nuclei-templates/tokens/credentials-disclosure.yaml

id: credentials-disclosure

# Extract secrets regex like api keys, password, token, etc ... for different services
# Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue.
# Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
# Regex count:- 687

info:
  name: Credentials Disclosure Check
  author: Sy3Omda
  severity: medium
  description: Look for multiple keys/tokens/passwords in the page response.

requests:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - "zopim([_-]|)account([_-]|)key(=| =|:| :)"
          - "zhuliang([_-]|)gh([_-]|)token(=| =|:| :)"
          - "zensonatypepassword(=| =|:| :)"
          - "zendesk([_-]|)travis([_-]|)github(=| =|:| :)"
          - "yt([_-]|)server([_-]|)api([_-]|)key(=| =|:| :)"
          - "yt([_-]|)partner([_-]|)refresh([_-]|)token(=| =|:| :)"
          - "yt([_-]|)partner([_-]|)client([_-]|)secret(=| =|:| :)"
          - "yt([_-]|)client([_-]|)secret(=| =|:| :)"
          - "yt([_-]|)api([_-]|)key(=| =|:| :)"
          - "yt([_-]|)account([_-]|)refresh([_-]|)token(=| =|:| :)"
          - "yt([_-]|)account([_-]|)client([_-]|)secret(=| =|:| :)"
          - "yangshun([_-]|)gh([_-]|)token(=| =|:| :)"
          - "yangshun([_-]|)gh([_-]|)password(=| =|:| :)"
          - "www([_-]|)googleapis([_-]|)com(=| =|:| :)"
          - "wpt([_-]|)ssh([_-]|)private([_-]|)key([_-]|)base64(=| =|:| :)"
          - "wpt([_-]|)ssh([_-]|)connect(=| =|:| :)"
          - "wpt([_-]|)report([_-]|)api([_-]|)key(=| =|:| :)"
          - "wpt([_-]|)prepare([_-]|)dir(=| =|:| :)"
          - "wpt([_-]|)db([_-]|)user(=| =|:| :)"
          - "wpt([_-]|)db([_-]|)password(=| =|:| :)"
          - "wporg([_-]|)password(=| =|:| :)"
          - "wpjm([_-]|)phpunit([_-]|)google([_-]|)geocode([_-]|)api([_-]|)key(=| =|:| :)"
          - "wordpress([_-]|)db([_-]|)user(=| =|:| :)"
          - "wordpress([_-]|)db([_-]|)password(=| =|:| :)"
          - "wincert([_-]|)password(=| =|:| :)"
          - "widget([_-]|)test([_-]|)server(=| =|:| :)"
          - "widget([_-]|)fb([_-]|)password([_-]|)3(=| =|:| :)"
          - "widget([_-]|)fb([_-]|)password([_-]|)2(=| =|:| :)"
          - "widget([_-]|)fb([_-]|)password(=| =|:| :)"
          - "widget([_-]|)basic([_-]|)password([_-]|)5(=| =|:| :)"
          - "widget([_-]|)basic([_-]|)password([_-]|)4(=| =|:| :)"
          - "widget([_-]|)basic([_-]|)password([_-]|)3(=| =|:| :)"
          - "widget([_-]|)basic([_-]|)password([_-]|)2(=| =|:| :)"
          - "widget([_-]|)basic([_-]|)password(=| =|:| :)"
          - "watson([_-]|)password(=| =|:| :)"
          - "watson([_-]|)device([_-]|)password(=| =|:| :)"
          - "watson([_-]|)conversation([_-]|)password(=| =|:| :)"
          - "wakatime([_-]|)api([_-]|)key(=| =|:| :)"
          - "vscetoken(=| =|:| :)"
          - "visual([_-]|)recognition([_-]|)api([_-]|)key(=| =|:| :)"
          - "virustotal([_-]|)apikey(=| =|:| :)"
          - "vip([_-]|)github([_-]|)deploy([_-]|)key([_-]|)pass(=| =|:| :)"
          - "vip([_-]|)github([_-]|)deploy([_-]|)key(=| =|:| :)"
          - "vip([_-]|)github([_-]|)build([_-]|)repo([_-]|)deploy([_-]|)key(=| =|:| :)"
          - "v([_-]|)sfdc([_-]|)password(=| =|:| :)"
          - "v([_-]|)sfdc([_-]|)client([_-]|)secret(=| =|:| :)"
          - "usertravis(=| =|:| :)"
          - "user([_-]|)assets([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "user([_-]|)assets([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "use([_-]|)ssh(=| =|:| :)"
          - "us([_-]|)east([_-]|)1([_-]|)elb([_-]|)amazonaws([_-]|)com(=| =|:| :)"
          - "urban([_-]|)secret(=| =|:| :)"
          - "urban([_-]|)master([_-]|)secret(=| =|:| :)"
          - "urban([_-]|)key(=| =|:| :)"
          - "unity([_-]|)serial(=| =|:| :)"
          - "unity([_-]|)password(=| =|:| :)"
          - "twitteroauthaccesstoken(=| =|:| :)"
          - "twitteroauthaccesssecret(=| =|:| :)"
          - "twitter([_-]|)consumer([_-]|)secret(=| =|:| :)"
          - "twitter([_-]|)consumer([_-]|)key(=| =|:| :)"
          - "twine([_-]|)password(=| =|:| :)"
          - "twilio([_-]|)token(=| =|:| :)"
          - "twilio([_-]|)sid(=| =|:| :)"
          - "twilio([_-]|)configuration([_-]|)sid(=| =|:| :)"
          - "twilio([_-]|)chat([_-]|)account([_-]|)api([_-]|)service(=| =|:| :)"
          - "twilio([_-]|)api([_-]|)secret(=| =|:| :)"
          - "twilio([_-]|)api([_-]|)key(=| =|:| :)"
          - "trex([_-]|)okta([_-]|)client([_-]|)token(=| =|:| :)"
          - "trex([_-]|)client([_-]|)token(=| =|:| :)"
          - "travis([_-]|)token(=| =|:| :)"
          - "travis([_-]|)secure([_-]|)env([_-]|)vars(=| =|:| :)"
          - "travis([_-]|)pull([_-]|)request(=| =|:| :)"
          - "travis([_-]|)gh([_-]|)token(=| =|:| :)"
          - "travis([_-]|)e2e([_-]|)token(=| =|:| :)"
          - "travis([_-]|)com([_-]|)token(=| =|:| :)"
          - "travis([_-]|)branch(=| =|:| :)"
          - "travis([_-]|)api([_-]|)token(=| =|:| :)"
          - "travis([_-]|)access([_-]|)token(=| =|:| :)"
          - "token([_-]|)core([_-]|)java(=| =|:| :)"
          - "thera([_-]|)oss([_-]|)access([_-]|)key(=| =|:| :)"
          - "tester([_-]|)keys([_-]|)password(=| =|:| :)"
          - "test([_-]|)test(=| =|:| :)"
          - "test([_-]|)github([_-]|)token(=| =|:| :)"
          - "tesco([_-]|)api([_-]|)key(=| =|:| :)"
          - "svn([_-]|)pass(=| =|:| :)"
          - "surge([_-]|)token(=| =|:| :)"
          - "surge([_-]|)login(=| =|:| :)"
          - "stripe([_-]|)public(=| =|:| :)"
          - "stripe([_-]|)private(=| =|:| :)"
          - "strip([_-]|)secret([_-]|)key(=| =|:| :)"
          - "strip([_-]|)publishable([_-]|)key(=| =|:| :)"
          - "stormpath([_-]|)api([_-]|)key([_-]|)secret(=| =|:| :)"
          - "stormpath([_-]|)api([_-]|)key([_-]|)id(=| =|:| :)"
          - "starship([_-]|)auth([_-]|)token(=| =|:| :)"
          - "starship([_-]|)account([_-]|)sid(=| =|:| :)"
          - "star([_-]|)test([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "star([_-]|)test([_-]|)location(=| =|:| :)"
          - "star([_-]|)test([_-]|)bucket(=| =|:| :)"
          - "star([_-]|)test([_-]|)aws([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "staging([_-]|)base([_-]|)url([_-]|)runscope(=| =|:| :)"
          - "ssmtp([_-]|)config(=| =|:| :)"
          - "sshpass(=| =|:| :)"
          - "srcclr([_-]|)api([_-]|)token(=| =|:| :)"
          - "square([_-]|)reader([_-]|)sdk([_-]|)repository([_-]|)password(=| =|:| :)"
          - "sqssecretkey(=| =|:| :)"
          - "sqsaccesskey(=| =|:| :)"
          - "spring([_-]|)mail([_-]|)password(=| =|:| :)"
          - "spotify([_-]|)api([_-]|)client([_-]|)secret(=| =|:| :)"
          - "spotify([_-]|)api([_-]|)access([_-]|)token(=| =|:| :)"
          - "spaces([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "spaces([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "soundcloud([_-]|)password(=| =|:| :)"
          - "soundcloud([_-]|)client([_-]|)secret(=| =|:| :)"
          - "sonatypepassword(=| =|:| :)"
          - "sonatype([_-]|)token([_-]|)user(=| =|:| :)"
          - "sonatype([_-]|)token([_-]|)password(=| =|:| :)"
          - "sonatype([_-]|)password(=| =|:| :)"
          - "sonatype([_-]|)pass(=| =|:| :)"
          - "sonatype([_-]|)nexus([_-]|)password(=| =|:| :)"
          - "sonatype([_-]|)gpg([_-]|)passphrase(=| =|:| :)"
          - "sonatype([_-]|)gpg([_-]|)key([_-]|)name(=| =|:| :)"
          - "sonar([_-]|)token(=| =|:| :)"
          - "sonar([_-]|)project([_-]|)key(=| =|:| :)"
          - "sonar([_-]|)organization([_-]|)key(=| =|:| :)"
          - "socrata([_-]|)password(=| =|:| :)"
          - "socrata([_-]|)app([_-]|)token(=| =|:| :)"
          - "snyk([_-]|)token(=| =|:| :)"
          - "snyk([_-]|)api([_-]|)token(=| =|:| :)"
          - "snoowrap([_-]|)refresh([_-]|)token(=| =|:| :)"
          - "snoowrap([_-]|)password(=| =|:| :)"
          - "snoowrap([_-]|)client([_-]|)secret(=| =|:| :)"
          - "slate([_-]|)user([_-]|)email(=| =|:| :)"
          - "slash([_-]|)developer([_-]|)space([_-]|)key(=| =|:| :)"
          - "slash([_-]|)developer([_-]|)space(=| =|:| :)"
          - "signing([_-]|)key([_-]|)sid(=| =|:| :)"
          - "signing([_-]|)key([_-]|)secret(=| =|:| :)"
          - "signing([_-]|)key([_-]|)password(=| =|:| :)"
          - "signing([_-]|)key(=| =|:| :)"
          - "setsecretkey(=| =|:| :)"
          - "setdstsecretkey(=| =|:| :)"
          - "setdstaccesskey(=| =|:| :)"
          - "ses([_-]|)secret([_-]|)key(=| =|:| :)"
          - "ses([_-]|)access([_-]|)key(=| =|:| :)"
          - "service([_-]|)account([_-]|)secret(=| =|:| :)"
          - "sentry([_-]|)key(=| =|:| :)"
          - "sentry([_-]|)endpoint(=| =|:| :)"
          - "sentry([_-]|)default([_-]|)org(=| =|:| :)"
          - "sentry([_-]|)auth([_-]|)token(=| =|:| :)"
          - "sendwithus([_-]|)key(=| =|:| :)"
          - "sendgrid([_-]|)username(=| =|:| :)"
          - "sendgrid([_-]|)user(=| =|:| :)"
          - "sendgrid([_-]|)password(=| =|:| :)"
          - "sendgrid([_-]|)key(=| =|:| :)"
          - "sendgrid([_-]|)api([_-]|)key(=| =|:| :)"
          - "sendgrid(=| =|:| :)"
          - "selion([_-]|)selenium([_-]|)host(=| =|:| :)"
          - "selion([_-]|)log([_-]|)level([_-]|)dev(=| =|:| :)"
          - "segment([_-]|)api([_-]|)key(=| =|:| :)"
          - "secretkey(=| =|:| :)"
          - "secretaccesskey(=| =|:| :)"
          - "secret([_-]|)key([_-]|)base(=| =|:| :)"
          - "secret([_-]|)9(=| =|:| :)"
          - "secret([_-]|)8(=| =|:| :)"
          - "secret([_-]|)7(=| =|:| :)"
          - "secret([_-]|)6(=| =|:| :)"
          - "secret([_-]|)5(=| =|:| :)"
          - "secret([_-]|)4(=| =|:| :)"
          - "secret([_-]|)3(=| =|:| :)"
          - "secret([_-]|)2(=| =|:| :)"
          - "secret([_-]|)11(=| =|:| :)"
          - "secret([_-]|)10(=| =|:| :)"
          - "secret([_-]|)1(=| =|:| :)"
          - "secret([_-]|)0(=| =|:| :)"
          - "sdr([_-]|)token(=| =|:| :)"
          - "scrutinizer([_-]|)token(=| =|:| :)"
          - "sauce([_-]|)access([_-]|)key(=| =|:| :)"
          - "sandbox([_-]|)aws([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "sandbox([_-]|)aws([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "sandbox([_-]|)access([_-]|)token(=| =|:| :)"
          - "salesforce([_-]|)bulk([_-]|)test([_-]|)security([_-]|)token(=| =|:| :)"
          - "salesforce([_-]|)bulk([_-]|)test([_-]|)password(=| =|:| :)"
          - "sacloud([_-]|)api(=| =|:| :)"
          - "sacloud([_-]|)access([_-]|)token([_-]|)secret(=| =|:| :)"
          - "sacloud([_-]|)access([_-]|)token(=| =|:| :)"
          - "s3([_-]|)user([_-]|)secret(=| =|:| :)"
          - "s3([_-]|)secret([_-]|)key(=| =|:| :)"
          - "s3([_-]|)secret([_-]|)assets(=| =|:| :)"
          - "s3([_-]|)secret([_-]|)app([_-]|)logs(=| =|:| :)"
          - "s3([_-]|)key([_-]|)assets(=| =|:| :)"
          - "s3([_-]|)key([_-]|)app([_-]|)logs(=| =|:| :)"
          - "s3([_-]|)key(=| =|:| :)"
          - "s3([_-]|)external([_-]|)3([_-]|)amazonaws([_-]|)com(=| =|:| :)"
          - "s3([_-]|)bucket([_-]|)name([_-]|)assets(=| =|:| :)"
          - "s3([_-]|)bucket([_-]|)name([_-]|)app([_-]|)logs(=| =|:| :)"
          - "s3([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "s3([_-]|)access([_-]|)key(=| =|:| :)"
          - "rubygems([_-]|)auth([_-]|)token(=| =|:| :)"
          - "rtd([_-]|)store([_-]|)pass(=| =|:| :)"
          - "rtd([_-]|)key([_-]|)pass(=| =|:| :)"
          - "route53([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "ropsten([_-]|)private([_-]|)key(=| =|:| :)"
          - "rinkeby([_-]|)private([_-]|)key(=| =|:| :)"
          - "rest([_-]|)api([_-]|)key(=| =|:| :)"
          - "repotoken(=| =|:| :)"
          - "reporting([_-]|)webdav([_-]|)url(=| =|:| :)"
          - "reporting([_-]|)webdav([_-]|)pwd(=| =|:| :)"
          - "release([_-]|)token(=| =|:| :)"
          - "release([_-]|)gh([_-]|)token(=| =|:| :)"
          - "registry([_-]|)secure(=| =|:| :)"
          - "registry([_-]|)pass(=| =|:| :)"
          - "refresh([_-]|)token(=| =|:| :)"
          - "rediscloud([_-]|)url(=| =|:| :)"
          - "redis([_-]|)stunnel([_-]|)urls(=| =|:| :)"
          - "randrmusicapiaccesstoken(=| =|:| :)"
          - "rabbitmq([_-]|)password(=| =|:| :)"
          - "quip([_-]|)token(=| =|:| :)"
          - "qiita([_-]|)token(=| =|:| :)"
          - "pypi([_-]|)passowrd(=| =|:| :)"
          - "pushover([_-]|)token(=| =|:| :)"
          - "publish([_-]|)secret(=| =|:| :)"
          - "publish([_-]|)key(=| =|:| :)"
          - "publish([_-]|)access(=| =|:| :)"
          - "project([_-]|)config(=| =|:| :)"
          - "prod([_-]|)secret([_-]|)key(=| =|:| :)"
          - "prod([_-]|)password(=| =|:| :)"
          - "prod([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "private([_-]|)signing([_-]|)password(=| =|:| :)"
          - "pring([_-]|)mail([_-]|)username(=| =|:| :)"
          - "preferred([_-]|)username(=| =|:| :)"
          - "prebuild([_-]|)auth(=| =|:| :)"
          - "postgresql([_-]|)pass(=| =|:| :)"
          - "postgresql([_-]|)db(=| =|:| :)"
          - "postgres([_-]|)env([_-]|)postgres([_-]|)password(=| =|:| :)"
          - "postgres([_-]|)env([_-]|)postgres([_-]|)db(=| =|:| :)"
          - "plugin([_-]|)password(=| =|:| :)"
          - "plotly([_-]|)apikey(=| =|:| :)"
          - "places([_-]|)apikey(=| =|:| :)"
          - "places([_-]|)api([_-]|)key(=| =|:| :)"
          - "pg([_-]|)host(=| =|:| :)"
          - "pg([_-]|)database(=| =|:| :)"
          - "personal([_-]|)secret(=| =|:| :)"
          - "personal([_-]|)key(=| =|:| :)"
          - "percy([_-]|)token(=| =|:| :)"
          - "percy([_-]|)project(=| =|:| :)"
          - "paypal([_-]|)client([_-]|)secret(=| =|:| :)"
          - "passwordtravis(=| =|:| :)"
          - "parse([_-]|)js([_-]|)key(=| =|:| :)"
          - "pagerduty([_-]|)apikey(=| =|:| :)"
          - "packagecloud([_-]|)token(=| =|:| :)"
          - "ossrh([_-]|)username(=| =|:| :)"
          - "ossrh([_-]|)secret(=| =|:| :)"
          - "ossrh([_-]|)password(=| =|:| :)"
          - "ossrh([_-]|)pass(=| =|:| :)"
          - "ossrh([_-]|)jira([_-]|)password(=| =|:| :)"
          - "os([_-]|)password(=| =|:| :)"
          - "os([_-]|)auth([_-]|)url(=| =|:| :)"
          - "org([_-]|)project([_-]|)gradle([_-]|)sonatype([_-]|)nexus([_-]|)password(=| =|:| :)"
          - "org([_-]|)gradle([_-]|)project([_-]|)sonatype([_-]|)nexus([_-]|)password(=| =|:| :)"
          - "openwhisk([_-]|)key(=| =|:| :)"
          - "open([_-]|)whisk([_-]|)key(=| =|:| :)"
          - "onesignal([_-]|)user([_-]|)auth([_-]|)key(=| =|:| :)"
          - "onesignal([_-]|)api([_-]|)key(=| =|:| :)"
          - "omise([_-]|)skey(=| =|:| :)"
          - "omise([_-]|)pubkey(=| =|:| :)"
          - "omise([_-]|)pkey(=| =|:| :)"
          - "omise([_-]|)key(=| =|:| :)"
          - "okta([_-]|)oauth2([_-]|)clientsecret(=| =|:| :)"
          - "okta([_-]|)oauth2([_-]|)client([_-]|)secret(=| =|:| :)"
          - "okta([_-]|)client([_-]|)token(=| =|:| :)"
          - "ofta([_-]|)secret(=| =|:| :)"
          - "ofta([_-]|)region(=| =|:| :)"
          - "ofta([_-]|)key(=| =|:| :)"
          - "octest([_-]|)password(=| =|:| :)"
          - "octest([_-]|)app([_-]|)username(=| =|:| :)"
          - "octest([_-]|)app([_-]|)password(=| =|:| :)"
          - "oc([_-]|)pass(=| =|:| :)"
          - "object([_-]|)store([_-]|)creds(=| =|:| :)"
          - "object([_-]|)store([_-]|)bucket(=| =|:| :)"
          - "object([_-]|)storage([_-]|)region([_-]|)name(=| =|:| :)"
          - "object([_-]|)storage([_-]|)password(=| =|:| :)"
          - "oauth([_-]|)token(=| =|:| :)"
          - "numbers([_-]|)service([_-]|)pass(=| =|:| :)"
          - "nuget([_-]|)key(=| =|:| :)"
          - "nuget([_-]|)apikey(=| =|:| :)"
          - "nuget([_-]|)api([_-]|)key(=| =|:| :)"
          - "npm([_-]|)token(=| =|:| :)"
          - "npm([_-]|)secret([_-]|)key(=| =|:| :)"
          - "npm([_-]|)password(=| =|:| :)"
          - "npm([_-]|)email(=| =|:| :)"
          - "npm([_-]|)auth([_-]|)token(=| =|:| :)"
          - "npm([_-]|)api([_-]|)token(=| =|:| :)"
          - "npm([_-]|)api([_-]|)key(=| =|:| :)"
          - "now([_-]|)token(=| =|:| :)"
          - "non([_-]|)token(=| =|:| :)"
          - "node([_-]|)pre([_-]|)gyp([_-]|)secretaccesskey(=| =|:| :)"
          - "node([_-]|)pre([_-]|)gyp([_-]|)github([_-]|)token(=| =|:| :)"
          - "node([_-]|)pre([_-]|)gyp([_-]|)accesskeyid(=| =|:| :)"
          - "node([_-]|)env(=| =|:| :)"
          - "ngrok([_-]|)token(=| =|:| :)"
          - "ngrok([_-]|)auth([_-]|)token(=| =|:| :)"
          - "nexuspassword(=| =|:| :)"
          - "nexus([_-]|)password(=| =|:| :)"
          - "new([_-]|)relic([_-]|)beta([_-]|)token(=| =|:| :)"
          - "netlify([_-]|)api([_-]|)key(=| =|:| :)"
          - "nativeevents(=| =|:| :)"
          - "mysqlsecret(=| =|:| :)"
          - "mysqlmasteruser(=| =|:| :)"
          - "mysql([_-]|)username(=| =|:| :)"
          - "mysql([_-]|)user(=| =|:| :)"
          - "mysql([_-]|)root([_-]|)password(=| =|:| :)"
          - "mysql([_-]|)password(=| =|:| :)"
          - "mysql([_-]|)hostname(=| =|:| :)"
          - "mysql([_-]|)database(=| =|:| :)"
          - "my([_-]|)secret([_-]|)env(=| =|:| :)"
          - "multi([_-]|)workspace([_-]|)sid(=| =|:| :)"
          - "multi([_-]|)workflow([_-]|)sid(=| =|:| :)"
          - "multi([_-]|)disconnect([_-]|)sid(=| =|:| :)"
          - "multi([_-]|)connect([_-]|)sid(=| =|:| :)"
          - "multi([_-]|)bob([_-]|)sid(=| =|:| :)"
          - "minio([_-]|)secret([_-]|)key(=| =|:| :)"
          - "minio([_-]|)access([_-]|)key(=| =|:| :)"
          - "mile([_-]|)zero([_-]|)key(=| =|:| :)"
          - "mh([_-]|)password(=| =|:| :)"
          - "mh([_-]|)apikey(=| =|:| :)"
          - "mg([_-]|)public([_-]|)api([_-]|)key(=| =|:| :)"
          - "mg([_-]|)api([_-]|)key(=| =|:| :)"
          - "mapboxaccesstoken(=| =|:| :)"
          - "mapbox([_-]|)aws([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "mapbox([_-]|)aws([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "mapbox([_-]|)api([_-]|)token(=| =|:| :)"
          - "mapbox([_-]|)access([_-]|)token(=| =|:| :)"
          - "manifest([_-]|)app([_-]|)url(=| =|:| :)"
          - "manifest([_-]|)app([_-]|)token(=| =|:| :)"
          - "mandrill([_-]|)api([_-]|)key(=| =|:| :)"
          - "managementapiaccesstoken(=| =|:| :)"
          - "management([_-]|)token(=| =|:| :)"
          - "manage([_-]|)secret(=| =|:| :)"
          - "manage([_-]|)key(=| =|:| :)"
          - "mailgun([_-]|)secret([_-]|)api([_-]|)key(=| =|:| :)"
          - "mailgun([_-]|)pub([_-]|)key(=| =|:| :)"
          - "mailgun([_-]|)pub([_-]|)apikey(=| =|:| :)"
          - "mailgun([_-]|)priv([_-]|)key(=| =|:| :)"
          - "mailgun([_-]|)password(=| =|:| :)"
          - "mailgun([_-]|)apikey(=| =|:| :)"
          - "mailgun([_-]|)api([_-]|)key(=| =|:| :)"
          - "mailer([_-]|)password(=| =|:| :)"
          - "mailchimp([_-]|)key(=| =|:| :)"
          - "mailchimp([_-]|)api([_-]|)key(=| =|:| :)"
          - "mail([_-]|)password(=| =|:| :)"
          - "magento([_-]|)password(=| =|:| :)"
          - "magento([_-]|)auth([_-]|)username (=| =|:| :)"
          - "magento([_-]|)auth([_-]|)password(=| =|:| :)"
          - "lottie([_-]|)upload([_-]|)cert([_-]|)key([_-]|)store([_-]|)password(=| =|:| :)"
          - "lottie([_-]|)upload([_-]|)cert([_-]|)key([_-]|)password(=| =|:| :)"
          - "lottie([_-]|)s3([_-]|)secret([_-]|)key(=| =|:| :)"
          - "lottie([_-]|)happo([_-]|)secret([_-]|)key(=| =|:| :)"
          - "lottie([_-]|)happo([_-]|)api([_-]|)key(=| =|:| :)"
          - "looker([_-]|)test([_-]|)runner([_-]|)client([_-]|)secret(=| =|:| :)"
          - "ll([_-]|)shared([_-]|)key(=| =|:| :)"
          - "ll([_-]|)publish([_-]|)url(=| =|:| :)"
          - "linux([_-]|)signing([_-]|)key(=| =|:| :)"
          - "linkedin([_-]|)client([_-]|)secretor lottie([_-]|)s3([_-]|)api([_-]|)key(=| =|:| :)"
          - "lighthouse([_-]|)api([_-]|)key(=| =|:| :)"
          - "lektor([_-]|)deploy([_-]|)username(=| =|:| :)"
          - "lektor([_-]|)deploy([_-]|)password(=| =|:| :)"
          - "leanplum([_-]|)key(=| =|:| :)"
          - "kxoltsn3vogdop92m(=| =|:| :)"
          - "kubeconfig(=| =|:| :)"
          - "kubecfg([_-]|)s3([_-]|)path(=| =|:| :)"
          - "kovan([_-]|)private([_-]|)key(=| =|:| :)"
          - "keystore([_-]|)pass(=| =|:| :)"
          - "kafka([_-]|)rest([_-]|)url(=| =|:| :)"
          - "kafka([_-]|)instance([_-]|)name(=| =|:| :)"
          - "kafka([_-]|)admin([_-]|)url(=| =|:| :)"
          - "jwt([_-]|)secret(=| =|:| :)"
          - "jdbc:mysql(=| =|:| :)"
          - "jdbc([_-]|)host(=| =|:| :)"
          - "jdbc([_-]|)databaseurl(=| =|:| :)"
          - "itest([_-]|)gh([_-]|)token(=| =|:| :)"
          - "ios([_-]|)docs([_-]|)deploy([_-]|)token(=| =|:| :)"
          - "internal([_-]|)secrets(=| =|:| :)"
          - "integration([_-]|)test([_-]|)appid(=| =|:| :)"
          - "integration([_-]|)test([_-]|)api([_-]|)key(=| =|:| :)"
          - "index([_-]|)name(=| =|:| :)"
          - "ij([_-]|)repo([_-]|)username(=| =|:| :)"
          - "ij([_-]|)repo([_-]|)password(=| =|:| :)"
          - "hub([_-]|)dxia2([_-]|)password(=| =|:| :)"
          - "homebrew([_-]|)github([_-]|)api([_-]|)token(=| =|:| :)"
          - "hockeyapp([_-]|)token(=| =|:| :)"
          - "heroku([_-]|)token(=| =|:| :)"
          - "heroku([_-]|)email(=| =|:| :)"
          - "heroku([_-]|)api([_-]|)key(=| =|:| :)"
          - "hb([_-]|)codesign([_-]|)key([_-]|)pass(=| =|:| :)"
          - "hb([_-]|)codesign([_-]|)gpg([_-]|)pass(=| =|:| :)"
          - "hab([_-]|)key(=| =|:| :)"
          - "hab([_-]|)auth([_-]|)token(=| =|:| :)"
          - "grgit([_-]|)user(=| =|:| :)"
          - "gren([_-]|)github([_-]|)token(=| =|:| :)"
          - "gradle([_-]|)signing([_-]|)password(=| =|:| :)"
          - "gradle([_-]|)signing([_-]|)key([_-]|)id(=| =|:| :)"
          - "gradle([_-]|)publish([_-]|)secret(=| =|:| :)"
          - "gradle([_-]|)publish([_-]|)key(=| =|:| :)"
          - "gpg([_-]|)secret([_-]|)keys(=| =|:| :)"
          - "gpg([_-]|)private([_-]|)key(=| =|:| :)"
          - "gpg([_-]|)passphrase(=| =|:| :)"
          - "gpg([_-]|)ownertrust(=| =|:| :)"
          - "gpg([_-]|)keyname(=| =|:| :)"
          - "gpg([_-]|)key([_-]|)name(=| =|:| :)"
          - "google([_-]|)private([_-]|)key(=| =|:| :)"
          - "google([_-]|)maps([_-]|)api([_-]|)key(=| =|:| :)"
          - "google([_-]|)client([_-]|)secret(=| =|:| :)"
          - "google([_-]|)client([_-]|)id(=| =|:| :)"
          - "google([_-]|)client([_-]|)email(=| =|:| :)"
          - "google([_-]|)account([_-]|)type(=| =|:| :)"
          - "gogs([_-]|)password(=| =|:| :)"
          - "gitlab([_-]|)user([_-]|)email(=| =|:| :)"
          - "github([_-]|)tokens(=| =|:| :)"
          - "github([_-]|)token(=| =|:| :)"
          - "github([_-]|)repo(=| =|:| :)"
          - "github([_-]|)release([_-]|)token(=| =|:| :)"
          - "github([_-]|)pwd(=| =|:| :)"
          - "github([_-]|)password(=| =|:| :)"
          - "github([_-]|)oauth([_-]|)token(=| =|:| :)"
          - "github([_-]|)oauth(=| =|:| :)"
          - "github([_-]|)key(=| =|:| :)"
          - "github([_-]|)hunter([_-]|)username(=| =|:| :)"
          - "github([_-]|)hunter([_-]|)token(=| =|:| :)"
          - "github([_-]|)deployment([_-]|)token(=| =|:| :)"
          - "github([_-]|)deploy([_-]|)hb([_-]|)doc([_-]|)pass(=| =|:| :)"
          - "github([_-]|)client([_-]|)secret(=| =|:| :)"
          - "github([_-]|)auth([_-]|)token(=| =|:| :)"
          - "github([_-]|)auth(=| =|:| :)"
          - "github([_-]|)api([_-]|)token(=| =|:| :)"
          - "github([_-]|)api([_-]|)key(=| =|:| :)"
          - "github([_-]|)access([_-]|)token(=| =|:| :)"
          - "git([_-]|)token(=| =|:| :)"
          - "git([_-]|)name(=| =|:| :)"
          - "git([_-]|)email(=| =|:| :)"
          - "git([_-]|)committer([_-]|)name(=| =|:| :)"
          - "git([_-]|)committer([_-]|)email(=| =|:| :)"
          - "git([_-]|)author([_-]|)name(=| =|:| :)"
          - "git([_-]|)author([_-]|)email(=| =|:| :)"
          - "ghost([_-]|)api([_-]|)key(=| =|:| :)"
          - "ghb([_-]|)token(=| =|:| :)"
          - "gh([_-]|)unstable([_-]|)oauth([_-]|)client([_-]|)secret(=| =|:| :)"
          - "gh([_-]|)token(=| =|:| :)"
          - "gh([_-]|)repo([_-]|)token(=| =|:| :)"
          - "gh([_-]|)oauth([_-]|)token(=| =|:| :)"
          - "gh([_-]|)oauth([_-]|)client([_-]|)secret(=| =|:| :)"
          - "gh([_-]|)next([_-]|)unstable([_-]|)oauth([_-]|)client([_-]|)secret(=| =|:| :)"
          - "gh([_-]|)next([_-]|)unstable([_-]|)oauth([_-]|)client([_-]|)id(=| =|:| :)"
          - "gh([_-]|)next([_-]|)oauth([_-]|)client([_-]|)secret(=| =|:| :)"
          - "gh([_-]|)email(=| =|:| :)"
          - "gh([_-]|)api([_-]|)key(=| =|:| :)"
          - "gcs([_-]|)bucket(=| =|:| :)"
          - "gcr([_-]|)password(=| =|:| :)"
          - "gcloud([_-]|)service([_-]|)key(=| =|:| :)"
          - "gcloud([_-]|)project(=| =|:| :)"
          - "gcloud([_-]|)bucket(=| =|:| :)"
          - "ftp([_-]|)username(=| =|:| :)"
          - "ftp([_-]|)user(=| =|:| :)"
          - "ftp([_-]|)pw(=| =|:| :)"
          - "ftp([_-]|)password(=| =|:| :)"
          - "ftp([_-]|)login(=| =|:| :)"
          - "ftp([_-]|)host(=| =|:| :)"
          - "fossa([_-]|)api([_-]|)key(=| =|:| :)"
          - "flickr([_-]|)api([_-]|)secret(=| =|:| :)"
          - "flickr([_-]|)api([_-]|)key(=| =|:| :)"
          - "flask([_-]|)secret([_-]|)key(=| =|:| :)"
          - "firefox([_-]|)secret(=| =|:| :)"
          - "firebase([_-]|)token(=| =|:| :)"
          - "firebase([_-]|)project([_-]|)develop(=| =|:| :)"
          - "firebase([_-]|)key(=| =|:| :)"
          - "firebase([_-]|)api([_-]|)token(=| =|:| :)"
          - "firebase([_-]|)api([_-]|)json(=| =|:| :)"
          - "file([_-]|)password(=| =|:| :)"
          - "exp([_-]|)password(=| =|:| :)"
          - "eureka([_-]|)awssecretkey(=| =|:| :)"
          - "env([_-]|)sonatype([_-]|)password(=| =|:| :)"
          - "env([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "env([_-]|)secret(=| =|:| :)"
          - "env([_-]|)key(=| =|:| :)"
          - "env([_-]|)heroku([_-]|)api([_-]|)key(=| =|:| :)"
          - "env([_-]|)github([_-]|)oauth([_-]|)token(=| =|:| :)"
          - "end([_-]|)user([_-]|)password(=| =|:| :)"
          - "encryption([_-]|)password(=| =|:| :)"
          - "elasticsearch([_-]|)password(=| =|:| :)"
          - "elastic([_-]|)cloud([_-]|)auth(=| =|:| :)"
          - "dsonar([_-]|)projectkey(=| =|:| :)"
          - "dsonar([_-]|)login(=| =|:| :)"
          - "droplet([_-]|)travis([_-]|)password(=| =|:| :)"
          - "dropbox([_-]|)oauth([_-]|)bearer(=| =|:| :)"
          - "doordash([_-]|)auth([_-]|)token(=| =|:| :)"
          - "dockerhubpassword(=| =|:| :)"
          - "dockerhub([_-]|)password(=| =|:| :)"
          - "docker([_-]|)token(=| =|:| :)"
          - "docker([_-]|)postgres([_-]|)url(=| =|:| :)"
          - "docker([_-]|)password(=| =|:| :)"
          - "docker([_-]|)passwd(=| =|:| :)"
          - "docker([_-]|)pass(=| =|:| :)"
          - "docker([_-]|)key(=| =|:| :)"
          - "docker([_-]|)hub([_-]|)password(=| =|:| :)"
          - "digitalocean([_-]|)ssh([_-]|)key([_-]|)ids(=| =|:| :)"
          - "digitalocean([_-]|)ssh([_-]|)key([_-]|)body(=| =|:| :)"
          - "digitalocean([_-]|)access([_-]|)token(=| =|:| :)"
          - "dgpg([_-]|)passphrase(=| =|:| :)"
          - "deploy([_-]|)user(=| =|:| :)"
          - "deploy([_-]|)token(=| =|:| :)"
          - "deploy([_-]|)secure(=| =|:| :)"
          - "deploy([_-]|)password(=| =|:| :)"
          - "ddgc([_-]|)github([_-]|)token(=| =|:| :)"
          - "ddg([_-]|)test([_-]|)email([_-]|)pw(=| =|:| :)"
          - "ddg([_-]|)test([_-]|)email(=| =|:| :)"
          - "db([_-]|)username(=| =|:| :)"
          - "db([_-]|)user(=| =|:| :)"
          - "db([_-]|)pw(=| =|:| :)"
          - "db([_-]|)password(=| =|:| :)"
          - "db([_-]|)host(=| =|:| :)"
          - "db([_-]|)database(=| =|:| :)"
          - "db([_-]|)connection(=| =|:| :)"
          - "datadog([_-]|)app([_-]|)key(=| =|:| :)"
          - "datadog([_-]|)api([_-]|)key(=| =|:| :)"
          - "database([_-]|)username(=| =|:| :)"
          - "database([_-]|)user(=| =|:| :)"
          - "database([_-]|)port(=| =|:| :)"
          - "database([_-]|)password(=| =|:| :)"
          - "database([_-]|)name(=| =|:| :)"
          - "database([_-]|)host(=| =|:| :)"
          - "danger([_-]|)github([_-]|)api([_-]|)token(=| =|:| :)"
          - "cypress([_-]|)record([_-]|)key(=| =|:| :)"
          - "coverity([_-]|)scan([_-]|)token(=| =|:| :)"
          - "coveralls([_-]|)token(=| =|:| :)"
          - "coveralls([_-]|)repo([_-]|)token(=| =|:| :)"
          - "coveralls([_-]|)api([_-]|)token(=| =|:| :)"
          - "cos([_-]|)secrets(=| =|:| :)"
          - "conversation([_-]|)username(=| =|:| :)"
          - "conversation([_-]|)password(=| =|:| :)"
          - "contentful([_-]|)v2([_-]|)access([_-]|)token(=| =|:| :)"
          - "contentful([_-]|)test([_-]|)org([_-]|)cma([_-]|)token(=| =|:| :)"
          - "contentful([_-]|)php([_-]|)management([_-]|)test([_-]|)token(=| =|:| :)"
          - "contentful([_-]|)management([_-]|)api([_-]|)access([_-]|)token([_-]|)new(=| =|:| :)"
          - "contentful([_-]|)management([_-]|)api([_-]|)access([_-]|)token(=| =|:| :)"
          - "contentful([_-]|)integration([_-]|)management([_-]|)token(=| =|:| :)"
          - "contentful([_-]|)cma([_-]|)test([_-]|)token(=| =|:| :)"
          - "contentful([_-]|)access([_-]|)token(=| =|:| :)"
          - "consumerkey(=| =|:| :)"
          - "consumer([_-]|)key(=| =|:| :)"
          - "conekta([_-]|)apikey(=| =|:| :)"
          - "coding([_-]|)token(=| =|:| :)"
          - "codecov([_-]|)token(=| =|:| :)"
          - "codeclimate([_-]|)repo([_-]|)token(=| =|:| :)"
          - "codacy([_-]|)project([_-]|)token(=| =|:| :)"
          - "cocoapods([_-]|)trunk([_-]|)token(=| =|:| :)"
          - "cocoapods([_-]|)trunk([_-]|)email(=| =|:| :)"
          - "cn([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "cn([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "clu([_-]|)ssh([_-]|)private([_-]|)key([_-]|)base64(=| =|:| :)"
          - "clu([_-]|)repo([_-]|)url(=| =|:| :)"
          - "cloudinary([_-]|)url([_-]|)staging(=| =|:| :)"
          - "cloudinary([_-]|)url(=| =|:| :)"
          - "cloudflare([_-]|)email(=| =|:| :)"
          - "cloudflare([_-]|)auth([_-]|)key(=| =|:| :)"
          - "cloudflare([_-]|)auth([_-]|)email(=| =|:| :)"
          - "cloudflare([_-]|)api([_-]|)key(=| =|:| :)"
          - "cloudant([_-]|)service([_-]|)database(=| =|:| :)"
          - "cloudant([_-]|)processed([_-]|)database(=| =|:| :)"
          - "cloudant([_-]|)password(=| =|:| :)"
          - "cloudant([_-]|)parsed([_-]|)database(=| =|:| :)"
          - "cloudant([_-]|)order([_-]|)database(=| =|:| :)"
          - "cloudant([_-]|)instance(=| =|:| :)"
          - "cloudant([_-]|)database(=| =|:| :)"
          - "cloudant([_-]|)audited([_-]|)database(=| =|:| :)"
          - "cloudant([_-]|)archived([_-]|)database(=| =|:| :)"
          - "cloud([_-]|)api([_-]|)key(=| =|:| :)"
          - "clojars([_-]|)password(=| =|:| :)"
          - "client([_-]|)secret(=| =|:| :)"
          - "cli([_-]|)e2e([_-]|)cma([_-]|)token(=| =|:| :)"
          - "claimr([_-]|)token(=| =|:| :)"
          - "claimr([_-]|)superuser(=| =|:| :)"
          - "claimr([_-]|)db(=| =|:| :)"
          - "claimr([_-]|)database(=| =|:| :)"
          - "ci([_-]|)user([_-]|)token(=| =|:| :)"
          - "ci([_-]|)server([_-]|)name(=| =|:| :)"
          - "ci([_-]|)registry([_-]|)user(=| =|:| :)"
          - "ci([_-]|)project([_-]|)url(=| =|:| :)"
          - "ci([_-]|)deploy([_-]|)password(=| =|:| :)"
          - "chrome([_-]|)refresh([_-]|)token(=| =|:| :)"
          - "chrome([_-]|)client([_-]|)secret(=| =|:| :)"
          - "cheverny([_-]|)token(=| =|:| :)"
          - "cf([_-]|)password(=| =|:| :)"
          - "certificate([_-]|)password(=| =|:| :)"
          - "censys([_-]|)secret(=| =|:| :)"
          - "cattle([_-]|)secret([_-]|)key(=| =|:| :)"
          - "cattle([_-]|)agent([_-]|)instance([_-]|)auth(=| =|:| :)"
          - "cattle([_-]|)access([_-]|)key(=| =|:| :)"
          - "cargo([_-]|)token(=| =|:| :)"
          - "cache([_-]|)s3([_-]|)secret([_-]|)key(=| =|:| :)"
          - "bx([_-]|)username(=| =|:| :)"
          - "bx([_-]|)password(=| =|:| :)"
          - "bundlesize([_-]|)github([_-]|)token(=| =|:| :)"
          - "built([_-]|)branch([_-]|)deploy([_-]|)key(=| =|:| :)"
          - "bucketeer([_-]|)aws([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "bucketeer([_-]|)aws([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "browserstack([_-]|)access([_-]|)key(=| =|:| :)"
          - "browser([_-]|)stack([_-]|)access([_-]|)key(=| =|:| :)"
          - "brackets([_-]|)repo([_-]|)oauth([_-]|)token(=| =|:| :)"
          - "bluemix([_-]|)username(=| =|:| :)"
          - "bluemix([_-]|)pwd(=| =|:| :)"
          - "bluemix([_-]|)password(=| =|:| :)"
          - "bluemix([_-]|)pass([_-]|)prod(=| =|:| :)"
          - "bluemix([_-]|)pass(=| =|:| :)"
          - "bluemix([_-]|)auth(=| =|:| :)"
          - "bluemix([_-]|)api([_-]|)key(=| =|:| :)"
          - "bintraykey(=| =|:| :)"
          - "bintray([_-]|)token(=| =|:| :)"
          - "bintray([_-]|)key(=| =|:| :)"
          - "bintray([_-]|)gpg([_-]|)password(=| =|:| :)"
          - "bintray([_-]|)apikey(=| =|:| :)"
          - "bintray([_-]|)api([_-]|)key(=| =|:| :)"
          - "b2([_-]|)bucket(=| =|:| :)"
          - "b2([_-]|)app([_-]|)key(=| =|:| :)"
          - "awssecretkey(=| =|:| :)"
          - "awscn([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "awscn([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "awsaccesskeyid(=| =|:| :)"
          - "aws([_-]|)ses([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "aws([_-]|)ses([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "aws([_-]|)secrets(=| =|:| :)"
          - "aws([_-]|)secret([_-]|)key(=| =|:| :)"
          - "aws([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "aws([_-]|)secret(=| =|:| :)"
          - "aws([_-]|)key(=| =|:| :)"
          - "aws([_-]|)config([_-]|)secretaccesskey(=| =|:| :)"
          - "aws([_-]|)config([_-]|)accesskeyid(=| =|:| :)"
          - "aws([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "aws([_-]|)access([_-]|)key(=| =|:| :)"
          - "aws([_-]|)access(=| =|:| :)"
          - "author([_-]|)npm([_-]|)api([_-]|)key(=| =|:| :)"
          - "author([_-]|)email([_-]|)addr(=| =|:| :)"
          - "auth0([_-]|)client([_-]|)secret(=| =|:| :)"
          - "auth0([_-]|)api([_-]|)clientsecret(=| =|:| :)"
          - "auth([_-]|)token(=| =|:| :)"
          - "assistant([_-]|)iam([_-]|)apikey(=| =|:| :)"
          - "artifacts([_-]|)secret(=| =|:| :)"
          - "artifacts([_-]|)key(=| =|:| :)"
          - "artifacts([_-]|)bucket(=| =|:| :)"
          - "artifacts([_-]|)aws([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "artifacts([_-]|)aws([_-]|)access([_-]|)key([_-]|)id(=| =|:| :)"
          - "artifactory([_-]|)key(=| =|:| :)"
          - "argos([_-]|)token(=| =|:| :)"
          - "apple([_-]|)id([_-]|)password(=| =|:| :)"
          - "appclientsecret(=| =|:| :)"
          - "app([_-]|)token(=| =|:| :)"
          - "app([_-]|)secrete(=| =|:| :)"
          - "app([_-]|)report([_-]|)token([_-]|)key(=| =|:| :)"
          - "app([_-]|)bucket([_-]|)perm(=| =|:| :)"
          - "apigw([_-]|)access([_-]|)token(=| =|:| :)"
          - "apiary([_-]|)api([_-]|)key(=| =|:| :)"
          - "api([_-]|)secret(=| =|:| :)"
          - "api([_-]|)key([_-]|)sid(=| =|:| :)"
          - "api([_-]|)key([_-]|)secret(=| =|:| :)"
          - "api([_-]|)key(=| =|:| :)"
          - "aos([_-]|)sec(=| =|:| :)"
          - "aos([_-]|)key(=| =|:| :)"
          - "ansible([_-]|)vault([_-]|)password(=| =|:| :)"
          - "android([_-]|)docs([_-]|)deploy([_-]|)token(=| =|:| :)"
          - "anaconda([_-]|)token(=| =|:| :)"
          - "amazon([_-]|)secret([_-]|)access([_-]|)key(=| =|:| :)"
          - "amazon([_-]|)bucket([_-]|)name(=| =|:| :)"
          - "alicloud([_-]|)secret([_-]|)key(=| =|:| :)"
          - "alicloud([_-]|)access([_-]|)key(=| =|:| :)"
          - "alias([_-]|)pass(=| =|:| :)"
          - "algolia([_-]|)search([_-]|)key([_-]|)1(=| =|:| :)"
          - "algolia([_-]|)search([_-]|)key(=| =|:| :)"
          - "algolia([_-]|)search([_-]|)api([_-]|)key(=| =|:| :)"
          - "algolia([_-]|)api([_-]|)key([_-]|)search(=| =|:| :)"
          - "algolia([_-]|)api([_-]|)key([_-]|)mcm(=| =|:| :)"
          - "algolia([_-]|)api([_-]|)key(=| =|:| :)"
          - "algolia([_-]|)admin([_-]|)key([_-]|)mcm(=| =|:| :)"
          - "algolia([_-]|)admin([_-]|)key([_-]|)2(=| =|:| :)"
          - "algolia([_-]|)admin([_-]|)key([_-]|)1(=| =|:| :)"
          - "adzerk([_-]|)api([_-]|)key(=| =|:| :)"
          - "admin([_-]|)email(=| =|:| :)"
          - "account([_-]|)sid(=| =|:| :)"
          - "access([_-]|)token(=| =|:| :)"
          - "access([_-]|)secret(=| =|:| :)"
          - "access([_-]|)key([_-]|)secret(=| =|:| :)"