TOC & Recently Viewed

Recently Viewed Topics

Search Files for Properly Formatted VISA Credit Card Numbers

Following is a simple .audit file that looks for a list of file types that contain a properly formatted VISA credit card number. This audit does not use the Luhn algorithm to verify they are valid.



description: "Determine if a file contains a properly formatted VISA credit card number."

file_extension: "pdf" | "doc" | "xls" | "xlsx" | "xlsm" | "xlsb" | "xml" | "xltx" | "xltm" | "docx" | "docm" | "dotx" | "dot" | "txt"

regex: "([^0-9-]|^)(4[0-9]{3}( |-|)([0-9]{4})( |-|)([0-9]{4})( |-|)([0-9]{4}))([^0-9-]|$)"

regex_replace: "\3"

expect: "VISA" | "credit" | "Visa" | "CCN"

#luhn: YES

include_paths : "/home/mehul/foo"

max_size : "50K"

only_show : "4"


When running this command, the following output is expected:

Path: /home/brave/cc.txt ('XXXXXXXXXXXX1111', 'XXXXXXXXXXXX1881')

Path: /home/snout/foo/email.txt ('XXXXXXXXXXXX4931', 'XXXXXXXXXXXX4932', 'XXXXXXXXXXXX4934', 'XXXXXXXXXXXX4935', 'XXXXXXXXXXXX4936')

Path: /home/twins/mylist.txt ('XXXXXXXXXXXX4931', 'XXXXXXXXXXXX4932', 'XXXXXXXXXXXX4934', 'XXXXXXXXXXXX4935', 'XXXXXXXXXXXX4936')

Path: /root/cc.txt ('XXXXXXXXXXXX1270', 'XXXXXXXXXXXX4023', 'XXXXXXXXXXXX5925', 'XXXXXXXXXXXX4932')

Path: /root/cc1.txt ('XXXXXXXXXXXX5925')

These results show that we found a match. The report says we “failed” because we found data we consider an issue. For example, if you are doing an audit for a credit card number and had a positive match of the credit card number on the public computer, although the match is positive, it is logged as a failure for compliance reasons.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.