From e71f1be03ee0b2a2eb2d7eb9141a3e8df95c4e0b Mon Sep 17 00:00:00 2001 From: bauthard <8293321+bauthard@users.noreply.github.com> Date: Tue, 25 Aug 2020 19:31:54 +0530 Subject: [PATCH] added description and details. removed matcher part, as extractors can be used without matchers as well. --- tokens/credentials-disclosure.yaml | 697 +---------------------------- 1 file changed, 3 insertions(+), 694 deletions(-) diff --git a/tokens/credentials-disclosure.yaml b/tokens/credentials-disclosure.yaml index d5d250ba51..e6bfeff230 100644 --- a/tokens/credentials-disclosure.yaml +++ b/tokens/credentials-disclosure.yaml @@ -1,710 +1,19 @@ -id: Credentials Disclosure +id: credentials-disclosure # Extract secrets regex like api keys, password, token, etc ... for different services +# Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue. info: name: Credentials Disclosure Check author: Sy3Omda severity: medium + description: Look for multiple keys/tokens/passwords in the page response. requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - "zopim[_-]account[_-]key(=| =|:| :)" - - "zhuliang[_-]gh[_-]token(=| =|:| :)" - - "zensonatypepassword(=| =|:| :)" - - "zendesk[_-]travis[_-]github(=| =|:| :)" - - "yt[_-]server[_-]api[_-]key(=| =|:| :)" - - "yt[_-]partner[_-]refresh[_-]token(=| =|:| :)" - - "yt[_-]partner[_-]client[_-]secret(=| =|:| :)" - - "yt[_-]client[_-]secret(=| =|:| :)" - - "yt[_-]api[_-]key(=| =|:| :)" - - "yt[_-]account[_-]refresh[_-]token(=| =|:| :)" - - "yt[_-]account[_-]client[_-]secret(=| =|:| :)" - - "yangshun[_-]gh[_-]token(=| =|:| :)" - - "yangshun[_-]gh[_-]password(=| =|:| :)" - - "www[_-]googleapis[_-]com(=| =|:| :)" - - "wpt[_-]ssh[_-]private[_-]key[_-]base64(=| =|:| :)" - - "wpt[_-]ssh[_-]connect(=| =|:| :)" - - "wpt[_-]report[_-]api[_-]key(=| =|:| :)" - - "wpt[_-]prepare[_-]dir(=| =|:| :)" - - "wpt[_-]db[_-]user(=| =|:| :)" - - "wpt[_-]db[_-]password(=| =|:| :)" - - "wporg[_-]password(=| =|:| :)" - - "wpjm[_-]phpunit[_-]google[_-]geocode[_-]api[_-]key(=| =|:| :)" - - "wordpress[_-]db[_-]user(=| =|:| :)" - - "wordpress[_-]db[_-]password(=| =|:| :)" - - "wincert[_-]password(=| =|:| :)" - - "widget[_-]test[_-]server(=| =|:| :)" - - "widget[_-]fb[_-]password[_-]3(=| =|:| :)" - - "widget[_-]fb[_-]password[_-]2(=| =|:| :)" - - "widget[_-]fb[_-]password(=| =|:| :)" - - "widget[_-]basic[_-]password[_-]5(=| =|:| :)" - - "widget[_-]basic[_-]password[_-]4(=| =|:| :)" - - "widget[_-]basic[_-]password[_-]3(=| =|:| :)" - - "widget[_-]basic[_-]password[_-]2(=| =|:| :)" - - "widget[_-]basic[_-]password(=| =|:| :)" - - "watson[_-]password(=| =|:| :)" - - "watson[_-]device[_-]password(=| =|:| :)" - - "watson[_-]conversation[_-]password(=| =|:| :)" - - "wakatime[_-]api[_-]key(=| =|:| :)" - - "vscetoken(=| =|:| :)" - - "visual[_-]recognition[_-]api[_-]key(=| =|:| :)" - - "virustotal[_-]apikey(=| =|:| :)" - - "vip[_-]github[_-]deploy[_-]key[_-]pass(=| =|:| :)" - - "vip[_-]github[_-]deploy[_-]key(=| =|:| :)" - - "vip[_-]github[_-]build[_-]repo[_-]deploy[_-]key(=| =|:| :)" - - "v[_-]sfdc[_-]password(=| =|:| :)" - - "v[_-]sfdc[_-]client[_-]secret(=| =|:| :)" - - "usertravis(=| =|:| :)" - - "user[_-]assets[_-]secret[_-]access[_-]key(=| =|:| :)" - - "user[_-]assets[_-]access[_-]key[_-]id(=| =|:| :)" - - "use[_-]ssh(=| =|:| :)" - - "us[_-]east[_-]1[_-]elb[_-]amazonaws[_-]com(=| =|:| :)" - - "urban[_-]secret(=| =|:| :)" - - "urban[_-]master[_-]secret(=| =|:| :)" - - "urban[_-]key(=| =|:| :)" - - "unity[_-]serial(=| =|:| :)" - - "unity[_-]password(=| =|:| :)" - - "twitteroauthaccesstoken(=| =|:| :)" - - "twitteroauthaccesssecret(=| =|:| :)" - - "twitter[_-]consumer[_-]secret(=| =|:| :)" - - "twitter[_-]consumer[_-]key(=| =|:| :)" - - "twine[_-]password(=| =|:| :)" - - "twilio[_-]token(=| =|:| :)" - - "twilio[_-]sid(=| =|:| :)" - - "twilio[_-]configuration[_-]sid(=| =|:| :)" - - "twilio[_-]chat[_-]account[_-]api[_-]service(=| =|:| :)" - - "twilio[_-]api[_-]secret(=| =|:| :)" - - "twilio[_-]api[_-]key(=| =|:| :)" - - "trex[_-]okta[_-]client[_-]token(=| =|:| :)" - - "trex[_-]client[_-]token(=| =|:| :)" - - "travis[_-]token(=| =|:| :)" - - "travis[_-]secure[_-]env[_-]vars(=| =|:| :)" - - "travis[_-]pull[_-]request(=| =|:| :)" - - "travis[_-]gh[_-]token(=| =|:| :)" - - "travis[_-]e2e[_-]token(=| =|:| :)" - - "travis[_-]com[_-]token(=| =|:| :)" - - "travis[_-]branch(=| =|:| :)" - - "travis[_-]api[_-]token(=| =|:| :)" - - "travis[_-]access[_-]token(=| =|:| :)" - - "token[_-]core[_-]java(=| =|:| :)" - - "thera[_-]oss[_-]access[_-]key(=| =|:| :)" - - "tester[_-]keys[_-]password(=| =|:| :)" - - "test[_-]test(=| =|:| :)" - - "test[_-]github[_-]token(=| =|:| :)" - - "tesco[_-]api[_-]key(=| =|:| :)" - - "svn[_-]pass(=| =|:| :)" - - "surge[_-]token(=| =|:| :)" - - "surge[_-]login(=| =|:| :)" - - "stripe[_-]public(=| =|:| :)" - - "stripe[_-]private(=| =|:| :)" - - "strip[_-]secret[_-]key(=| =|:| :)" - - "strip[_-]publishable[_-]key(=| =|:| :)" - - "stormpath[_-]api[_-]key[_-]secret(=| =|:| :)" - - "stormpath[_-]api[_-]key[_-]id(=| =|:| :)" - - "starship[_-]auth[_-]token(=| =|:| :)" - - "starship[_-]account[_-]sid(=| =|:| :)" - - "star[_-]test[_-]secret[_-]access[_-]key(=| =|:| :)" - - "star[_-]test[_-]location(=| =|:| :)" - - "star[_-]test[_-]bucket(=| =|:| :)" - - "star[_-]test[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)" - - "staging[_-]base[_-]url[_-]runscope(=| =|:| :)" - - "ssmtp[_-]config(=| =|:| :)" - - "sshpass(=| =|:| :)" - - "srcclr[_-]api[_-]token(=| =|:| :)" - - "square[_-]reader[_-]sdk[_-]repository[_-]password(=| =|:| :)" - - "sqssecretkey(=| =|:| :)" - - "sqsaccesskey(=| =|:| :)" - - "spring[_-]mail[_-]password(=| =|:| :)" - - "spotify[_-]api[_-]client[_-]secret(=| =|:| :)" - - "spotify[_-]api[_-]access[_-]token(=| =|:| :)" - - "spaces[_-]secret[_-]access[_-]key(=| =|:| :)" - - "spaces[_-]access[_-]key[_-]id(=| =|:| :)" - - "soundcloud[_-]password(=| =|:| :)" - - "soundcloud[_-]client[_-]secret(=| =|:| :)" - - "sonatypepassword(=| =|:| :)" - - "sonatype[_-]token[_-]user(=| =|:| :)" - - "sonatype[_-]token[_-]password(=| =|:| :)" - - "sonatype[_-]password(=| =|:| :)" - - "sonatype[_-]pass(=| =|:| :)" - - "sonatype[_-]nexus[_-]password(=| =|:| :)" - - "sonatype[_-]gpg[_-]passphrase(=| =|:| :)" - - "sonatype[_-]gpg[_-]key[_-]name(=| =|:| :)" - - "sonar[_-]token(=| =|:| :)" - - "sonar[_-]project[_-]key(=| =|:| :)" - - "sonar[_-]organization[_-]key(=| =|:| :)" - - "socrata[_-]password(=| =|:| :)" - - "socrata[_-]app[_-]token(=| =|:| :)" - - "snyk[_-]token(=| =|:| :)" - - "snyk[_-]api[_-]token(=| =|:| :)" - - "snoowrap[_-]refresh[_-]token(=| =|:| :)" - - "snoowrap[_-]password(=| =|:| :)" - - "snoowrap[_-]client[_-]secret(=| =|:| :)" - - "slate[_-]user[_-]email(=| =|:| :)" - - "slash[_-]developer[_-]space[_-]key(=| =|:| :)" - - "slash[_-]developer[_-]space(=| =|:| :)" - - "signing[_-]key[_-]sid(=| =|:| :)" - - "signing[_-]key[_-]secret(=| =|:| :)" - - "signing[_-]key[_-]password(=| =|:| :)" - - "signing[_-]key(=| =|:| :)" - - "setsecretkey(=| =|:| :)" - - "setdstsecretkey(=| =|:| :)" - - "setdstaccesskey(=| =|:| :)" - - "ses[_-]secret[_-]key(=| =|:| :)" - - "ses[_-]access[_-]key(=| =|:| :)" - - "service[_-]account[_-]secret(=| =|:| :)" - - "sentry[_-]key(=| =|:| :)" - - "sentry[_-]endpoint(=| =|:| :)" - - "sentry[_-]default[_-]org(=| =|:| :)" - - "sentry[_-]auth[_-]token(=| =|:| :)" - - "sendwithus[_-]key(=| =|:| :)" - - "sendgrid[_-]username(=| =|:| :)" - - "sendgrid[_-]user(=| =|:| :)" - - "sendgrid[_-]password(=| =|:| :)" - - "sendgrid[_-]key(=| =|:| :)" - - "sendgrid[_-]api[_-]key(=| =|:| :)" - - "sendgrid(=| =|:| :)" - - "selion[_-]selenium[_-]host(=| =|:| :)" - - "selion[_-]log[_-]level[_-]dev(=| =|:| :)" - - "segment[_-]api[_-]key(=| =|:| :)" - - "secretkey(=| =|:| :)" - - "secretaccesskey(=| =|:| :)" - - "secret[_-]key[_-]base(=| =|:| :)" - - "secret[_-]9(=| =|:| :)" - - "secret[_-]8(=| =|:| :)" - - "secret[_-]7(=| =|:| :)" - - "secret[_-]6(=| =|:| :)" - - "secret[_-]5(=| =|:| :)" - - "secret[_-]4(=| =|:| :)" - - "secret[_-]3(=| =|:| :)" - - "secret[_-]2(=| =|:| :)" - - "secret[_-]11(=| =|:| :)" - - "secret[_-]10(=| =|:| :)" - - "secret[_-]1(=| =|:| :)" - - "secret[_-]0(=| =|:| :)" - - "sdr[_-]token(=| =|:| :)" - - "scrutinizer[_-]token(=| =|:| :)" - - "sauce[_-]access[_-]key(=| =|:| :)" - - "sandbox[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)" - - "sandbox[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)" - - "sandbox[_-]access[_-]token(=| =|:| :)" - - "salesforce[_-]bulk[_-]test[_-]security[_-]token(=| =|:| :)" - - "salesforce[_-]bulk[_-]test[_-]password(=| =|:| :)" - - "sacloud[_-]api(=| =|:| :)" - - "sacloud[_-]access[_-]token[_-]secret(=| =|:| :)" - - "sacloud[_-]access[_-]token(=| =|:| :)" - - "s3[_-]user[_-]secret(=| =|:| :)" - - "s3[_-]secret[_-]key(=| =|:| :)" - - "s3[_-]secret[_-]assets(=| =|:| :)" - - "s3[_-]secret[_-]app[_-]logs(=| =|:| :)" - - "s3[_-]key[_-]assets(=| =|:| :)" - - "s3[_-]key[_-]app[_-]logs(=| =|:| :)" - - "s3[_-]key(=| =|:| :)" - - "s3[_-]external[_-]3[_-]amazonaws[_-]com(=| =|:| :)" - - "s3[_-]bucket[_-]name[_-]assets(=| =|:| :)" - - "s3[_-]bucket[_-]name[_-]app[_-]logs(=| =|:| :)" - - "s3[_-]access[_-]key[_-]id(=| =|:| :)" - - "s3[_-]access[_-]key(=| =|:| :)" - - "rubygems[_-]auth[_-]token(=| =|:| :)" - - "rtd[_-]store[_-]pass(=| =|:| :)" - - "rtd[_-]key[_-]pass(=| =|:| :)" - - "route53[_-]access[_-]key[_-]id(=| =|:| :)" - - "ropsten[_-]private[_-]key(=| =|:| :)" - - "rinkeby[_-]private[_-]key(=| =|:| :)" - - "rest[_-]api[_-]key(=| =|:| :)" - - "repotoken(=| =|:| :)" - - "reporting[_-]webdav[_-]url(=| =|:| :)" - - "reporting[_-]webdav[_-]pwd(=| =|:| :)" - - "release[_-]token(=| =|:| :)" - - "release[_-]gh[_-]token(=| =|:| :)" - - "registry[_-]secure(=| =|:| :)" - - "registry[_-]pass(=| =|:| :)" - - "refresh[_-]token(=| =|:| :)" - - "rediscloud[_-]url(=| =|:| :)" - - "redis[_-]stunnel[_-]urls(=| =|:| :)" - - "randrmusicapiaccesstoken(=| =|:| :)" - - "rabbitmq[_-]password(=| =|:| :)" - - "quip[_-]token(=| =|:| :)" - - "qiita[_-]token(=| =|:| :)" - - "pypi[_-]passowrd(=| =|:| :)" - - "pushover[_-]token(=| =|:| :)" - - "publish[_-]secret(=| =|:| :)" - - "publish[_-]key(=| =|:| :)" - - "publish[_-]access(=| =|:| :)" - - "project[_-]config(=| =|:| :)" - - "prod[_-]secret[_-]key(=| =|:| :)" - - "prod[_-]password(=| =|:| :)" - - "prod[_-]access[_-]key[_-]id(=| =|:| :)" - - "private[_-]signing[_-]password(=| =|:| :)" - - "pring[_-]mail[_-]username(=| =|:| :)" - - "preferred[_-]username(=| =|:| :)" - - "prebuild[_-]auth(=| =|:| :)" - - "postgresql[_-]pass(=| =|:| :)" - - "postgresql[_-]db(=| =|:| :)" - - "postgres[_-]env[_-]postgres[_-]password(=| =|:| :)" - - "postgres[_-]env[_-]postgres[_-]db(=| =|:| :)" - - "plugin[_-]password(=| =|:| :)" - - "plotly[_-]apikey(=| =|:| :)" - - "places[_-]apikey(=| =|:| :)" - - "places[_-]api[_-]key(=| =|:| :)" - - "pg[_-]host(=| =|:| :)" - - "pg[_-]database(=| =|:| :)" - - "personal[_-]secret(=| =|:| :)" - - "personal[_-]key(=| =|:| :)" - - "percy[_-]token(=| =|:| :)" - - "percy[_-]project(=| =|:| :)" - - "paypal[_-]client[_-]secret(=| =|:| :)" - - "passwordtravis(=| =|:| :)" - - "parse[_-]js[_-]key(=| =|:| :)" - - "pagerduty[_-]apikey(=| =|:| :)" - - "packagecloud[_-]token(=| =|:| :)" - - "ossrh[_-]username(=| =|:| :)" - - "ossrh[_-]secret(=| =|:| :)" - - "ossrh[_-]password(=| =|:| :)" - - "ossrh[_-]pass(=| =|:| :)" - - "ossrh[_-]jira[_-]password(=| =|:| :)" - - "os[_-]password(=| =|:| :)" - - "os[_-]auth[_-]url(=| =|:| :)" - - "org[_-]project[_-]gradle[_-]sonatype[_-]nexus[_-]password(=| =|:| :)" - - "org[_-]gradle[_-]project[_-]sonatype[_-]nexus[_-]password(=| =|:| :)" - - "openwhisk[_-]key(=| =|:| :)" - - "open[_-]whisk[_-]key(=| =|:| :)" - - "onesignal[_-]user[_-]auth[_-]key(=| =|:| :)" - - "onesignal[_-]api[_-]key(=| =|:| :)" - - "omise[_-]skey(=| =|:| :)" - - "omise[_-]pubkey(=| =|:| :)" - - "omise[_-]pkey(=| =|:| :)" - - "omise[_-]key(=| =|:| :)" - - "okta[_-]oauth2[_-]clientsecret(=| =|:| :)" - - "okta[_-]oauth2[_-]client[_-]secret(=| =|:| :)" - - "okta[_-]client[_-]token(=| =|:| :)" - - "ofta[_-]secret(=| =|:| :)" - - "ofta[_-]region(=| =|:| :)" - - "ofta[_-]key(=| =|:| :)" - - "octest[_-]password(=| =|:| :)" - - "octest[_-]app[_-]username(=| =|:| :)" - - "octest[_-]app[_-]password(=| =|:| :)" - - "oc[_-]pass(=| =|:| :)" - - "object[_-]store[_-]creds(=| =|:| :)" - - "object[_-]store[_-]bucket(=| =|:| :)" - - "object[_-]storage[_-]region[_-]name(=| =|:| :)" - - "object[_-]storage[_-]password(=| =|:| :)" - - "oauth[_-]token(=| =|:| :)" - - "numbers[_-]service[_-]pass(=| =|:| :)" - - "nuget[_-]key(=| =|:| :)" - - "nuget[_-]apikey(=| =|:| :)" - - "nuget[_-]api[_-]key(=| =|:| :)" - - "npm[_-]token(=| =|:| :)" - - "npm[_-]secret[_-]key(=| =|:| :)" - - "npm[_-]password(=| =|:| :)" - - "npm[_-]email(=| =|:| :)" - - "npm[_-]auth[_-]token(=| =|:| :)" - - "npm[_-]api[_-]token(=| =|:| :)" - - "npm[_-]api[_-]key(=| =|:| :)" - - "now[_-]token(=| =|:| :)" - - "non[_-]token(=| =|:| :)" - - "node[_-]pre[_-]gyp[_-]secretaccesskey(=| =|:| :)" - - "node[_-]pre[_-]gyp[_-]github[_-]token(=| =|:| :)" - - "node[_-]pre[_-]gyp[_-]accesskeyid(=| =|:| :)" - - "node[_-]env(=| =|:| :)" - - "ngrok[_-]token(=| =|:| :)" - - "ngrok[_-]auth[_-]token(=| =|:| :)" - - "nexuspassword(=| =|:| :)" - - "nexus[_-]password(=| =|:| :)" - - "new[_-]relic[_-]beta[_-]token(=| =|:| :)" - - "netlify[_-]api[_-]key(=| =|:| :)" - - "nativeevents(=| =|:| :)" - - "mysqlsecret(=| =|:| :)" - - "mysqlmasteruser(=| =|:| :)" - - "mysql[_-]username(=| =|:| :)" - - "mysql[_-]user(=| =|:| :)" - - "mysql[_-]root[_-]password(=| =|:| :)" - - "mysql[_-]password(=| =|:| :)" - - "mysql[_-]hostname(=| =|:| :)" - - "mysql[_-]database(=| =|:| :)" - - "my[_-]secret[_-]env(=| =|:| :)" - - "multi[_-]workspace[_-]sid(=| =|:| :)" - - "multi[_-]workflow[_-]sid(=| =|:| :)" - - "multi[_-]disconnect[_-]sid(=| =|:| :)" - - "multi[_-]connect[_-]sid(=| =|:| :)" - - "multi[_-]bob[_-]sid(=| =|:| :)" - - "minio[_-]secret[_-]key(=| =|:| :)" - - "minio[_-]access[_-]key(=| =|:| :)" - - "mile[_-]zero[_-]key(=| =|:| :)" - - "mh[_-]password(=| =|:| :)" - - "mh[_-]apikey(=| =|:| :)" - - "mg[_-]public[_-]api[_-]key(=| =|:| :)" - - "mg[_-]api[_-]key(=| =|:| :)" - - "mapboxaccesstoken(=| =|:| :)" - - "mapbox[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)" - - "mapbox[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)" - - "mapbox[_-]api[_-]token(=| =|:| :)" - - "mapbox[_-]access[_-]token(=| =|:| :)" - - "manifest[_-]app[_-]url(=| =|:| :)" - - "manifest[_-]app[_-]token(=| =|:| :)" - - "mandrill[_-]api[_-]key(=| =|:| :)" - - "managementapiaccesstoken(=| =|:| :)" - - "management[_-]token(=| =|:| :)" - - "manage[_-]secret(=| =|:| :)" - - "manage[_-]key(=| =|:| :)" - - "mailgun[_-]secret[_-]api[_-]key(=| =|:| :)" - - "mailgun[_-]pub[_-]key(=| =|:| :)" - - "mailgun[_-]pub[_-]apikey(=| =|:| :)" - - "mailgun[_-]priv[_-]key(=| =|:| :)" - - "mailgun[_-]password(=| =|:| :)" - - "mailgun[_-]apikey(=| =|:| :)" - - "mailgun[_-]api[_-]key(=| =|:| :)" - - "mailer[_-]password(=| =|:| :)" - - "mailchimp[_-]key(=| =|:| :)" - - "mailchimp[_-]api[_-]key(=| =|:| :)" - - "mail[_-]password(=| =|:| :)" - - "magento[_-]password(=| =|:| :)" - - "magento[_-]auth[_-]username (=| =|:| :)" - - "magento[_-]auth[_-]password(=| =|:| :)" - - "lottie[_-]upload[_-]cert[_-]key[_-]store[_-]password(=| =|:| :)" - - "lottie[_-]upload[_-]cert[_-]key[_-]password(=| =|:| :)" - - "lottie[_-]s3[_-]secret[_-]key(=| =|:| :)" - - "lottie[_-]happo[_-]secret[_-]key(=| =|:| :)" - - "lottie[_-]happo[_-]api[_-]key(=| =|:| :)" - - "looker[_-]test[_-]runner[_-]client[_-]secret(=| =|:| :)" - - "ll[_-]shared[_-]key(=| =|:| :)" - - "ll[_-]publish[_-]url(=| =|:| :)" - - "linux[_-]signing[_-]key(=| =|:| :)" - - "linkedin[_-]client[_-]secretor lottie[_-]s3[_-]api[_-]key(=| =|:| :)" - - "lighthouse[_-]api[_-]key(=| =|:| :)" - - "lektor[_-]deploy[_-]username(=| =|:| :)" - - "lektor[_-]deploy[_-]password(=| =|:| :)" - - "leanplum[_-]key(=| =|:| :)" - - "kxoltsn3vogdop92m(=| =|:| :)" - - "kubeconfig(=| =|:| :)" - - "kubecfg[_-]s3[_-]path(=| =|:| :)" - - "kovan[_-]private[_-]key(=| =|:| :)" - - "keystore[_-]pass(=| =|:| :)" - - "kafka[_-]rest[_-]url(=| =|:| :)" - - "kafka[_-]instance[_-]name(=| =|:| :)" - - "kafka[_-]admin[_-]url(=| =|:| :)" - - "jwt[_-]secret(=| =|:| :)" - - "jdbc:mysql(=| =|:| :)" - - "jdbc[_-]host(=| =|:| :)" - - "jdbc[_-]databaseurl(=| =|:| :)" - - "itest[_-]gh[_-]token(=| =|:| :)" - - "ios[_-]docs[_-]deploy[_-]token(=| =|:| :)" - - "internal[_-]secrets(=| =|:| :)" - - "integration[_-]test[_-]appid(=| =|:| :)" - - "integration[_-]test[_-]api[_-]key(=| =|:| :)" - - "index[_-]name(=| =|:| :)" - - "ij[_-]repo[_-]username(=| =|:| :)" - - "ij[_-]repo[_-]password(=| =|:| :)" - - "hub[_-]dxia2[_-]password(=| =|:| :)" - - "homebrew[_-]github[_-]api[_-]token(=| =|:| :)" - - "hockeyapp[_-]token(=| =|:| :)" - - "heroku[_-]token(=| =|:| :)" - - "heroku[_-]email(=| =|:| :)" - - "heroku[_-]api[_-]key(=| =|:| :)" - - "hb[_-]codesign[_-]key[_-]pass(=| =|:| :)" - - "hb[_-]codesign[_-]gpg[_-]pass(=| =|:| :)" - - "hab[_-]key(=| =|:| :)" - - "hab[_-]auth[_-]token(=| =|:| :)" - - "grgit[_-]user(=| =|:| :)" - - "gren[_-]github[_-]token(=| =|:| :)" - - "gradle[_-]signing[_-]password(=| =|:| :)" - - "gradle[_-]signing[_-]key[_-]id(=| =|:| :)" - - "gradle[_-]publish[_-]secret(=| =|:| :)" - - "gradle[_-]publish[_-]key(=| =|:| :)" - - "gpg[_-]secret[_-]keys(=| =|:| :)" - - "gpg[_-]private[_-]key(=| =|:| :)" - - "gpg[_-]passphrase(=| =|:| :)" - - "gpg[_-]ownertrust(=| =|:| :)" - - "gpg[_-]keyname(=| =|:| :)" - - "gpg[_-]key[_-]name(=| =|:| :)" - - "google[_-]private[_-]key(=| =|:| :)" - - "google[_-]maps[_-]api[_-]key(=| =|:| :)" - - "google[_-]client[_-]secret(=| =|:| :)" - - "google[_-]client[_-]id(=| =|:| :)" - - "google[_-]client[_-]email(=| =|:| :)" - - "google[_-]account[_-]type(=| =|:| :)" - - "gogs[_-]password(=| =|:| :)" - - "gitlab[_-]user[_-]email(=| =|:| :)" - - "github[_-]tokens(=| =|:| :)" - - "github[_-]token(=| =|:| :)" - - "github[_-]repo(=| =|:| :)" - - "github[_-]release[_-]token(=| =|:| :)" - - "github[_-]pwd(=| =|:| :)" - - "github[_-]password(=| =|:| :)" - - "github[_-]oauth[_-]token(=| =|:| :)" - - "github[_-]oauth(=| =|:| :)" - - "github[_-]key(=| =|:| :)" - - "github[_-]hunter[_-]username(=| =|:| :)" - - "github[_-]hunter[_-]token(=| =|:| :)" - - "github[_-]deployment[_-]token(=| =|:| :)" - - "github[_-]deploy[_-]hb[_-]doc[_-]pass(=| =|:| :)" - - "github[_-]client[_-]secret(=| =|:| :)" - - "github[_-]auth[_-]token(=| =|:| :)" - - "github[_-]auth(=| =|:| :)" - - "github[_-]api[_-]token(=| =|:| :)" - - "github[_-]api[_-]key(=| =|:| :)" - - "github[_-]access[_-]token(=| =|:| :)" - - "git[_-]token(=| =|:| :)" - - "git[_-]name(=| =|:| :)" - - "git[_-]email(=| =|:| :)" - - "git[_-]committer[_-]name(=| =|:| :)" - - "git[_-]committer[_-]email(=| =|:| :)" - - "git[_-]author[_-]name(=| =|:| :)" - - "git[_-]author[_-]email(=| =|:| :)" - - "ghost[_-]api[_-]key(=| =|:| :)" - - "ghb[_-]token(=| =|:| :)" - - "gh[_-]unstable[_-]oauth[_-]client[_-]secret(=| =|:| :)" - - "gh[_-]token(=| =|:| :)" - - "gh[_-]repo[_-]token(=| =|:| :)" - - "gh[_-]oauth[_-]token(=| =|:| :)" - - "gh[_-]oauth[_-]client[_-]secret(=| =|:| :)" - - "gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]secret(=| =|:| :)" - - "gh[_-]next[_-]unstable[_-]oauth[_-]client[_-]id(=| =|:| :)" - - "gh[_-]next[_-]oauth[_-]client[_-]secret(=| =|:| :)" - - "gh[_-]email(=| =|:| :)" - - "gh[_-]api[_-]key(=| =|:| :)" - - "gcs[_-]bucket(=| =|:| :)" - - "gcr[_-]password(=| =|:| :)" - - "gcloud[_-]service[_-]key(=| =|:| :)" - - "gcloud[_-]project(=| =|:| :)" - - "gcloud[_-]bucket(=| =|:| :)" - - "ftp[_-]username(=| =|:| :)" - - "ftp[_-]user(=| =|:| :)" - - "ftp[_-]pw(=| =|:| :)" - - "ftp[_-]password(=| =|:| :)" - - "ftp[_-]login(=| =|:| :)" - - "ftp[_-]host(=| =|:| :)" - - "fossa[_-]api[_-]key(=| =|:| :)" - - "flickr[_-]api[_-]secret(=| =|:| :)" - - "flickr[_-]api[_-]key(=| =|:| :)" - - "flask[_-]secret[_-]key(=| =|:| :)" - - "firefox[_-]secret(=| =|:| :)" - - "firebase[_-]token(=| =|:| :)" - - "firebase[_-]project[_-]develop(=| =|:| :)" - - "firebase[_-]key(=| =|:| :)" - - "firebase[_-]api[_-]token(=| =|:| :)" - - "firebase[_-]api[_-]json(=| =|:| :)" - - "file[_-]password(=| =|:| :)" - - "exp[_-]password(=| =|:| :)" - - "eureka[_-]awssecretkey(=| =|:| :)" - - "env[_-]sonatype[_-]password(=| =|:| :)" - - "env[_-]secret[_-]access[_-]key(=| =|:| :)" - - "env[_-]secret(=| =|:| :)" - - "env[_-]key(=| =|:| :)" - - "env[_-]heroku[_-]api[_-]key(=| =|:| :)" - - "env[_-]github[_-]oauth[_-]token(=| =|:| :)" - - "end[_-]user[_-]password(=| =|:| :)" - - "encryption[_-]password(=| =|:| :)" - - "elasticsearch[_-]password(=| =|:| :)" - - "elastic[_-]cloud[_-]auth(=| =|:| :)" - - "dsonar[_-]projectkey(=| =|:| :)" - - "dsonar[_-]login(=| =|:| :)" - - "droplet[_-]travis[_-]password(=| =|:| :)" - - "dropbox[_-]oauth[_-]bearer(=| =|:| :)" - - "doordash[_-]auth[_-]token(=| =|:| :)" - - "dockerhubpassword(=| =|:| :)" - - "dockerhub[_-]password(=| =|:| :)" - - "docker[_-]token(=| =|:| :)" - - "docker[_-]postgres[_-]url(=| =|:| :)" - - "docker[_-]password(=| =|:| :)" - - "docker[_-]passwd(=| =|:| :)" - - "docker[_-]pass(=| =|:| :)" - - "docker[_-]key(=| =|:| :)" - - "docker[_-]hub[_-]password(=| =|:| :)" - - "digitalocean[_-]ssh[_-]key[_-]ids(=| =|:| :)" - - "digitalocean[_-]ssh[_-]key[_-]body(=| =|:| :)" - - "digitalocean[_-]access[_-]token(=| =|:| :)" - - "dgpg[_-]passphrase(=| =|:| :)" - - "deploy[_-]user(=| =|:| :)" - - "deploy[_-]token(=| =|:| :)" - - "deploy[_-]secure(=| =|:| :)" - - "deploy[_-]password(=| =|:| :)" - - "ddgc[_-]github[_-]token(=| =|:| :)" - - "ddg[_-]test[_-]email[_-]pw(=| =|:| :)" - - "ddg[_-]test[_-]email(=| =|:| :)" - - "db[_-]username(=| =|:| :)" - - "db[_-]user(=| =|:| :)" - - "db[_-]pw(=| =|:| :)" - - "db[_-]password(=| =|:| :)" - - "db[_-]host(=| =|:| :)" - - "db[_-]database(=| =|:| :)" - - "db[_-]connection(=| =|:| :)" - - "datadog[_-]app[_-]key(=| =|:| :)" - - "datadog[_-]api[_-]key(=| =|:| :)" - - "database[_-]username(=| =|:| :)" - - "database[_-]user(=| =|:| :)" - - "database[_-]port(=| =|:| :)" - - "database[_-]password(=| =|:| :)" - - "database[_-]name(=| =|:| :)" - - "database[_-]host(=| =|:| :)" - - "danger[_-]github[_-]api[_-]token(=| =|:| :)" - - "cypress[_-]record[_-]key(=| =|:| :)" - - "coverity[_-]scan[_-]token(=| =|:| :)" - - "coveralls[_-]token(=| =|:| :)" - - "coveralls[_-]repo[_-]token(=| =|:| :)" - - "coveralls[_-]api[_-]token(=| =|:| :)" - - "cos[_-]secrets(=| =|:| :)" - - "conversation[_-]username(=| =|:| :)" - - "conversation[_-]password(=| =|:| :)" - - "contentful[_-]v2[_-]access[_-]token(=| =|:| :)" - - "contentful[_-]test[_-]org[_-]cma[_-]token(=| =|:| :)" - - "contentful[_-]php[_-]management[_-]test[_-]token(=| =|:| :)" - - "contentful[_-]management[_-]api[_-]access[_-]token[_-]new(=| =|:| :)" - - "contentful[_-]management[_-]api[_-]access[_-]token(=| =|:| :)" - - "contentful[_-]integration[_-]management[_-]token(=| =|:| :)" - - "contentful[_-]cma[_-]test[_-]token(=| =|:| :)" - - "contentful[_-]access[_-]token(=| =|:| :)" - - "consumerkey(=| =|:| :)" - - "consumer[_-]key(=| =|:| :)" - - "conekta[_-]apikey(=| =|:| :)" - - "coding[_-]token(=| =|:| :)" - - "codecov[_-]token(=| =|:| :)" - - "codeclimate[_-]repo[_-]token(=| =|:| :)" - - "codacy[_-]project[_-]token(=| =|:| :)" - - "cocoapods[_-]trunk[_-]token(=| =|:| :)" - - "cocoapods[_-]trunk[_-]email(=| =|:| :)" - - "cn[_-]secret[_-]access[_-]key(=| =|:| :)" - - "cn[_-]access[_-]key[_-]id(=| =|:| :)" - - "clu[_-]ssh[_-]private[_-]key[_-]base64(=| =|:| :)" - - "clu[_-]repo[_-]url(=| =|:| :)" - - "cloudinary[_-]url[_-]staging(=| =|:| :)" - - "cloudinary[_-]url(=| =|:| :)" - - "cloudflare[_-]email(=| =|:| :)" - - "cloudflare[_-]auth[_-]key(=| =|:| :)" - - "cloudflare[_-]auth[_-]email(=| =|:| :)" - - "cloudflare[_-]api[_-]key(=| =|:| :)" - - "cloudant[_-]service[_-]database(=| =|:| :)" - - "cloudant[_-]processed[_-]database(=| =|:| :)" - - "cloudant[_-]password(=| =|:| :)" - - "cloudant[_-]parsed[_-]database(=| =|:| :)" - - "cloudant[_-]order[_-]database(=| =|:| :)" - - "cloudant[_-]instance(=| =|:| :)" - - "cloudant[_-]database(=| =|:| :)" - - "cloudant[_-]audited[_-]database(=| =|:| :)" - - "cloudant[_-]archived[_-]database(=| =|:| :)" - - "cloud[_-]api[_-]key(=| =|:| :)" - - "clojars[_-]password(=| =|:| :)" - - "client[_-]secret(=| =|:| :)" - - "cli[_-]e2e[_-]cma[_-]token(=| =|:| :)" - - "claimr[_-]token(=| =|:| :)" - - "claimr[_-]superuser(=| =|:| :)" - - "claimr[_-]db(=| =|:| :)" - - "claimr[_-]database(=| =|:| :)" - - "ci[_-]user[_-]token(=| =|:| :)" - - "ci[_-]server[_-]name(=| =|:| :)" - - "ci[_-]registry[_-]user(=| =|:| :)" - - "ci[_-]project[_-]url(=| =|:| :)" - - "ci[_-]deploy[_-]password(=| =|:| :)" - - "chrome[_-]refresh[_-]token(=| =|:| :)" - - "chrome[_-]client[_-]secret(=| =|:| :)" - - "cheverny[_-]token(=| =|:| :)" - - "cf[_-]password(=| =|:| :)" - - "certificate[_-]password(=| =|:| :)" - - "censys[_-]secret(=| =|:| :)" - - "cattle[_-]secret[_-]key(=| =|:| :)" - - "cattle[_-]agent[_-]instance[_-]auth(=| =|:| :)" - - "cattle[_-]access[_-]key(=| =|:| :)" - - "cargo[_-]token(=| =|:| :)" - - "cache[_-]s3[_-]secret[_-]key(=| =|:| :)" - - "bx[_-]username(=| =|:| :)" - - "bx[_-]password(=| =|:| :)" - - "bundlesize[_-]github[_-]token(=| =|:| :)" - - "built[_-]branch[_-]deploy[_-]key(=| =|:| :)" - - "bucketeer[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)" - - "bucketeer[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)" - - "browserstack[_-]access[_-]key(=| =|:| :)" - - "browser[_-]stack[_-]access[_-]key(=| =|:| :)" - - "brackets[_-]repo[_-]oauth[_-]token(=| =|:| :)" - - "bluemix[_-]username(=| =|:| :)" - - "bluemix[_-]pwd(=| =|:| :)" - - "bluemix[_-]password(=| =|:| :)" - - "bluemix[_-]pass[_-]prod(=| =|:| :)" - - "bluemix[_-]pass(=| =|:| :)" - - "bluemix[_-]auth(=| =|:| :)" - - "bluemix[_-]api[_-]key(=| =|:| :)" - - "bintraykey(=| =|:| :)" - - "bintray[_-]token(=| =|:| :)" - - "bintray[_-]key(=| =|:| :)" - - "bintray[_-]gpg[_-]password(=| =|:| :)" - - "bintray[_-]apikey(=| =|:| :)" - - "bintray[_-]api[_-]key(=| =|:| :)" - - "b2[_-]bucket(=| =|:| :)" - - "b2[_-]app[_-]key(=| =|:| :)" - - "awssecretkey(=| =|:| :)" - - "awscn[_-]secret[_-]access[_-]key(=| =|:| :)" - - "awscn[_-]access[_-]key[_-]id(=| =|:| :)" - - "awsaccesskeyid(=| =|:| :)" - - "aws[_-]ses[_-]secret[_-]access[_-]key(=| =|:| :)" - - "aws[_-]ses[_-]access[_-]key[_-]id(=| =|:| :)" - - "aws[_-]secrets(=| =|:| :)" - - "aws[_-]secret[_-]key(=| =|:| :)" - - "aws[_-]secret[_-]access[_-]key(=| =|:| :)" - - "aws[_-]secret(=| =|:| :)" - - "aws[_-]key(=| =|:| :)" - - "aws[_-]config[_-]secretaccesskey(=| =|:| :)" - - "aws[_-]config[_-]accesskeyid(=| =|:| :)" - - "aws[_-]access[_-]key[_-]id(=| =|:| :)" - - "aws[_-]access[_-]key(=| =|:| :)" - - "aws[_-]access(=| =|:| :)" - - "author[_-]npm[_-]api[_-]key(=| =|:| :)" - - "author[_-]email[_-]addr(=| =|:| :)" - - "auth0[_-]client[_-]secret(=| =|:| :)" - - "auth0[_-]api[_-]clientsecret(=| =|:| :)" - - "auth[_-]token(=| =|:| :)" - - "assistant[_-]iam[_-]apikey(=| =|:| :)" - - "artifacts[_-]secret(=| =|:| :)" - - "artifacts[_-]key(=| =|:| :)" - - "artifacts[_-]bucket(=| =|:| :)" - - "artifacts[_-]aws[_-]secret[_-]access[_-]key(=| =|:| :)" - - "artifacts[_-]aws[_-]access[_-]key[_-]id(=| =|:| :)" - - "artifactory[_-]key(=| =|:| :)" - - "argos[_-]token(=| =|:| :)" - - "apple[_-]id[_-]password(=| =|:| :)" - - "appclientsecret(=| =|:| :)" - - "app[_-]token(=| =|:| :)" - - "app[_-]secrete(=| =|:| :)" - - "app[_-]report[_-]token[_-]key(=| =|:| :)" - - "app[_-]bucket[_-]perm(=| =|:| :)" - - "apigw[_-]access[_-]token(=| =|:| :)" - - "apiary[_-]api[_-]key(=| =|:| :)" - - "api[_-]secret(=| =|:| :)" - - "api[_-]key[_-]sid(=| =|:| :)" - - "api[_-]key[_-]secret(=| =|:| :)" - - "api[_-]key(=| =|:| :)" - - "aos[_-]sec(=| =|:| :)" - - "aos[_-]key(=| =|:| :)" - - "ansible[_-]vault[_-]password(=| =|:| :)" - - "android[_-]docs[_-]deploy[_-]token(=| =|:| :)" - - "anaconda[_-]token(=| =|:| :)" - - "amazon[_-]secret[_-]access[_-]key(=| =|:| :)" - - "amazon[_-]bucket[_-]name(=| =|:| :)" - - "alicloud[_-]secret[_-]key(=| =|:| :)" - - "alicloud[_-]access[_-]key(=| =|:| :)" - - "alias[_-]pass(=| =|:| :)" - - "algolia[_-]search[_-]key[_-]1(=| =|:| :)" - - "algolia[_-]search[_-]key(=| =|:| :)" - - "algolia[_-]search[_-]api[_-]key(=| =|:| :)" - - "algolia[_-]api[_-]key[_-]search(=| =|:| :)" - - "algolia[_-]api[_-]key[_-]mcm(=| =|:| :)" - - "algolia[_-]api[_-]key(=| =|:| :)" - - "algolia[_-]admin[_-]key[_-]mcm(=| =|:| :)" - - "algolia[_-]admin[_-]key[_-]2(=| =|:| :)" - - "algolia[_-]admin[_-]key[_-]1(=| =|:| :)" - - "adzerk[_-]api[_-]key(=| =|:| :)" - - "admin[_-]email(=| =|:| :)" - - "account[_-]sid(=| =|:| :)" - - "access[_-]token(=| =|:| :)" - - "access[_-]secret(=| =|:| :)" - - "access[_-]key[_-]secret(=| =|:| :)" - extractors: - type: regex part: body