection).

- Add test_projects/secret_detection_benchmark/ with 19 test files
- Add ground truth JSON with precise line-by-line secret mappings
- Update .gitignore with exceptions for benchmark files (not real secrets)

Dataset breakdown:
- 12 Easy secrets (standard patterns)
- 10 Medium secrets (obfuscated)
- 10 Hard secrets (well hidden)
This commit is contained in:
tduhamel42
2025-10-16 11:46:28 +02:00
parent 87e3262832
commit 3be4d34531
22 changed files with 773 additions and 0 deletions
@@ -0,0 +1,9 @@
# Application properties file
app.name=SecretDetectionBenchmark
app.version=1.0.0
# EASY SECRET #8: API Key
api.key=sk_test_4eC39HqLyjWDarjtT1zdp7dc
api.endpoint=https://api.example.com
logging.level=INFO
@@ -0,0 +1,10 @@
# Database configuration
databases:
production:
host: prod-db.example.com
port: 5432
# EASY SECRET #6: Azure connection string
connection_string: "DefaultEndpointsProtocol=https;AccountName=prodstore;AccountKey=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==;EndpointSuffix=core.windows.net"
staging:
host: staging-db.example.com
port: 5432
@@ -0,0 +1,12 @@
# Keys configuration
api_keys:
production:
# MEDIUM SECRET #16: Multi-line private key in YAML literal block
private_key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAyLqJZvd5CZxJhLZYLFCqLV9G5k8dFz1LoNwPPfK3qE1k8H4y
FQwNyX3WJZNmKJLOPQMfHZQxGhHJPwZYjKQPYHJ1234567890abcdefghijklmno
-----END RSA PRIVATE KEY-----
# MEDIUM SECRET #17: Secret with Unicode characters
api_token_intl: "tøkęn_śęçrėt_ẃïth_ŭñïçődė_123456"
@@ -0,0 +1,8 @@
[database]
; MEDIUM SECRET #19: Secret in deprecated INI format
password = L3g@cy_DB_P@ssw0rd_2023
[api]
; MEDIUM SECRET #20: Commented backup API key
; old_api_key = backup_key_xyz789abc123def456ghi
endpoint = https://api.legacy.example.com
@@ -0,0 +1,11 @@
{
"oauth_provider": "google",
"client_id": "123456789012-abcdefghijklmnopqrstuvwxyz123456.apps.googleusercontent.com",
"client_secret": "GOCSPX-Ab12Cd34Ef56Gh78Ij90Kl12",
"redirect_uri": "https://example.com/oauth/callback",
"scopes": [
"openid",
"email",
"profile"
]
}
@@ -0,0 +1,21 @@
"""
Application settings and configuration
"""
# EASY SECRET #2: GitHub Personal Access Token
GITHUB_TOKEN = "ghp_vR8jK2mN4pQ6tX9bC3wY7zA1eF5hI8kL"
# EASY SECRET #3: Stripe API key
STRIPE_SECRET_KEY = "sk_live_51MabcdefghijklmnopqrstuvwxyzABCDEF123456789"
# Application settings
DEBUG = False
LOG_LEVEL = "INFO"
# EASY SECRET #4: Database password
DATABASE_CONFIG = {
"host": "prod-db.example.com",
"port": 5432,
"username": "admin",
"password": "ProdDB_P@ssw0rd_2024_Secure!"
}