Merge pull request #344 from Sy3Omda/master

add Credentials Disclosure template to check for common secrets
patch-1
bauthard 2020-08-25 21:16:47 +05:30 committed by GitHub
commit ae0886c31a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 710 additions and 37 deletions

View File

@ -10,13 +10,6 @@ requests:
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
extractors:
- type: regex
part: body

View File

@ -10,13 +10,6 @@ requests:
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
extractors:
- type: regex
part: body

View File

@ -0,0 +1,709 @@
id: credentials-disclosure
# Extract secrets regex like api keys, password, token, etc ... for different services
# Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue.
# Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
# Regex count:- 687
info:
name: Credentials Disclosure Check
author: Sy3Omda
severity: medium
description: Look for multiple keys/tokens/passwords in the page response.
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "zopim[_-]account[_-]key(=| =|:| :)"
- "zhuliang[_-]gh[_-]token(=| =|:| :)"
- "zensonatypepassword(=| =|:| :)"
- "zendesk[_-]travis[_-]github(=| =|:| :)"
- "yt[_-]server[_-]api[_-]key(=| =|:| :)"
- "yt[_-]partner[_-]refresh[_-]token(=| =|:| :)"
- "yt[_-]partner[_-]client[_-]secret(=| =|:| :)"
- "yt[_-]client[_-]secret(=| =|:| :)"
- "yt[_-]api[_-]key(=| =|:| :)"
- "yt[_-]account[_-]refresh[_-]token(=| =|:| :)"
- "yt[_-]account[_-]client[_-]secret(=| =|:| :)"
- "yangshun[_-]gh[_-]token(=| =|:| :)"
- "yangshun[_-]gh[_-]password(=| =|:| :)"
- "www[_-]googleapis[_-]com(=| =|:| :)"
- "wpt[_-]ssh[_-]private[_-]key[_-]base64(=| =|:| :)"
- "wpt[_-]ssh[_-]connect(=| =|:| :)"
- "wpt[_-]report[_-]api[_-]key(=| =|:| :)"
- "wpt[_-]prepare[_-]dir(=| =|:| :)"
- "wpt[_-]db[_-]user(=| =|:| :)"
- "wpt[_-]db[_-]password(=| =|:| :)"
- "wporg[_-]password(=| =|:| :)"
- "wpjm[_-]phpunit[_-]google[_-]geocode[_-]api[_-]key(=| =|:| :)"
- "wordpress[_-]db[_-]user(=| =|:| :)"
- "wordpress[_-]db[_-]password(=| =|:| :)"
- "wincert[_-]password(=| =|:| :)"
- "widget[_-]test[_-]server(=| =|:| :)"
- "widget[_-]fb[_-]password[_-]3(=| =|:| :)"
- "widget[_-]fb[_-]password[_-]2(=| =|:| :)"
- "widget[_-]fb[_-]password(=| =|:| :)"
- "widget[_-]basic[_-]password[_-]5(=| =|:| :)"
- "widget[_-]basic[_-]password[_-]4(=| =|:| :)"
- "widget[_-]basic[_-]password[_-]3(=| =|:| :)"
- "widget[_-]basic[_-]password[_-]2(=| =|:| :)"
- "widget[_-]basic[_-]password(=| =|:| :)"
- "watson[_-]password(=| =|:| :)"
- "watson[_-]device[_-]password(=| =|:| :)"
- "watson[_-]conversation[_-]password(=| =|:| :)"
- "wakatime[_-]api[_-]key(=| =|:| :)"
- "vscetoken(=| =|:| :)"
- "visual[_-]recognition[_-]api[_-]key(=| =|:| :)"
- "virustotal[_-]apikey(=| =|:| :)"
- "vip[_-]github[_-]deploy[_-]key[_-]pass(=| =|:| :)"
- "vip[_-]github[_-]deploy[_-]key(=| =|:| :)"
- "vip[_-]github[_-]build[_-]repo[_-]deploy[_-]key(=| =|:| :)"
- "v[_-]sfdc[_-]password(=| =|:| :)"
- "v[_-]sfdc[_-]client[_-]secret(=| =|:| :)"
- "usertravis(=| =|:| :)"
- "user[_-]assets[_-]secret[_-]access[_-]key(=| =|:| :)"
- "user[_-]assets[_-]access[_-]key[_-]id(=| =|:| :)"
- "use[_-]ssh(=| =|:| :)"
- "us[_-]east[_-]1[_-]elb[_-]amazonaws[_-]com(=| =|:| :)"
- "urban[_-]secret(=| =|:| :)"
- "urban[_-]master[_-]secret(=| =|:| :)"
- "urban[_-]key(=| =|:| :)"
- "unity[_-]serial(=| =|:| :)"
- "unity[_-]password(=| =|:| :)"
- "twitteroauthaccesstoken(=| =|:| :)"
- "twitteroauthaccesssecret(=| =|:| :)"
- "twitter[_-]consumer[_-]secret(=| =|:| :)"
- "twitter[_-]consumer[_-]key(=| =|:| :)"
- "twine[_-]password(=| =|:| :)"
- "twilio[_-]token(=| =|:| :)"
- "twilio[_-]sid(=| =|:| :)"
- "twilio[_-]configuration[_-]sid(=| =|:| :)"
- "twilio[_-]chat[_-]account[_-]api[_-]service(=| =|:| :)"
- "twilio[_-]api[_-]secret(=| =|:| :)"
- "twilio[_-]api[_-]key(=| =|:| :)"
- "trex[_-]okta[_-]client[_-]token(=| =|:| :)"
- "trex[_-]client[_-]token(=| =|:| :)"
- "travis[_-]token(=| =|:| :)"
- "travis[_-]secure[_-]env[_-]vars(=| =|:| :)"
- "travis[_-]pull[_-]request(=| =|:| :)"
- "travis[_-]gh[_-]token(=| =|:| :)"
- "travis[_-]e2e[_-]token(=| =|:| :)"
- "travis[_-]com[_-]token(=| =|:| :)"
- "travis[_-]branch(=| =|:| :)"
- "travis[_-]api[_-]token(=| =|:| :)"
- "travis[_-]access[_-]token(=| =|:| :)"
- "token[_-]core[_-]java(=| =|:| :)"
- "thera[_-]oss[_-]access[_-]key(=| =|:| :)"
- "tester[_-]keys[_-]password(=| =|:| :)"
- "test[_-]test(=| =|:| :)"
- "test[_-]github[_-]token(=| =|:| :)"
- "tesco[_-]api[_-]key(=| =|:| :)"
- "svn[_-]pass(=| =|:| :)"
- "surge[_-]token(=| =|:| :)"
- "surge[_-]login(=| =|:| :)"
- "stripe[_-]public(=| =|:| :)"
- "stripe[_-]private(=| =|:| :)"
- "strip[_-]secret[_-]key(=| =|:| :)"
- "strip[_-]publishable[_-]key(=| =|:| :)"
- "stormpath[_-]api[_-]key[_-]secret(=| =|:| :)"
- "stormpath[_-]api[_-]key[_-]id(=| =|:| :)"
- "starship[_-]auth[_-]token(=| =|:| :)"
- "starship[_-]account[_-]sid(=| =|:| :)"
- "star[_-]test[_-]secret[_-]access[_-]key(=| =|:| :)"
- "star[_-]test[_-]location(=| =|:| :)"
- "star[_-]test[_-]bucket(=| =|:| :)"
- "star[_-]test[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)"
- "staging[_-]base[_-]url[_-]runscope(=| =|:| :)"
- "ssmtp[_-]config(=| =|:| :)"
- "sshpass(=| =|:| :)"
- "srcclr[_-]api[_-]token(=| =|:| :)"
- "square[_-]reader[_-]sdk[_-]repository[_-]password(=| =|:| :)"
- "sqssecretkey(=| =|:| :)"
- "sqsaccesskey(=| =|:| :)"
- "spring[_-]mail[_-]password(=| =|:| :)"
- "spotify[_-]api[_-]client[_-]secret(=| =|:| :)"
- "spotify[_-]api[_-]access[_-]token(=| =|:| :)"
- "spaces[_-]secret[_-]access[_-]key(=| =|:| :)"
- "spaces[_-]access[_-]key[_-]id(=| =|:| :)"
- "soundcloud[_-]password(=| =|:| :)"
- "soundcloud[_-]client[_-]secret(=| =|:| :)"
- "sonatypepassword(=| =|:| :)"
- "sonatype[_-]token[_-]user(=| =|:| :)"
- "sonatype[_-]token[_-]password(=| =|:| :)"
- "sonatype[_-]password(=| =|:| :)"
- "sonatype[_-]pass(=| =|:| :)"
- "sonatype[_-]nexus[_-]password(=| =|:| :)"
- "sonatype[_-]gpg[_-]passphrase(=| =|:| :)"
- "sonatype[_-]gpg[_-]key[_-]name(=| =|:| :)"
- "sonar[_-]token(=| =|:| :)"
- "sonar[_-]project[_-]key(=| =|:| :)"
- "sonar[_-]organization[_-]key(=| =|:| :)"
- "socrata[_-]password(=| =|:| :)"
- "socrata[_-]app[_-]token(=| =|:| :)"
- "snyk[_-]token(=| =|:| :)"
- "snyk[_-]api[_-]token(=| =|:| :)"
- "snoowrap[_-]refresh[_-]token(=| =|:| :)"
- "snoowrap[_-]password(=| =|:| :)"
- "snoowrap[_-]client[_-]secret(=| =|:| :)"
- "slate[_-]user[_-]email(=| =|:| :)"
- "slash[_-]developer[_-]space[_-]key(=| =|:| :)"
- "slash[_-]developer[_-]space(=| =|:| :)"
- "signing[_-]key[_-]sid(=| =|:| :)"
- "signing[_-]key[_-]secret(=| =|:| :)"
- "signing[_-]key[_-]password(=| =|:| :)"
- "signing[_-]key(=| =|:| :)"
- "setsecretkey(=| =|:| :)"
- "setdstsecretkey(=| =|:| :)"
- "setdstaccesskey(=| =|:| :)"
- "ses[_-]secret[_-]key(=| =|:| :)"
- "ses[_-]access[_-]key(=| =|:| :)"
- "service[_-]account[_-]secret(=| =|:| :)"
- "sentry[_-]key(=| =|:| :)"
- "sentry[_-]endpoint(=| =|:| :)"
- "sentry[_-]default[_-]org(=| =|:| :)"
- "sentry[_-]auth[_-]token(=| =|:| :)"
- "sendwithus[_-]key(=| =|:| :)"
- "sendgrid[_-]username(=| =|:| :)"
- "sendgrid[_-]user(=| =|:| :)"
- "sendgrid[_-]password(=| =|:| :)"
- "sendgrid[_-]key(=| =|:| :)"
- "sendgrid[_-]api[_-]key(=| =|:| :)"
- "sendgrid(=| =|:| :)"
- "selion[_-]selenium[_-]host(=| =|:| :)"
- "selion[_-]log[_-]level[_-]dev(=| =|:| :)"
- "segment[_-]api[_-]key(=| =|:| :)"
- "secretkey(=| =|:| :)"
- "secretaccesskey(=| =|:| :)"
- "secret[_-]key[_-]base(=| =|:| :)"
- "secret[_-]9(=| =|:| :)"
- "secret[_-]8(=| =|:| :)"
- "secret[_-]7(=| =|:| :)"
- "secret[_-]6(=| =|:| :)"
- "secret[_-]5(=| =|:| :)"
- "secret[_-]4(=| =|:| :)"
- "secret[_-]3(=| =|:| :)"
- "secret[_-]2(=| =|:| :)"
- "secret[_-]11(=| =|:| :)"
- "secret[_-]10(=| =|:| :)"
- "secret[_-]1(=| =|:| :)"
- "secret[_-]0(=| =|:| :)"
- "sdr[_-]token(=| =|:| :)"
- "scrutinizer[_-]token(=| =|:| :)"
- "sauce[_-]access[_-]key(=| =|:| :)"
- "sandbox[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)"
- "sandbox[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)"
- "sandbox[_-]access[_-]token(=| =|:| :)"
- "salesforce[_-]bulk[_-]test[_-]security[_-]token(=| =|:| :)"
- "salesforce[_-]bulk[_-]test[_-]password(=| =|:| :)"
- "sacloud[_-]api(=| =|:| :)"
- "sacloud[_-]access[_-]token[_-]secret(=| =|:| :)"
- "sacloud[_-]access[_-]token(=| =|:| :)"
- "s3[_-]user[_-]secret(=| =|:| :)"
- "s3[_-]secret[_-]key(=| =|:| :)"
- "s3[_-]secret[_-]assets(=| =|:| :)"
- "s3[_-]secret[_-]app[_-]logs(=| =|:| :)"
- "s3[_-]key[_-]assets(=| =|:| :)"
- "s3[_-]key[_-]app[_-]logs(=| =|:| :)"
- "s3[_-]key(=| =|:| :)"
- "s3[_-]external[_-]3[_-]amazonaws[_-]com(=| =|:| :)"
- "s3[_-]bucket[_-]name[_-]assets(=| =|:| :)"
- "s3[_-]bucket[_-]name[_-]app[_-]logs(=| =|:| :)"
- "s3[_-]access[_-]key[_-]id(=| =|:| :)"
- "s3[_-]access[_-]key(=| =|:| :)"
- "rubygems[_-]auth[_-]token(=| =|:| :)"
- "rtd[_-]store[_-]pass(=| =|:| :)"
- "rtd[_-]key[_-]pass(=| =|:| :)"
- "route53[_-]access[_-]key[_-]id(=| =|:| :)"
- "ropsten[_-]private[_-]key(=| =|:| :)"
- "rinkeby[_-]private[_-]key(=| =|:| :)"
- "rest[_-]api[_-]key(=| =|:| :)"
- "repotoken(=| =|:| :)"
- "reporting[_-]webdav[_-]url(=| =|:| :)"
- "reporting[_-]webdav[_-]pwd(=| =|:| :)"
- "release[_-]token(=| =|:| :)"
- "release[_-]gh[_-]token(=| =|:| :)"
- "registry[_-]secure(=| =|:| :)"
- "registry[_-]pass(=| =|:| :)"
- "refresh[_-]token(=| =|:| :)"
- "rediscloud[_-]url(=| =|:| :)"
- "redis[_-]stunnel[_-]urls(=| =|:| :)"
- "randrmusicapiaccesstoken(=| =|:| :)"
- "rabbitmq[_-]password(=| =|:| :)"
- "quip[_-]token(=| =|:| :)"
- "qiita[_-]token(=| =|:| :)"
- "pypi[_-]passowrd(=| =|:| :)"
- "pushover[_-]token(=| =|:| :)"
- "publish[_-]secret(=| =|:| :)"
- "publish[_-]key(=| =|:| :)"
- "publish[_-]access(=| =|:| :)"
- "project[_-]config(=| =|:| :)"
- "prod[_-]secret[_-]key(=| =|:| :)"
- "prod[_-]password(=| =|:| :)"
- "prod[_-]access[_-]key[_-]id(=| =|:| :)"
- "private[_-]signing[_-]password(=| =|:| :)"
- "pring[_-]mail[_-]username(=| =|:| :)"
- "preferred[_-]username(=| =|:| :)"
- "prebuild[_-]auth(=| =|:| :)"
- "postgresql[_-]pass(=| =|:| :)"
- "postgresql[_-]db(=| =|:| :)"
- "postgres[_-]env[_-]postgres[_-]password(=| =|:| :)"
- "postgres[_-]env[_-]postgres[_-]db(=| =|:| :)"
- "plugin[_-]password(=| =|:| :)"
- "plotly[_-]apikey(=| =|:| :)"
- "places[_-]apikey(=| =|:| :)"
- "places[_-]api[_-]key(=| =|:| :)"
- "pg[_-]host(=| =|:| :)"
- "pg[_-]database(=| =|:| :)"
- "personal[_-]secret(=| =|:| :)"
- "personal[_-]key(=| =|:| :)"
- "percy[_-]token(=| =|:| :)"
- "percy[_-]project(=| =|:| :)"
- "paypal[_-]client[_-]secret(=| =|:| :)"
- "passwordtravis(=| =|:| :)"
- "parse[_-]js[_-]key(=| =|:| :)"
- "pagerduty[_-]apikey(=| =|:| :)"
- "packagecloud[_-]token(=| =|:| :)"
- "ossrh[_-]username(=| =|:| :)"
- "ossrh[_-]secret(=| =|:| :)"
- "ossrh[_-]password(=| =|:| :)"
- "ossrh[_-]pass(=| =|:| :)"
- "ossrh[_-]jira[_-]password(=| =|:| :)"
- "os[_-]password(=| =|:| :)"
- "os[_-]auth[_-]url(=| =|:| :)"
- "org[_-]project[_-]gradle[_-]sonatype[_-]nexus[_-]password(=| =|:| :)"
- "org[_-]gradle[_-]project[_-]sonatype[_-]nexus[_-]password(=| =|:| :)"
- "openwhisk[_-]key(=| =|:| :)"
- "open[_-]whisk[_-]key(=| =|:| :)"
- "onesignal[_-]user[_-]auth[_-]key(=| =|:| :)"
- "onesignal[_-]api[_-]key(=| =|:| :)"
- "omise[_-]skey(=| =|:| :)"
- "omise[_-]pubkey(=| =|:| :)"
- "omise[_-]pkey(=| =|:| :)"
- "omise[_-]key(=| =|:| :)"
- "okta[_-]oauth2[_-]clientsecret(=| =|:| :)"
- "okta[_-]oauth2[_-]client[_-]secret(=| =|:| :)"
- "okta[_-]client[_-]token(=| =|:| :)"
- "ofta[_-]secret(=| =|:| :)"
- "ofta[_-]region(=| =|:| :)"
- "ofta[_-]key(=| =|:| :)"
- "octest[_-]password(=| =|:| :)"
- "octest[_-]app[_-]username(=| =|:| :)"
- "octest[_-]app[_-]password(=| =|:| :)"
- "oc[_-]pass(=| =|:| :)"
- "object[_-]store[_-]creds(=| =|:| :)"
- "object[_-]store[_-]bucket(=| =|:| :)"
- "object[_-]storage[_-]region[_-]name(=| =|:| :)"
- "object[_-]storage[_-]password(=| =|:| :)"
- "oauth[_-]token(=| =|:| :)"
- "numbers[_-]service[_-]pass(=| =|:| :)"
- "nuget[_-]key(=| =|:| :)"
- "nuget[_-]apikey(=| =|:| :)"
- "nuget[_-]api[_-]key(=| =|:| :)"
- "npm[_-]token(=| =|:| :)"
- "npm[_-]secret[_-]key(=| =|:| :)"
- "npm[_-]password(=| =|:| :)"
- "npm[_-]email(=| =|:| :)"
- "npm[_-]auth[_-]token(=| =|:| :)"
- "npm[_-]api[_-]token(=| =|:| :)"
- "npm[_-]api[_-]key(=| =|:| :)"
- "now[_-]token(=| =|:| :)"
- "non[_-]token(=| =|:| :)"
- "node[_-]pre[_-]gyp[_-]secretaccesskey(=| =|:| :)"
- "node[_-]pre[_-]gyp[_-]github[_-]token(=| =|:| :)"
- "node[_-]pre[_-]gyp[_-]accesskeyid(=| =|:| :)"
- "node[_-]env(=| =|:| :)"
- "ngrok[_-]token(=| =|:| :)"
- "ngrok[_-]auth[_-]token(=| =|:| :)"
- "nexuspassword(=| =|:| :)"
- "nexus[_-]password(=| =|:| :)"
- "new[_-]relic[_-]beta[_-]token(=| =|:| :)"
- "netlify[_-]api[_-]key(=| =|:| :)"
- "nativeevents(=| =|:| :)"
- "mysqlsecret(=| =|:| :)"
- "mysqlmasteruser(=| =|:| :)"
- "mysql[_-]username(=| =|:| :)"
- "mysql[_-]user(=| =|:| :)"
- "mysql[_-]root[_-]password(=| =|:| :)"
- "mysql[_-]password(=| =|:| :)"
- "mysql[_-]hostname(=| =|:| :)"
- "mysql[_-]database(=| =|:| :)"
- "my[_-]secret[_-]env(=| =|:| :)"
- "multi[_-]workspace[_-]sid(=| =|:| :)"
- "multi[_-]workflow[_-]sid(=| =|:| :)"
- "multi[_-]disconnect[_-]sid(=| =|:| :)"
- "multi[_-]connect[_-]sid(=| =|:| :)"
- "multi[_-]bob[_-]sid(=| =|:| :)"
- "minio[_-]secret[_-]key(=| =|:| :)"
- "minio[_-]access[_-]key(=| =|:| :)"
- "mile[_-]zero[_-]key(=| =|:| :)"
- "mh[_-]password(=| =|:| :)"
- "mh[_-]apikey(=| =|:| :)"
- "mg[_-]public[_-]api[_-]key(=| =|:| :)"
- "mg[_-]api[_-]key(=| =|:| :)"
- "mapboxaccesstoken(=| =|:| :)"
- "mapbox[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)"
- "mapbox[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)"
- "mapbox[_-]api[_-]token(=| =|:| :)"
- "mapbox[_-]access[_-]token(=| =|:| :)"
- "manifest[_-]app[_-]url(=| =|:| :)"
- "manifest[_-]app[_-]token(=| =|:| :)"
- "mandrill[_-]api[_-]key(=| =|:| :)"
- "managementapiaccesstoken(=| =|:| :)"
- "management[_-]token(=| =|:| :)"
- "manage[_-]secret(=| =|:| :)"
- "manage[_-]key(=| =|:| :)"
- "mailgun[_-]secret[_-]api[_-]key(=| =|:| :)"
- "mailgun[_-]pub[_-]key(=| =|:| :)"
- "mailgun[_-]pub[_-]apikey(=| =|:| :)"
- "mailgun[_-]priv[_-]key(=| =|:| :)"
- "mailgun[_-]password(=| =|:| :)"
- "mailgun[_-]apikey(=| =|:| :)"
- "mailgun[_-]api[_-]key(=| =|:| :)"
- "mailer[_-]password(=| =|:| :)"
- "mailchimp[_-]key(=| =|:| :)"
- "mailchimp[_-]api[_-]key(=| =|:| :)"
- "mail[_-]password(=| =|:| :)"
- "magento[_-]password(=| =|:| :)"
- "magento[_-]auth[_-]username (=| =|:| :)"
- "magento[_-]auth[_-]password(=| =|:| :)"
- "lottie[_-]upload[_-]cert[_-]key[_-]store[_-]password(=| =|:| :)"
- "lottie[_-]upload[_-]cert[_-]key[_-]password(=| =|:| :)"
- "lottie[_-]s3[_-]secret[_-]key(=| =|:| :)"
- "lottie[_-]happo[_-]secret[_-]key(=| =|:| :)"
- "lottie[_-]happo[_-]api[_-]key(=| =|:| :)"
- "looker[_-]test[_-]runner[_-]client[_-]secret(=| =|:| :)"
- "ll[_-]shared[_-]key(=| =|:| :)"
- "ll[_-]publish[_-]url(=| =|:| :)"
- "linux[_-]signing[_-]key(=| =|:| :)"
- "linkedin[_-]client[_-]secretor lottie[_-]s3[_-]api[_-]key(=| =|:| :)"
- "lighthouse[_-]api[_-]key(=| =|:| :)"
- "lektor[_-]deploy[_-]username(=| =|:| :)"
- "lektor[_-]deploy[_-]password(=| =|:| :)"
- "leanplum[_-]key(=| =|:| :)"
- "kxoltsn3vogdop92m(=| =|:| :)"
- "kubeconfig(=| =|:| :)"
- "kubecfg[_-]s3[_-]path(=| =|:| :)"
- "kovan[_-]private[_-]key(=| =|:| :)"
- "keystore[_-]pass(=| =|:| :)"
- "kafka[_-]rest[_-]url(=| =|:| :)"
- "kafka[_-]instance[_-]name(=| =|:| :)"
- "kafka[_-]admin[_-]url(=| =|:| :)"
- "jwt[_-]secret(=| =|:| :)"
- "jdbc:mysql(=| =|:| :)"
- "jdbc[_-]host(=| =|:| :)"
- "jdbc[_-]databaseurl(=| =|:| :)"
- "itest[_-]gh[_-]token(=| =|:| :)"
- "ios[_-]docs[_-]deploy[_-]token(=| =|:| :)"
- "internal[_-]secrets(=| =|:| :)"
- "integration[_-]test[_-]appid(=| =|:| :)"
- "integration[_-]test[_-]api[_-]key(=| =|:| :)"
- "index[_-]name(=| =|:| :)"
- "ij[_-]repo[_-]username(=| =|:| :)"
- "ij[_-]repo[_-]password(=| =|:| :)"
- "hub[_-]dxia2[_-]password(=| =|:| :)"
- "homebrew[_-]github[_-]api[_-]token(=| =|:| :)"
- "hockeyapp[_-]token(=| =|:| :)"
- "heroku[_-]token(=| =|:| :)"
- "heroku[_-]email(=| =|:| :)"
- "heroku[_-]api[_-]key(=| =|:| :)"
- "hb[_-]codesign[_-]key[_-]pass(=| =|:| :)"
- "hb[_-]codesign[_-]gpg[_-]pass(=| =|:| :)"
- "hab[_-]key(=| =|:| :)"
- "hab[_-]auth[_-]token(=| =|:| :)"
- "grgit[_-]user(=| =|:| :)"
- "gren[_-]github[_-]token(=| =|:| :)"
- "gradle[_-]signing[_-]password(=| =|:| :)"
- "gradle[_-]signing[_-]key[_-]id(=| =|:| :)"
- "gradle[_-]publish[_-]secret(=| =|:| :)"
- "gradle[_-]publish[_-]key(=| =|:| :)"
- "gpg[_-]secret[_-]keys(=| =|:| :)"
- "gpg[_-]private[_-]key(=| =|:| :)"
- "gpg[_-]passphrase(=| =|:| :)"
- "gpg[_-]ownertrust(=| =|:| :)"
- "gpg[_-]keyname(=| =|:| :)"
- "gpg[_-]key[_-]name(=| =|:| :)"
- "google[_-]private[_-]key(=| =|:| :)"
- "google[_-]maps[_-]api[_-]key(=| =|:| :)"
- "google[_-]client[_-]secret(=| =|:| :)"
- "google[_-]client[_-]id(=| =|:| :)"
- "google[_-]client[_-]email(=| =|:| :)"
- "google[_-]account[_-]type(=| =|:| :)"
- "gogs[_-]password(=| =|:| :)"
- "gitlab[_-]user[_-]email(=| =|:| :)"
- "github[_-]tokens(=| =|:| :)"
- "github[_-]token(=| =|:| :)"
- "github[_-]repo(=| =|:| :)"
- "github[_-]release[_-]token(=| =|:| :)"
- "github[_-]pwd(=| =|:| :)"
- "github[_-]password(=| =|:| :)"
- "github[_-]oauth[_-]token(=| =|:| :)"
- "github[_-]oauth(=| =|:| :)"
- "github[_-]key(=| =|:| :)"
- "github[_-]hunter[_-]username(=| =|:| :)"
- "github[_-]hunter[_-]token(=| =|:| :)"
- "github[_-]deployment[_-]token(=| =|:| :)"
- "github[_-]deploy[_-]hb[_-]doc[_-]pass(=| =|:| :)"
- "github[_-]client[_-]secret(=| =|:| :)"
- "github[_-]auth[_-]token(=| =|:| :)"
- "github[_-]auth(=| =|:| :)"
- "github[_-]api[_-]token(=| =|:| :)"
- "github[_-]api[_-]key(=| =|:| :)"
- "github[_-]access[_-]token(=| =|:| :)"
- "git[_-]token(=| =|:| :)"
- "git[_-]name(=| =|:| :)"
- "git[_-]email(=| =|:| :)"
- "git[_-]committer[_-]name(=| =|:| :)"
- "git[_-]committer[_-]email(=| =|:| :)"
- "git[_-]author[_-]name(=| =|:| :)"
- "git[_-]author[_-]email(=| =|:| :)"
- "ghost[_-]api[_-]key(=| =|:| :)"
- "ghb[_-]token(=| =|:| :)"
- "gh[_-]unstable[_-]oauth[_-]client[_-]secret(=| =|:| :)"
- "gh[_-]token(=| =|:| :)"
- "gh[_-]repo[_-]token(=| =|:| :)"
- "gh[_-]oauth[_-]token(=| =|:| :)"
- "gh[_-]oauth[_-]client[_-]secret(=| =|:| :)"
- "gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]secret(=| =|:| :)"
- "gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]id(=| =|:| :)"
- "gh[_-]next[_-]oauth[_-]client[_-]secret(=| =|:| :)"
- "gh[_-]email(=| =|:| :)"
- "gh[_-]api[_-]key(=| =|:| :)"
- "gcs[_-]bucket(=| =|:| :)"
- "gcr[_-]password(=| =|:| :)"
- "gcloud[_-]service[_-]key(=| =|:| :)"
- "gcloud[_-]project(=| =|:| :)"
- "gcloud[_-]bucket(=| =|:| :)"
- "ftp[_-]username(=| =|:| :)"
- "ftp[_-]user(=| =|:| :)"
- "ftp[_-]pw(=| =|:| :)"
- "ftp[_-]password(=| =|:| :)"
- "ftp[_-]login(=| =|:| :)"
- "ftp[_-]host(=| =|:| :)"
- "fossa[_-]api[_-]key(=| =|:| :)"
- "flickr[_-]api[_-]secret(=| =|:| :)"
- "flickr[_-]api[_-]key(=| =|:| :)"
- "flask[_-]secret[_-]key(=| =|:| :)"
- "firefox[_-]secret(=| =|:| :)"
- "firebase[_-]token(=| =|:| :)"
- "firebase[_-]project[_-]develop(=| =|:| :)"
- "firebase[_-]key(=| =|:| :)"
- "firebase[_-]api[_-]token(=| =|:| :)"
- "firebase[_-]api[_-]json(=| =|:| :)"
- "file[_-]password(=| =|:| :)"
- "exp[_-]password(=| =|:| :)"
- "eureka[_-]awssecretkey(=| =|:| :)"
- "env[_-]sonatype[_-]password(=| =|:| :)"
- "env[_-]secret[_-]access[_-]key(=| =|:| :)"
- "env[_-]secret(=| =|:| :)"
- "env[_-]key(=| =|:| :)"
- "env[_-]heroku[_-]api[_-]key(=| =|:| :)"
- "env[_-]github[_-]oauth[_-]token(=| =|:| :)"
- "end[_-]user[_-]password(=| =|:| :)"
- "encryption[_-]password(=| =|:| :)"
- "elasticsearch[_-]password(=| =|:| :)"
- "elastic[_-]cloud[_-]auth(=| =|:| :)"
- "dsonar[_-]projectkey(=| =|:| :)"
- "dsonar[_-]login(=| =|:| :)"
- "droplet[_-]travis[_-]password(=| =|:| :)"
- "dropbox[_-]oauth[_-]bearer(=| =|:| :)"
- "doordash[_-]auth[_-]token(=| =|:| :)"
- "dockerhubpassword(=| =|:| :)"
- "dockerhub[_-]password(=| =|:| :)"
- "docker[_-]token(=| =|:| :)"
- "docker[_-]postgres[_-]url(=| =|:| :)"
- "docker[_-]password(=| =|:| :)"
- "docker[_-]passwd(=| =|:| :)"
- "docker[_-]pass(=| =|:| :)"
- "docker[_-]key(=| =|:| :)"
- "docker[_-]hub[_-]password(=| =|:| :)"
- "digitalocean[_-]ssh[_-]key[_-]ids(=| =|:| :)"
- "digitalocean[_-]ssh[_-]key[_-]body(=| =|:| :)"
- "digitalocean[_-]access[_-]token(=| =|:| :)"
- "dgpg[_-]passphrase(=| =|:| :)"
- "deploy[_-]user(=| =|:| :)"
- "deploy[_-]token(=| =|:| :)"
- "deploy[_-]secure(=| =|:| :)"
- "deploy[_-]password(=| =|:| :)"
- "ddgc[_-]github[_-]token(=| =|:| :)"
- "ddg[_-]test[_-]email[_-]pw(=| =|:| :)"
- "ddg[_-]test[_-]email(=| =|:| :)"
- "db[_-]username(=| =|:| :)"
- "db[_-]user(=| =|:| :)"
- "db[_-]pw(=| =|:| :)"
- "db[_-]password(=| =|:| :)"
- "db[_-]host(=| =|:| :)"
- "db[_-]database(=| =|:| :)"
- "db[_-]connection(=| =|:| :)"
- "datadog[_-]app[_-]key(=| =|:| :)"
- "datadog[_-]api[_-]key(=| =|:| :)"
- "database[_-]username(=| =|:| :)"
- "database[_-]user(=| =|:| :)"
- "database[_-]port(=| =|:| :)"
- "database[_-]password(=| =|:| :)"
- "database[_-]name(=| =|:| :)"
- "database[_-]host(=| =|:| :)"
- "danger[_-]github[_-]api[_-]token(=| =|:| :)"
- "cypress[_-]record[_-]key(=| =|:| :)"
- "coverity[_-]scan[_-]token(=| =|:| :)"
- "coveralls[_-]token(=| =|:| :)"
- "coveralls[_-]repo[_-]token(=| =|:| :)"
- "coveralls[_-]api[_-]token(=| =|:| :)"
- "cos[_-]secrets(=| =|:| :)"
- "conversation[_-]username(=| =|:| :)"
- "conversation[_-]password(=| =|:| :)"
- "contentful[_-]v2[_-]access[_-]token(=| =|:| :)"
- "contentful[_-]test[_-]org[_-]cma[_-]token(=| =|:| :)"
- "contentful[_-]php[_-]management[_-]test[_-]token(=| =|:| :)"
- "contentful[_-]management[_-]api[_-]access[_-]token[_-]new(=| =|:| :)"
- "contentful[_-]management[_-]api[_-]access[_-]token(=| =|:| :)"
- "contentful[_-]integration[_-]management[_-]token(=| =|:| :)"
- "contentful[_-]cma[_-]test[_-]token(=| =|:| :)"
- "contentful[_-]access[_-]token(=| =|:| :)"
- "consumerkey(=| =|:| :)"
- "consumer[_-]key(=| =|:| :)"
- "conekta[_-]apikey(=| =|:| :)"
- "coding[_-]token(=| =|:| :)"
- "codecov[_-]token(=| =|:| :)"
- "codeclimate[_-]repo[_-]token(=| =|:| :)"
- "codacy[_-]project[_-]token(=| =|:| :)"
- "cocoapods[_-]trunk[_-]token(=| =|:| :)"
- "cocoapods[_-]trunk[_-]email(=| =|:| :)"
- "cn[_-]secret[_-]access[_-]key(=| =|:| :)"
- "cn[_-]access[_-]key[_-]id(=| =|:| :)"
- "clu[_-]ssh[_-]private[_-]key[_-]base64(=| =|:| :)"
- "clu[_-]repo[_-]url(=| =|:| :)"
- "cloudinary[_-]url[_-]staging(=| =|:| :)"
- "cloudinary[_-]url(=| =|:| :)"
- "cloudflare[_-]email(=| =|:| :)"
- "cloudflare[_-]auth[_-]key(=| =|:| :)"
- "cloudflare[_-]auth[_-]email(=| =|:| :)"
- "cloudflare[_-]api[_-]key(=| =|:| :)"
- "cloudant[_-]service[_-]database(=| =|:| :)"
- "cloudant[_-]processed[_-]database(=| =|:| :)"
- "cloudant[_-]password(=| =|:| :)"
- "cloudant[_-]parsed[_-]database(=| =|:| :)"
- "cloudant[_-]order[_-]database(=| =|:| :)"
- "cloudant[_-]instance(=| =|:| :)"
- "cloudant[_-]database(=| =|:| :)"
- "cloudant[_-]audited[_-]database(=| =|:| :)"
- "cloudant[_-]archived[_-]database(=| =|:| :)"
- "cloud[_-]api[_-]key(=| =|:| :)"
- "clojars[_-]password(=| =|:| :)"
- "client[_-]secret(=| =|:| :)"
- "cli[_-]e2e[_-]cma[_-]token(=| =|:| :)"
- "claimr[_-]token(=| =|:| :)"
- "claimr[_-]superuser(=| =|:| :)"
- "claimr[_-]db(=| =|:| :)"
- "claimr[_-]database(=| =|:| :)"
- "ci[_-]user[_-]token(=| =|:| :)"
- "ci[_-]server[_-]name(=| =|:| :)"
- "ci[_-]registry[_-]user(=| =|:| :)"
- "ci[_-]project[_-]url(=| =|:| :)"
- "ci[_-]deploy[_-]password(=| =|:| :)"
- "chrome[_-]refresh[_-]token(=| =|:| :)"
- "chrome[_-]client[_-]secret(=| =|:| :)"
- "cheverny[_-]token(=| =|:| :)"
- "cf[_-]password(=| =|:| :)"
- "certificate[_-]password(=| =|:| :)"
- "censys[_-]secret(=| =|:| :)"
- "cattle[_-]secret[_-]key(=| =|:| :)"
- "cattle[_-]agent[_-]instance[_-]auth(=| =|:| :)"
- "cattle[_-]access[_-]key(=| =|:| :)"
- "cargo[_-]token(=| =|:| :)"
- "cache[_-]s3[_-]secret[_-]key(=| =|:| :)"
- "bx[_-]username(=| =|:| :)"
- "bx[_-]password(=| =|:| :)"
- "bundlesize[_-]github[_-]token(=| =|:| :)"
- "built[_-]branch[_-]deploy[_-]key(=| =|:| :)"
- "bucketeer[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)"
- "bucketeer[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)"
- "browserstack[_-]access[_-]key(=| =|:| :)"
- "browser[_-]stack[_-]access[_-]key(=| =|:| :)"
- "brackets[_-]repo[_-]oauth[_-]token(=| =|:| :)"
- "bluemix[_-]username(=| =|:| :)"
- "bluemix[_-]pwd(=| =|:| :)"
- "bluemix[_-]password(=| =|:| :)"
- "bluemix[_-]pass[_-]prod(=| =|:| :)"
- "bluemix[_-]pass(=| =|:| :)"
- "bluemix[_-]auth(=| =|:| :)"
- "bluemix[_-]api[_-]key(=| =|:| :)"
- "bintraykey(=| =|:| :)"
- "bintray[_-]token(=| =|:| :)"
- "bintray[_-]key(=| =|:| :)"
- "bintray[_-]gpg[_-]password(=| =|:| :)"
- "bintray[_-]apikey(=| =|:| :)"
- "bintray[_-]api[_-]key(=| =|:| :)"
- "b2[_-]bucket(=| =|:| :)"
- "b2[_-]app[_-]key(=| =|:| :)"
- "awssecretkey(=| =|:| :)"
- "awscn[_-]secret[_-]access[_-]key(=| =|:| :)"
- "awscn[_-]access[_-]key[_-]id(=| =|:| :)"
- "awsaccesskeyid(=| =|:| :)"
- "aws[_-]ses[_-]secret[_-]access[_-]key(=| =|:| :)"
- "aws[_-]ses[_-]access[_-]key[_-]id(=| =|:| :)"
- "aws[_-]secrets(=| =|:| :)"
- "aws[_-]secret[_-]key(=| =|:| :)"
- "aws[_-]secret[_-]access[_-]key(=| =|:| :)"
- "aws[_-]secret(=| =|:| :)"
- "aws[_-]key(=| =|:| :)"
- "aws[_-]config[_-]secretaccesskey(=| =|:| :)"
- "aws[_-]config[_-]accesskeyid(=| =|:| :)"
- "aws[_-]access[_-]key[_-]id(=| =|:| :)"
- "aws[_-]access[_-]key(=| =|:| :)"
- "aws[_-]access(=| =|:| :)"
- "author[_-]npm[_-]api[_-]key(=| =|:| :)"
- "author[_-]email[_-]addr(=| =|:| :)"
- "auth0[_-]client[_-]secret(=| =|:| :)"
- "auth0[_-]api[_-]clientsecret(=| =|:| :)"
- "auth[_-]token(=| =|:| :)"
- "assistant[_-]iam[_-]apikey(=| =|:| :)"
- "artifacts[_-]secret(=| =|:| :)"
- "artifacts[_-]key(=| =|:| :)"
- "artifacts[_-]bucket(=| =|:| :)"
- "artifacts[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)"
- "artifacts[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)"
- "artifactory[_-]key(=| =|:| :)"
- "argos[_-]token(=| =|:| :)"
- "apple[_-]id[_-]password(=| =|:| :)"
- "appclientsecret(=| =|:| :)"
- "app[_-]token(=| =|:| :)"
- "app[_-]secrete(=| =|:| :)"
- "app[_-]report[_-]token[_-]key(=| =|:| :)"
- "app[_-]bucket[_-]perm(=| =|:| :)"
- "apigw[_-]access[_-]token(=| =|:| :)"
- "apiary[_-]api[_-]key(=| =|:| :)"
- "api[_-]secret(=| =|:| :)"
- "api[_-]key[_-]sid(=| =|:| :)"
- "api[_-]key[_-]secret(=| =|:| :)"
- "api[_-]key(=| =|:| :)"
- "aos[_-]sec(=| =|:| :)"
- "aos[_-]key(=| =|:| :)"
- "ansible[_-]vault[_-]password(=| =|:| :)"
- "android[_-]docs[_-]deploy[_-]token(=| =|:| :)"
- "anaconda[_-]token(=| =|:| :)"
- "amazon[_-]secret[_-]access[_-]key(=| =|:| :)"
- "amazon[_-]bucket[_-]name(=| =|:| :)"
- "alicloud[_-]secret[_-]key(=| =|:| :)"
- "alicloud[_-]access[_-]key(=| =|:| :)"
- "alias[_-]pass(=| =|:| :)"
- "algolia[_-]search[_-]key[_-]1(=| =|:| :)"
- "algolia[_-]search[_-]key(=| =|:| :)"
- "algolia[_-]search[_-]api[_-]key(=| =|:| :)"
- "algolia[_-]api[_-]key[_-]search(=| =|:| :)"
- "algolia[_-]api[_-]key[_-]mcm(=| =|:| :)"
- "algolia[_-]api[_-]key(=| =|:| :)"
- "algolia[_-]admin[_-]key[_-]mcm(=| =|:| :)"
- "algolia[_-]admin[_-]key[_-]2(=| =|:| :)"
- "algolia[_-]admin[_-]key[_-]1(=| =|:| :)"
- "adzerk[_-]api[_-]key(=| =|:| :)"
- "admin[_-]email(=| =|:| :)"
- "account[_-]sid(=| =|:| :)"
- "access[_-]token(=| =|:| :)"
- "access[_-]secret(=| =|:| :)"
- "access[_-]key[_-]secret(=| =|:| :)"

View File

@ -10,13 +10,6 @@ requests:
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "AIza[0-9A-Za-z\\-_]{35}"
extractors:
- type: regex
part: body

View File

@ -8,14 +8,7 @@ info:
requests:
- method: GET
path:
- "{{BaseURL}}/"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "[0-9a-f]{32}-us[0-9]{1,2}"
- "{{BaseURL}}"
extractors:
- type: regex

View File

@ -13,14 +13,6 @@ requests:
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "xoxp-[0-9A-Za-z\\-]{72}" # Person
- "xoxb-[0-9A-Za-z\\-]{51}" # Bot
extractors:
- type: regex
part: body