-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update redaction configuration (#52)
Co-authored-by: postman-insights-builds[bot] <146154414+postman-insights-builds[bot]@users.noreply.github.com>
- Loading branch information
1 parent
80526a5
commit f2cc043
Showing
1 changed file
with
206 additions
and
156 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,158 +1,208 @@ | ||
| # Alphabetical list of sensitive keys | ||
| sensitive_keys: | ||
| - api_key | ||
| - api-key | ||
| - auth | ||
| - auth-key | ||
| - encryption_key | ||
| - postman_sid | ||
| - proxy-authorization | ||
| - set-cookie | ||
| - sso_jwt_key | ||
| - token | ||
| - x-access-token | ||
| - x-amz-security-token | ||
| - x-api-key | ||
| - x-auth-token | ||
| - x-csrf-token | ||
| - x-support-secret | ||
|
|
||
| - accessToken | ||
| - api-key | ||
| - api_key | ||
| - auth | ||
| - auth-key | ||
| - authKey | ||
| - clientSecret | ||
| - clientToken | ||
| - consumerSecret | ||
| - encryption_key | ||
| - password | ||
| - postman_sid | ||
| - proxy-authorization | ||
| - secretKey | ||
| - sessionToken | ||
| - set-cookie | ||
| - sso_jwt_key | ||
| - token | ||
| - tokenSecret | ||
| - x-access-token | ||
| - x-amz-security-token | ||
| - x-api-key | ||
| - x-auth-token | ||
| - x-csrf-token | ||
| - x-support-secret | ||
| sensitive_value_regexes: | ||
| - \bPMAK-[a-f0-9]{24}\b # Unit Test Regex | ||
| - (?i)https:\/\/creator\.zoho\.com\/api\/[A-Za-z0-9\/\-_\.]+\?authtoken=[A-Za-z0-9]+ | ||
| - \bt1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2}\b | ||
| - \b(live|test)_[a-f0-9]{35}\b | ||
| - (?i)https:\/\/[\w-]*\.?zoom\.us\/(j|my)\/[\d\w?=-]+\b | ||
| - \bb\.AAAAAQ[0-9a-zA-Z_-]{156}\b | ||
| - (?i)\beyJhbGciOi[a-z0-9_\-\.]{2,1000}\b | ||
| - \bpypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}\b | ||
| - \bFLWSECK_TEST[a-h0-9]{12}\b | ||
| - \bnpm_[a-zA-Z0-9]{36}\b | ||
| - \b[0-9]{15,25}-[a-zA-Z0-9]{20,40}\b | ||
| - \bSSWS [a-zA-Z0-9=_\-]{42}\b | ||
| - \bEZAK[a-zA-Z0-9]{54}\b | ||
| - \b(?:pat|sat)\.[a-zA-Z0-9]{22}\.[a-zA-Z0-9]{24}\.[a-zA-Z0-9]{20}\b | ||
| - \bico-[a-zA-Z0-9]{32}\b | ||
| - \bflb_live_[0-9a-zA-Z]{20}\b | ||
| - \b[0-9a-f]{32}-us[0-9]{1,2}\b | ||
| - \bdp\.audit\.[a-zA-Z0-9]{40,44}\b | ||
| - (?i)\bduffel_live_[a-zA-Z0-9_-]{43}\b | ||
| - \b(amqp|amqps):\/\/[\d\w\:?=-]+\b | ||
| - \b[A-Za-z0-9]{14}\.atlasv1\.[A-Za-z0-9]{67}\b | ||
| - (?i)\bsk-ant-api[0-9]{2}-[0-9a-z\-\_]{95}\b | ||
| - \bdp\.pt\.[a-zA-Z0-9]{40,44}\b | ||
| - \bAQVN[A-Za-z0-9_\-]{35,38}\b | ||
| - (?i)\bsk_live_[0-9a-z]{24}\b | ||
| - '[-]{5}BEGIN EC PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END EC PRIVATE KEY[-]{5}' | ||
| - \bhttps:\/\/[\w-]*\.?alchemyapi\.io\/v2\/[\d\w?=-]+\b | ||
| - \bNRBR-[a-fA-F0-9]{19}\b | ||
| - \b\d{15,16}(?:\||%)[0-9a-zA-Z_-]{27,40}\b | ||
| - \bpscale_tkn_[A-Za-z0-9_]{43}\b | ||
| - \btfp_[0-9A-Za-z-_]{59}\b | ||
| - \bhttps:\/\/discord\.com\/api\/webhooks\/([0-9]{18,20})\/([0-9a-zA-Z_-]+)\b | ||
| - (?i)\blin_api_[a-zA-Z0-9]{40}\b | ||
| - \bdp\.sa\.[a-zA-Z0-9]{40,44}\b | ||
| - \bdnkey-[a-zA-Z0-9=_\-]{26}-[a-zA-Z0-9=_\-]{52}\b | ||
| - \b(pk|dk)_(prod|test)_[a-zA-Z0-9]{28}\b | ||
| - \bglsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8}\b | ||
| - (?i)\bhttps:\/\/api\.hubapi\.com\/webhooks\/v1\/[a-zA-Z0-9]+\/ | ||
| - \bhttps://[a-f0-9]{8}:[a-f0-9]{8}@(?:gems\.contribsys\.com|enterprise\.contribsys\.com) | ||
| - Bearer xoxe.xox[bp]-\d-[a-zA-Z0-9]{163,166} | ||
| - \bPMAK-[a-f0-9]{24}-[a-f0-9]{34}\b | ||
| - \bSK[A-Fa-f0-9]{32}\b | ||
| - (?i)\bshpat_[a-fA-F0-9]{32}\b | ||
| - (?i)\bshppa_[a-fA-F0-9]{32}\b | ||
| - (?i)\bfigd_[0-9a-z_-]{40}\b | ||
| - \bp8e\-[a-zA-Z0-9\-]{32}\b | ||
| - Bearer xapp-\d-[A-Z0-9]+-\d+-[a-z0-9]+ | ||
| - (?i)[0-9]+-[0-9a-z_]{32}\.apps\.googleusercontent\.com | ||
| - (?i)https:\/\/(?:www.)?hooks\.zapier\.com\/hooks\/catch\/[a-z0-9]+\/[a-z0-9]+\/ | ||
| - \b(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}\b | ||
| - \brzp_live_[0-9a-zA-Z-_]+\b | ||
| - (?i)\bpk_[0-9a-z]{34}\b | ||
| - (?i)\bshippo_test_[a-fA-F0-9]{40}\b | ||
| - \b(pscale_pw_[a-zA-Z0-9=\-_\.]{32,64})\b | ||
| - \bAIza[0-9a-zA-Z-_]{35}\b | ||
| - '[-]{5}BEGIN OPENSSH PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END OPENSSH PRIVATE KEY[-]{5}' | ||
| - '[-]{5}BEGIN RSA PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END RSA PRIVATE KEY[-]{5}' | ||
| - (?i)\bduffel_test_[a-zA-Z0-9_-]{43}\b | ||
| - (?i)\br8_[0-9a-z-_]{37}\b | ||
| - (?i)\bhf_[0-9a-z]{34}\b | ||
| - \b[a-f0-9]{8}:[a-f0-9]{8}\b | ||
| - \bakaa[0-9a-z-]{15,1000}\b | ||
| - (?i)\bghr_[0-9a-zA-Z]{36}\b | ||
| - (?i)\bshippo_live_[a-fA-F0-9]{40}\b | ||
| - \bglptt-[0-9a-f]{40}\b | ||
| - \bdapi([a-hA-H0-9]{32})\b | ||
| - \bpscale_app_secret_[a-zA-Z0-9=\-_\.]{43}\b | ||
| - Bearer xox[os]-\d+-\d+-\d+-[a-fA-F\d]+ | ||
| - \bdt0c01\.[a-zA-Z0-9]{24}\.[a-zA-Z0-9]{64}\b | ||
| - \b(glc_[A-Za-z0-9+\/]{32,400}={0,2})\b | ||
| - (?i)\brubygems_[a-f0-9]{48}\b | ||
| - (?i)\bCCIPAT_[0-9a-z]{22}_[0-9a-z]{40}\b | ||
| - \bNRII-[a-zA-Z0-9-]{32}\b | ||
| - Bearer xoxb-[0-9]{10,13}\-[0-9]{10,13}[a-zA-Z0-9-]* | ||
| - (?i)\bghp_[A-Z0-9]{36}\b | ||
| - \bakab-[a-zA-Z0-9]{16}-[a-zA-Z0-9]{16}\b | ||
| - (?i)\bgh[us]_[0-9a-zA-Z]{36}\b | ||
| - \bGR1348941[0-9a-zA-Z\-\_]{20}\b | ||
| - \bdp\.ct\.[a-zA-Z0-9]{40,44}\b | ||
| - \bapi_org_[a-zA-Z]{34}\b | ||
| - \beyJrIjoi[A-Za-z0-9]{70,400}={0,2}\b | ||
| - \btk-us-[a-zA-Z0-9-_]{48}\b | ||
| - \bAGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}\b | ||
| - \bsu[a-zA-Z0-9]{12}\b | ||
| - (?i)\bBasic [A-Z0-9+/]{8,1000}[=]{0,2} | ||
| - '[-]{5}BEGIN DSA PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END DSA PRIVATE KEY[-]{5}' | ||
| - \bdG9rO[0-9a-zA-Z]{54}\= | ||
| - \bphc_[a-zA-Z0-9_]{43}\b | ||
| - \bBearer [A-Za-z0-9\-._~+/]{8,1000}[=]{0,2} | ||
| - (?i)\bNRAK-[0-9a-z-_]{27}\b | ||
| - (?i)\bgho_[0-9a-zA-Z]{36}\b | ||
| - (?i)\bpul-[a-fA-F0-9]{40}\b | ||
| - (?i)\bhttps:\/\/chat\.twilio\.com\/v2\/Services\/[a-zA-Z0-9]{32}\b | ||
| - \bpub-c-[0-9a-z]{8}-[0-9a-z]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}\b | ||
| - \baio\_[a-zA-Z0-9]{28}\b | ||
| - \b(live|test)_[a-f0-9]{35}\b | ||
| - \bpk\.[a-zA-Z0-9]{60,70}\.[a-zA-Z0-9]{22}\b | ||
| - '[-]{5}BEGIN PGP PRIVATE KEY BLOCK[-]{5}([\s\S]{128,}?)[-]{5}END PGP PRIVATE KEY BLOCK[-]{5}' | ||
| - \bsk_[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\b | ||
| - (?i)\bdo[por]_v1_[a-f0-9]{64}\b | ||
| - \bey[a-zA-Z0-9]{17,512}\.ey[a-zA-Z0-9/_-]{17,512}\.[a-zA-Z0-9/_-]{17,512}={0,2}\b | ||
| - \bLTAI[a-zA-Z0-9]{20}\b | ||
| - \brdme_[a-zA-Z0-9]{70}\b | ||
| - \bsecret_[0-9a-zA-Z-_]{43}\b | ||
| - (?i)\bpk_[0-9]{7,8}_[0-9a-z]{32}\b | ||
| - Bearer [0-9]{15,25}-[a-zA-Z0-9]{20,40} | ||
| - \bpnu_[a-zA-Z0-9]{36}\b | ||
| - \bsub-c-[0-9a-z]{8}-[a-z]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}\b | ||
| - \bfio-u-[a-zA-Z0-9\-_=]{64}\b | ||
| - (?i)\brk_live_[0-9a-z]{24}\b | ||
| - \bion_[a-zA-Z0-9]{42}\b | ||
| - \bkey[a-zA-Z0-9]{14}\b | ||
| - https:\/\/www\.google\.com\/calendar\/embed\?src=[A-Za-z0-9%\@&;=\-_\.\/]+ | ||
| - \bpdct\.1\.1\.[0-9A-Z]{16}\.[0-9a-z]{16}\.[0-9a-z]{40}\b | ||
| - \bYC[a-zA-Z0-9_\-]{38}\b | ||
| - \bBBFF-[0-9a-zA-Z]{30}\b | ||
| - (?i)\bpscale_tkn_[a-zA-Z0-9\-_\.]{43}\b | ||
| - \bEZTK[a-zA-Z0-9]{54}\b | ||
| - \bapify\_api\_[a-zA-Z-0-9]{36}\b | ||
| - \bEAACEdEose0cBA[0-9A-Za-z]{5,1000}\b | ||
| - \bPMAT-[0-9A-Z]{26}\b | ||
| - (?i)\bshpca_[a-fA-F0-9]{32}\b | ||
| - Bearer xoxb-[0-9]{8,14}\-[a-zA-Z0-9]{18,26} | ||
| - \bdp\.scim\.[a-zA-Z0-9]{40,44}\b | ||
| - \bsk\.[a-zA-Z-0-9\.]{80,240}\b | ||
| - \bpscale_oauth_[a-zA-Z0-9=\-_\.]{43}\b | ||
| - \bsk_test_[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\b | ||
| - (?i)\bKEY[0-9A-Z_-]{55}\b | ||
| - (?i)\bhttps:\/\/hooks\.slack\.com\/(services|workflows)\/[a-z0-9_+\/]{43,46}\b | ||
| - (?i)\bsbp_[a-f0-9]{40}\b | ||
| - (?i)\bsk-[0-9a-z]{20}T3BlbkFJ[0-9a-z]{20}\b | ||
| - \bgithub_pat_[0-9a-zA-Z_]{82}\b | ||
| - \bFLWSECK_TEST-[a-h0-9]{32}-X\b | ||
| - \bsl\.[a-zA-Z0-9\-=_]{135,}\b | ||
| - Bearer xoxe-\d-[a-zA-Z0-9]{146} | ||
| - (?i)\bglpat-[0-9a-zA-Z_\-]{20}\b | ||
| - \bhttps://[a-zA-Z0-9\-]{0,63}\.webhook\.office\.com/webhookb2/[a-z0-9-]{36}@[a-z0-9-]{36}/IncomingWebhook/[a-z0-9]{32}/[a-z0-9-]{36} | ||
| - \b\d{15,16}\|[0-9a-zA-Z\-_]{27}\b | ||
| - \bPMAK-[a-f0-9]{24}\b | ||
| - (?i)https:\/\/creator\.zoho\.com\/api\/[A-Za-z0-9\/\-_\.]+\?authtoken=[A-Za-z0-9]+ | ||
| - \bt1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2}\b | ||
| - \b(live|test)_[a-f0-9]{35}\b | ||
| - (?i)https:\/\/[\w-]*\.?zoom\.us\/(j|my)\/[\d\w?=-]+\b | ||
| - \bb\.AAAAAQ[0-9a-zA-Z_-]{156}\b | ||
| - (?i)\beyJhbGciOi[a-z0-9_\-\.]{2,1000}\b | ||
| - \bpypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}\b | ||
| - \bFLWSECK_TEST[a-h0-9]{12}\b | ||
| - \bnpm_[a-zA-Z0-9]{36}\b | ||
| - \b[0-9]{15,25}-[a-zA-Z0-9]{20,40}\b | ||
| - \bSSWS [a-zA-Z0-9=_\-]{42}\b | ||
| - \bEZAK[a-zA-Z0-9]{54}\b | ||
| - \b(?:pat|sat)\.[a-zA-Z0-9]{22}\.[a-zA-Z0-9]{24}\.[a-zA-Z0-9]{20}\b | ||
| - \bico-[a-zA-Z0-9]{32}\b | ||
| - \bflb_live_[0-9a-zA-Z]{20}\b | ||
| - \b[0-9a-f]{32}-us[0-9]{1,2}\b | ||
| - \bdp\.audit\.[a-zA-Z0-9]{40,44}\b | ||
| - (?i)\bduffel_live_[a-zA-Z0-9_-]{43}\b | ||
| - \b(amqp|amqps):\/\/[\d\w\:?=-]+\b | ||
| - \b[A-Za-z0-9]{14}\.atlasv1\.[A-Za-z0-9]{67}\b | ||
| - (?i)\bsk-ant-api[0-9]{2}-[0-9a-z\-\_]{95}\b | ||
| - \bdp\.pt\.[a-zA-Z0-9]{40,44}\b | ||
| - \bAQVN[A-Za-z0-9_\-]{35,38}\b | ||
| - (?i)\bsk_live_[0-9a-z]{24}\b | ||
| - '[-]{5}BEGIN EC PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END EC PRIVATE KEY[-]{5}' | ||
| - \bhttps:\/\/[\w-]*\.?alchemyapi\.io\/v2\/[\d\w?=-]+\b | ||
| - \bNRBR-[a-fA-F0-9]{19}\b | ||
| - \b\d{15,16}(?:\||%)[0-9a-zA-Z_-]{27,40}\b | ||
| - \bpscale_tkn_[A-Za-z0-9_]{43}\b | ||
| - \btfp_[0-9A-Za-z-_]{59}\b | ||
| - \bhttps:\/\/discord\.com\/api\/webhooks\/([0-9]{18,20})\/([0-9a-zA-Z_-]+)\b | ||
| - (?i)\blin_api_[a-zA-Z0-9]{40}\b | ||
| - \bdp\.sa\.[a-zA-Z0-9]{40,44}\b | ||
| - \bdnkey-[a-zA-Z0-9=_\-]{26}-[a-zA-Z0-9=_\-]{52}\b | ||
| - \b(pk|dk)_(prod|test)_[a-zA-Z0-9]{28}\b | ||
| - \bglsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8}\b | ||
| - (?i)\bhttps:\/\/api\.hubapi\.com\/webhooks\/v1\/[a-zA-Z0-9]+\/ | ||
| - \bhttps://[a-f0-9]{8}:[a-f0-9]{8}@(?:gems\.contribsys\.com|enterprise\.contribsys\.com) | ||
| - Bearer xoxe.xox[bp]-\d-[a-zA-Z0-9]{163,166} | ||
| - \bPMAK-[a-f0-9]{24}-[a-f0-9]{34}\b | ||
| - \bSK[A-Fa-f0-9]{32}\b | ||
| - (?i)\bshpat_[a-fA-F0-9]{32}\b | ||
| - (?i)\bshppa_[a-fA-F0-9]{32}\b | ||
| - (?i)\bfigd_[0-9a-z_-]{40}\b | ||
| - \bp8e\-[a-zA-Z0-9\-]{32}\b | ||
| - Bearer xapp-\d-[A-Z0-9]+-\d+-[a-z0-9]+ | ||
| - (?i)[0-9]+-[0-9a-z_]{32}\.apps\.googleusercontent\.com | ||
| - (?i)https:\/\/(?:www.)?hooks\.zapier\.com\/hooks\/catch\/[a-z0-9]+\/[a-z0-9]+\/ | ||
| - \b(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}\b | ||
| - \brzp_live_[0-9a-zA-Z-_]+\b | ||
| - (?i)\bpk_[0-9a-z]{34}\b | ||
| - (?i)\bshippo_test_[a-fA-F0-9]{40}\b | ||
| - \b(pscale_pw_[a-zA-Z0-9=\-_\.]{32,64})\b | ||
| - \bAIza[0-9a-zA-Z-_]{35}\b | ||
| - '[-]{5}BEGIN OPENSSH PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END OPENSSH PRIVATE KEY[-]{5}' | ||
| - '[-]{5}BEGIN RSA PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END RSA PRIVATE KEY[-]{5}' | ||
| - (?i)\bduffel_test_[a-zA-Z0-9_-]{43}\b | ||
| - (?i)\br8_[0-9a-z-_]{37}\b | ||
| - (?i)\bhf_[0-9a-z]{34}\b | ||
| - \b[a-f0-9]{8}:[a-f0-9]{8}\b | ||
| - \bakaa[0-9a-z-]{15,1000}\b | ||
| - (?i)\bghr_[0-9a-zA-Z]{36}\b | ||
| - (?i)\bshippo_live_[a-fA-F0-9]{40}\b | ||
| - \bglptt-[0-9a-f]{40}\b | ||
| - \bdapi([a-hA-H0-9]{32})\b | ||
| - \bpscale_app_secret_[a-zA-Z0-9=\-_\.]{43}\b | ||
| - Bearer xox[os]-\d+-\d+-\d+-[a-fA-F\d]+ | ||
| - \bdt0c01\.[a-zA-Z0-9]{24}\.[a-zA-Z0-9]{64}\b | ||
| - \b(glc_[A-Za-z0-9+\/]{32,400}={0,2})\b | ||
| - (?i)\brubygems_[a-f0-9]{48}\b | ||
| - (?i)\bCCIPAT_[0-9a-z]{22}_[0-9a-z]{40}\b | ||
| - \bNRII-[a-zA-Z0-9-]{32}\b | ||
| - Bearer xoxb-[0-9]{10,13}\-[0-9]{10,13}[a-zA-Z0-9-]* | ||
| - (?i)\bghp_[A-Z0-9]{36}\b | ||
| - \bakab-[a-zA-Z0-9]{16}-[a-zA-Z0-9]{16}\b | ||
| - (?i)\bgh[us]_[0-9a-zA-Z]{36}\b | ||
| - \bGR1348941[0-9a-zA-Z\-\_]{20}\b | ||
| - \bdp\.ct\.[a-zA-Z0-9]{40,44}\b | ||
| - \bapi_org_[a-zA-Z]{34}\b | ||
| - \beyJrIjoi[A-Za-z0-9]{70,400}={0,2}\b | ||
| - \btk-us-[a-zA-Z0-9-_]{48}\b | ||
| - \bAGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]{58}\b | ||
| - \bsu[a-zA-Z0-9]{12}\b | ||
| - (?i)\bBasic [A-Z0-9+/]{8,1000}[=]{0,2} | ||
| - '[-]{5}BEGIN DSA PRIVATE KEY[-]{5}([\s\S]{128,}?)[-]{5}END DSA PRIVATE KEY[-]{5}' | ||
| - \bdG9rO[0-9a-zA-Z]{54}\= | ||
| - \bphc_[a-zA-Z0-9_]{43}\b | ||
| - \bBearer [A-Za-z0-9\-._~+/]{8,1000}[=]{0,2} | ||
| - (?i)\bNRAK-[0-9a-z-_]{27}\b | ||
| - (?i)\bgho_[0-9a-zA-Z]{36}\b | ||
| - (?i)\bpul-[a-fA-F0-9]{40}\b | ||
| - (?i)\bhttps:\/\/chat\.twilio\.com\/v2\/Services\/[a-zA-Z0-9]{32}\b | ||
| - \bpub-c-[0-9a-z]{8}-[0-9a-z]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}\b | ||
| - \baio\_[a-zA-Z0-9]{28}\b | ||
| - \b(live|test)_[a-f0-9]{35}\b | ||
| - \bpk\.[a-zA-Z0-9]{60,70}\.[a-zA-Z0-9]{22}\b | ||
| - '[-]{5}BEGIN PGP PRIVATE KEY BLOCK[-]{5}([\s\S]{128,}?)[-]{5}END PGP PRIVATE KEY | ||
| BLOCK[-]{5}' | ||
| - \bsk_[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\b | ||
| - (?i)\bdo[por]_v1_[a-f0-9]{64}\b | ||
| - \bey[a-zA-Z0-9]{17,512}\.ey[a-zA-Z0-9/_-]{17,512}\.[a-zA-Z0-9/_-]{17,512}={0,2}\b | ||
| - \bLTAI[a-zA-Z0-9]{20}\b | ||
| - \brdme_[a-zA-Z0-9]{70}\b | ||
| - \bsecret_[0-9a-zA-Z-_]{43}\b | ||
| - (?i)\bpk_[0-9]{7,8}_[0-9a-z]{32}\b | ||
| - Bearer [0-9]{15,25}-[a-zA-Z0-9]{20,40} | ||
| - \bpnu_[a-zA-Z0-9]{36}\b | ||
| - \bsub-c-[0-9a-z]{8}-[a-z]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}\b | ||
| - \bfio-u-[a-zA-Z0-9\-_=]{64}\b | ||
| - (?i)\brk_live_[0-9a-z]{24}\b | ||
| - \bion_[a-zA-Z0-9]{42}\b | ||
| - \bkey[a-zA-Z0-9]{14}\b | ||
| - https:\/\/www\.google\.com\/calendar\/embed\?src=[A-Za-z0-9%\@&;=\-_\.\/]+ | ||
| - \bpdct\.1\.1\.[0-9A-Z]{16}\.[0-9a-z]{16}\.[0-9a-z]{40}\b | ||
| - \bYC[a-zA-Z0-9_\-]{38}\b | ||
| - \bBBFF-[0-9a-zA-Z]{30}\b | ||
| - (?i)\bpscale_tkn_[a-zA-Z0-9\-_\.]{43}\b | ||
| - \bEZTK[a-zA-Z0-9]{54}\b | ||
| - \bapify\_api\_[a-zA-Z-0-9]{36}\b | ||
| - \bEAACEdEose0cBA[0-9A-Za-z]{5,1000}\b | ||
| - \bPMAT-[0-9A-Z]{26}\b | ||
| - (?i)\bshpca_[a-fA-F0-9]{32}\b | ||
| - Bearer xoxb-[0-9]{8,14}\-[a-zA-Z0-9]{18,26} | ||
| - \bdp\.scim\.[a-zA-Z0-9]{40,44}\b | ||
| - \bsk\.[a-zA-Z-0-9\.]{80,240}\b | ||
| - \bpscale_oauth_[a-zA-Z0-9=\-_\.]{43}\b | ||
| - \bsk_test_[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\b | ||
| - (?i)\bKEY[0-9A-Z_-]{55}\b | ||
| - (?i)\bhttps:\/\/hooks\.slack\.com\/(services|workflows)\/[a-z0-9_+\/]{43,46}\b | ||
| - (?i)\bsbp_[a-f0-9]{40}\b | ||
| - (?i)\bsk-[0-9a-z]{20}T3BlbkFJ[0-9a-z]{20}\b | ||
| - \bgithub_pat_[0-9a-zA-Z_]{82}\b | ||
| - \bFLWSECK_TEST-[a-h0-9]{32}-X\b | ||
| - \bsl\.[a-zA-Z0-9\-=_]{135,}\b | ||
| - Bearer xoxe-\d-[a-zA-Z0-9]{146} | ||
| - (?i)\bglpat-[0-9a-zA-Z_\-]{20}\b | ||
| - \bhttps://[a-zA-Z0-9\-]{0,63}\.webhook\.office\.com/webhookb2/[a-z0-9-]{36}@[a-z0-9-]{36}/IncomingWebhook/[a-z0-9]{32}/[a-z0-9-]{36} | ||
| - \b\d{15,16}\|[0-9a-zA-Z\-_]{27}\b | ||
| - sb_secret_[-_a-zA-Z0-9]{27} | ||
| - \bLTAI[a-zA-Z0-9]{17,21}\b | ||
| - (?i)\beyJhbGciOi[a-z0-9_\-\.]{2,1000}\b | ||
| ignored_keys: | ||
| - clientId | ||
| - value | ||
| ignored_regexes: | ||
| - (?i)[0-9a-z+\/]{15,1000} | ||
| - amzn\.mws\.([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12})(?![a-z0-9-]) | ||
| - (?i)key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(Bearer [a-z/:0-9]{51})\b | ||
| - (?i)https:\/\/outlook\.office\.com\/webhook\/([a-f0-9]{8})-([a-f0-9]{4})-([a-f0-9]{4})-([a-f0-9]{4})-([a-f0-9]{12})@([a-f0-9]{8})-([a-f0-9]{4})-([a-f0-9]{4})-([a-f0-9]{4})-([a-f0-9]{12})(?![a-z0-9-_]) | ||
| - key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(Bearer [a-z0-9]{32}) | ||
| - key"\s*:\s*"username"\s*,\s*"value"\s*:\s*"(su[a-zA-Z0-9]{12}) | ||
| - key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(Bearer [a-zA-Z0-9]{11}(AAAAAAAAAA)[a-zA-Z0-9\-_=]{43}) | ||
| - \bAAAA[A-Za-z0-9_-]{7}:[A-Za-z0-9_-]{140}(?![A-Za-z0-9\/+=]) | ||
| - \b[a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8}(?![-\w])\b | ||
| - key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(Bearer [a-zA-Z0-9_~.]{3}\dQ~[a-zA-Z0-9_~.-]{31,34})\b | ||
| - key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(aivenv1 [a-zA-Z0-9/+=]{372}) | ||
| - key"\s*:\s*"x-algolia-api-key"\s*,\s*"value"\s*:\s*"([a-zA-Z0-9]{32}\b) | ||
| - key"\s*:\s*"password"\s*,\s*"value"\s*:\s*"([a-zA-Z0-9]{64})\b | ||
| - key"\s*:\s*"X-Auth-Key"\s*,\s*"value"\s*:\s*"([a-f0-9]{37}) | ||
| - key"\s*:\s*"X-Auth-User-Service-Key"\s*,\s*"value"\s*:\s*"(v1\.0-[a-f0-9]{64}-[a-f0-9]{128}-[a-f0-9]{64}) | ||
| - key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(SSWS [a-zA-Z0-9=_\-]{42}) | ||
| - (?i)key"\s*:\s*"X-RapidAPI-Key"\s*,\s*"value"\s*:\s*"([0-9a-z]{10}msh[0-9a-z]{37}) | ||
| - (?i)\bsq0idp-[a-z0-9-_]{22}(?![a-z0-9-_])\b | ||
| - (?i)(?<![0-9])[0-9]{10}:[A]{2}[A-Z-_0-9]{33}(?![A-Z]) | ||
| - \b(?<!Bearer\s)[A]{21}[0-9A-Za-z-_%?]{80,110}(?![A-Za-z0-9\/+=])\b | ||
| - key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(Bearer glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8}) | ||
| - \b(?<!\w-)(key-[0-9a-zA-Z]{32})(?![-+])\b | ||
| - (?i)\bshpss_[a-f0-9]{32}(?![a-z0-9-_])\b | ||
| - (?i)CLOJARS_[a-f0-9]{60}(?![a-z0-9_]) | ||
| - key"\s*:\s*"username"\s*,\s*"value"\s*:\s*"((live|test)_[a-f0-9]{35}) | ||
| - (?i)\bsq0atp-[a-z0-9-_\\]{22}(?![a-z0-9-_\\])\b | ||
| - key"\s*:\s*"Beamer-Api-Key"\s*,\s*"value"\s*:\s*"(b_[a-zA-Z0-9+/]{43}=) | ||
| - \bSG\.[a-zA-Z0-9_-]{16,32}\.[a-zA-Z0-9-_]{16,64}(?![a-zA-Z0-9-_])\b | ||
| - key"\s*:\s*"Authorization"\s*,\s*"value"\s*:\s*"(Bearer [0-9]{15,25}-[a-zA-Z0-9]{20,40}) | ||
| - (?i)\bxkeysib-([a-z0-9]{64})-([a-z0-9]{16})(?![a-z0-9-])\b | ||
| - (?i)\bsq0csp-[a-z0-9-_\\]{43}(?![a-z0-9-_\\])\b | ||
| - ^.{15,1000}$ | ||
| - (?i)^.{8,1000}$ | ||
| rewritten_regexes: | ||
| - (?i)\beyJhbGciOi[a-z0-9_\-\.]{2,1001}\b |