nuclei-templates/tokens/credentials-disclosure.yaml

id: credentials-disclosure

# Extract secrets regex like api keys, password, token, etc ... for different services
# Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue.
# Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
# Regex count:- 687

info:
  name: Credentials Disclosure Check
  author: Sy3Omda
  severity: medium
  description: Look for multiple keys/tokens/passwords in the page response.

requests:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - "zopim[_-]?account[_-]?key(=| =|:| :)"
          - "zhuliang[_-]?gh[_-]?token(=| =|:| :)"
          - "zensonatypepassword(=| =|:| :)"
          - "zendesk[_-]?travis[_-]?github(=| =|:| :)"
          - "yt[_-]?server[_-]?api[_-]?key(=| =|:| :)"
          - "yt[_-]?partner[_-]?refresh[_-]?token(=| =|:| :)"
          - "yt[_-]?partner[_-]?client[_-]?secret(=| =|:| :)"
          - "yt[_-]?client[_-]?secret(=| =|:| :)"
          - "yt[_-]?api[_-]?key(=| =|:| :)"
          - "yt[_-]?account[_-]?refresh[_-]?token(=| =|:| :)"
          - "yt[_-]?account[_-]?client[_-]?secret(=| =|:| :)"
          - "yangshun[_-]?gh[_-]?token(=| =|:| :)"
          - "yangshun[_-]?gh[_-]?password(=| =|:| :)"
          - "www[_-]?googleapis[_-]?com(=| =|:| :)"
          - "wpt[_-]?ssh[_-]?private[_-]?key[_-]?base64(=| =|:| :)"
          - "wpt[_-]?ssh[_-]?connect(=| =|:| :)"
          - "wpt[_-]?report[_-]?api[_-]?key(=| =|:| :)"
          - "wpt[_-]?prepare[_-]?dir(=| =|:| :)"
          - "wpt[_-]?db[_-]?user(=| =|:| :)"
          - "wpt[_-]?db[_-]?password(=| =|:| :)"
          - "wporg[_-]?password(=| =|:| :)"
          - "wpjm[_-]?phpunit[_-]?google[_-]?geocode[_-]?api[_-]?key(=| =|:| :)"
          - "wordpress[_-]?db[_-]?user(=| =|:| :)"
          - "wordpress[_-]?db[_-]?password(=| =|:| :)"
          - "wincert[_-]?password(=| =|:| :)"
          - "widget[_-]?test[_-]?server(=| =|:| :)"
          - "widget[_-]?fb[_-]?password[_-]?3(=| =|:| :)"
          - "widget[_-]?fb[_-]?password[_-]?2(=| =|:| :)"
          - "widget[_-]?fb[_-]?password(=| =|:| :)"
          - "widget[_-]?basic[_-]?password[_-]?5(=| =|:| :)"
          - "widget[_-]?basic[_-]?password[_-]?4(=| =|:| :)"
          - "widget[_-]?basic[_-]?password[_-]?3(=| =|:| :)"
          - "widget[_-]?basic[_-]?password[_-]?2(=| =|:| :)"
          - "widget[_-]?basic[_-]?password(=| =|:| :)"
          - "watson[_-]?password(=| =|:| :)"
          - "watson[_-]?device[_-]?password(=| =|:| :)"
          - "watson[_-]?conversation[_-]?password(=| =|:| :)"
          - "wakatime[_-]?api[_-]?key(=| =|:| :)"
          - "vscetoken(=| =|:| :)"
          - "visual[_-]?recognition[_-]?api[_-]?key(=| =|:| :)"
          - "virustotal[_-]?apikey(=| =|:| :)"
          - "vip[_-]?github[_-]?deploy[_-]?key[_-]?pass(=| =|:| :)"
          - "vip[_-]?github[_-]?deploy[_-]?key(=| =|:| :)"
          - "vip[_-]?github[_-]?build[_-]?repo[_-]?deploy[_-]?key(=| =|:| :)"
          - "v[_-]?sfdc[_-]?password(=| =|:| :)"
          - "v[_-]?sfdc[_-]?client[_-]?secret(=| =|:| :)"
          - "usertravis(=| =|:| :)"
          - "user[_-]?assets[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "user[_-]?assets[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "use[_-]?ssh(=| =|:| :)"
          - "us[_-]?east[_-]?1[_-]?elb[_-]?amazonaws[_-]?com(=| =|:| :)"
          - "urban[_-]?secret(=| =|:| :)"
          - "urban[_-]?master[_-]?secret(=| =|:| :)"
          - "urban[_-]?key(=| =|:| :)"
          - "unity[_-]?serial(=| =|:| :)"
          - "unity[_-]?password(=| =|:| :)"
          - "twitteroauthaccesstoken(=| =|:| :)"
          - "twitteroauthaccesssecret(=| =|:| :)"
          - "twitter[_-]?consumer[_-]?secret(=| =|:| :)"
          - "twitter[_-]?consumer[_-]?key(=| =|:| :)"
          - "twine[_-]?password(=| =|:| :)"
          - "twilio[_-]?token(=| =|:| :)"
          - "twilio[_-]?sid(=| =|:| :)"
          - "twilio[_-]?configuration[_-]?sid(=| =|:| :)"
          - "twilio[_-]?chat[_-]?account[_-]?api[_-]?service(=| =|:| :)"
          - "twilio[_-]?api[_-]?secret(=| =|:| :)"
          - "twilio[_-]?api[_-]?key(=| =|:| :)"
          - "trex[_-]?okta[_-]?client[_-]?token(=| =|:| :)"
          - "trex[_-]?client[_-]?token(=| =|:| :)"
          - "travis[_-]?token(=| =|:| :)"
          - "travis[_-]?secure[_-]?env[_-]?vars(=| =|:| :)"
          - "travis[_-]?pull[_-]?request(=| =|:| :)"
          - "travis[_-]?gh[_-]?token(=| =|:| :)"
          - "travis[_-]?e2e[_-]?token(=| =|:| :)"
          - "travis[_-]?com[_-]?token(=| =|:| :)"
          - "travis[_-]?branch(=| =|:| :)"
          - "travis[_-]?api[_-]?token(=| =|:| :)"
          - "travis[_-]?access[_-]?token(=| =|:| :)"
          - "token[_-]?core[_-]?java(=| =|:| :)"
          - "thera[_-]?oss[_-]?access[_-]?key(=| =|:| :)"
          - "tester[_-]?keys[_-]?password(=| =|:| :)"
          - "test[_-]?test(=| =|:| :)"
          - "test[_-]?github[_-]?token(=| =|:| :)"
          - "tesco[_-]?api[_-]?key(=| =|:| :)"
          - "svn[_-]?pass(=| =|:| :)"
          - "surge[_-]?token(=| =|:| :)"
          - "surge[_-]?login(=| =|:| :)"
          - "stripe[_-]?public(=| =|:| :)"
          - "stripe[_-]?private(=| =|:| :)"
          - "strip[_-]?secret[_-]?key(=| =|:| :)"
          - "strip[_-]?publishable[_-]?key(=| =|:| :)"
          - "stormpath[_-]?api[_-]?key[_-]?secret(=| =|:| :)"
          - "stormpath[_-]?api[_-]?key[_-]?id(=| =|:| :)"
          - "starship[_-]?auth[_-]?token(=| =|:| :)"
          - "starship[_-]?account[_-]?sid(=| =|:| :)"
          - "star[_-]?test[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "star[_-]?test[_-]?location(=| =|:| :)"
          - "star[_-]?test[_-]?bucket(=| =|:| :)"
          - "star[_-]?test[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "staging[_-]?base[_-]?url[_-]?runscope(=| =|:| :)"
          - "ssmtp[_-]?config(=| =|:| :)"
          - "sshpass(=| =|:| :)"
          - "srcclr[_-]?api[_-]?token(=| =|:| :)"
          - "square[_-]?reader[_-]?sdk[_-]?repository[_-]?password(=| =|:| :)"
          - "sqssecretkey(=| =|:| :)"
          - "sqsaccesskey(=| =|:| :)"
          - "spring[_-]?mail[_-]?password(=| =|:| :)"
          - "spotify[_-]?api[_-]?client[_-]?secret(=| =|:| :)"
          - "spotify[_-]?api[_-]?access[_-]?token(=| =|:| :)"
          - "spaces[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "spaces[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "soundcloud[_-]?password(=| =|:| :)"
          - "soundcloud[_-]?client[_-]?secret(=| =|:| :)"
          - "sonatypepassword(=| =|:| :)"
          - "sonatype[_-]?token[_-]?user(=| =|:| :)"
          - "sonatype[_-]?token[_-]?password(=| =|:| :)"
          - "sonatype[_-]?password(=| =|:| :)"
          - "sonatype[_-]?pass(=| =|:| :)"
          - "sonatype[_-]?nexus[_-]?password(=| =|:| :)"
          - "sonatype[_-]?gpg[_-]?passphrase(=| =|:| :)"
          - "sonatype[_-]?gpg[_-]?key[_-]?name(=| =|:| :)"
          - "sonar[_-]?token(=| =|:| :)"
          - "sonar[_-]?project[_-]?key(=| =|:| :)"
          - "sonar[_-]?organization[_-]?key(=| =|:| :)"
          - "socrata[_-]?password(=| =|:| :)"
          - "socrata[_-]?app[_-]?token(=| =|:| :)"
          - "snyk[_-]?token(=| =|:| :)"
          - "snyk[_-]?api[_-]?token(=| =|:| :)"
          - "snoowrap[_-]?refresh[_-]?token(=| =|:| :)"
          - "snoowrap[_-]?password(=| =|:| :)"
          - "snoowrap[_-]?client[_-]?secret(=| =|:| :)"
          - "slate[_-]?user[_-]?email(=| =|:| :)"
          - "slash[_-]?developer[_-]?space[_-]?key(=| =|:| :)"
          - "slash[_-]?developer[_-]?space(=| =|:| :)"
          - "signing[_-]?key[_-]?sid(=| =|:| :)"
          - "signing[_-]?key[_-]?secret(=| =|:| :)"
          - "signing[_-]?key[_-]?password(=| =|:| :)"
          - "signing[_-]?key(=| =|:| :)"
          - "setsecretkey(=| =|:| :)"
          - "setdstsecretkey(=| =|:| :)"
          - "setdstaccesskey(=| =|:| :)"
          - "ses[_-]?secret[_-]?key(=| =|:| :)"
          - "ses[_-]?access[_-]?key(=| =|:| :)"
          - "service[_-]?account[_-]?secret(=| =|:| :)"
          - "sentry[_-]?key(=| =|:| :)"
          - "sentry[_-]?endpoint(=| =|:| :)"
          - "sentry[_-]?default[_-]?org(=| =|:| :)"
          - "sentry[_-]?auth[_-]?token(=| =|:| :)"
          - "sendwithus[_-]?key(=| =|:| :)"
          - "sendgrid[_-]?username(=| =|:| :)"
          - "sendgrid[_-]?user(=| =|:| :)"
          - "sendgrid[_-]?password(=| =|:| :)"
          - "sendgrid[_-]?key(=| =|:| :)"
          - "sendgrid[_-]?api[_-]?key(=| =|:| :)"
          - "sendgrid(=| =|:| :)"
          - "selion[_-]?selenium[_-]?host(=| =|:| :)"
          - "selion[_-]?log[_-]?level[_-]?dev(=| =|:| :)"
          - "segment[_-]?api[_-]?key(=| =|:| :)"
          - "secretkey(=| =|:| :)"
          - "secretaccesskey(=| =|:| :)"
          - "secret[_-]?key[_-]?base(=| =|:| :)"
          - "secret[_-]?9(=| =|:| :)"
          - "secret[_-]?8(=| =|:| :)"
          - "secret[_-]?7(=| =|:| :)"
          - "secret[_-]?6(=| =|:| :)"
          - "secret[_-]?5(=| =|:| :)"
          - "secret[_-]?4(=| =|:| :)"
          - "secret[_-]?3(=| =|:| :)"
          - "secret[_-]?2(=| =|:| :)"
          - "secret[_-]?11(=| =|:| :)"
          - "secret[_-]?10(=| =|:| :)"
          - "secret[_-]?1(=| =|:| :)"
          - "secret[_-]?0(=| =|:| :)"
          - "sdr[_-]?token(=| =|:| :)"
          - "scrutinizer[_-]?token(=| =|:| :)"
          - "sauce[_-]?access[_-]?key(=| =|:| :)"
          - "sandbox[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "sandbox[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "sandbox[_-]?access[_-]?token(=| =|:| :)"
          - "salesforce[_-]?bulk[_-]?test[_-]?security[_-]?token(=| =|:| :)"
          - "salesforce[_-]?bulk[_-]?test[_-]?password(=| =|:| :)"
          - "sacloud[_-]?api(=| =|:| :)"
          - "sacloud[_-]?access[_-]?token[_-]?secret(=| =|:| :)"
          - "sacloud[_-]?access[_-]?token(=| =|:| :)"
          - "s3[_-]?user[_-]?secret(=| =|:| :)"
          - "s3[_-]?secret[_-]?key(=| =|:| :)"
          - "s3[_-]?secret[_-]?assets(=| =|:| :)"
          - "s3[_-]?secret[_-]?app[_-]?logs(=| =|:| :)"
          - "s3[_-]?key[_-]?assets(=| =|:| :)"
          - "s3[_-]?key[_-]?app[_-]?logs(=| =|:| :)"
          - "s3[_-]?key(=| =|:| :)"
          - "s3[_-]?external[_-]?3[_-]?amazonaws[_-]?com(=| =|:| :)"
          - "s3[_-]?bucket[_-]?name[_-]?assets(=| =|:| :)"
          - "s3[_-]?bucket[_-]?name[_-]?app[_-]?logs(=| =|:| :)"
          - "s3[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "s3[_-]?access[_-]?key(=| =|:| :)"
          - "rubygems[_-]?auth[_-]?token(=| =|:| :)"
          - "rtd[_-]?store[_-]?pass(=| =|:| :)"
          - "rtd[_-]?key[_-]?pass(=| =|:| :)"
          - "route53[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "ropsten[_-]?private[_-]?key(=| =|:| :)"
          - "rinkeby[_-]?private[_-]?key(=| =|:| :)"
          - "rest[_-]?api[_-]?key(=| =|:| :)"
          - "repotoken(=| =|:| :)"
          - "reporting[_-]?webdav[_-]?url(=| =|:| :)"
          - "reporting[_-]?webdav[_-]?pwd(=| =|:| :)"
          - "release[_-]?token(=| =|:| :)"
          - "release[_-]?gh[_-]?token(=| =|:| :)"
          - "registry[_-]?secure(=| =|:| :)"
          - "registry[_-]?pass(=| =|:| :)"
          - "refresh[_-]?token(=| =|:| :)"
          - "rediscloud[_-]?url(=| =|:| :)"
          - "redis[_-]?stunnel[_-]?urls(=| =|:| :)"
          - "randrmusicapiaccesstoken(=| =|:| :)"
          - "rabbitmq[_-]?password(=| =|:| :)"
          - "quip[_-]?token(=| =|:| :)"
          - "qiita[_-]?token(=| =|:| :)"
          - "pypi[_-]?passowrd(=| =|:| :)"
          - "pushover[_-]?token(=| =|:| :)"
          - "publish[_-]?secret(=| =|:| :)"
          - "publish[_-]?key(=| =|:| :)"
          - "publish[_-]?access(=| =|:| :)"
          - "project[_-]?config(=| =|:| :)"
          - "prod[_-]?secret[_-]?key(=| =|:| :)"
          - "prod[_-]?password(=| =|:| :)"
          - "prod[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "private[_-]?signing[_-]?password(=| =|:| :)"
          - "pring[_-]?mail[_-]?username(=| =|:| :)"
          - "preferred[_-]?username(=| =|:| :)"
          - "prebuild[_-]?auth(=| =|:| :)"
          - "postgresql[_-]?pass(=| =|:| :)"
          - "postgresql[_-]?db(=| =|:| :)"
          - "postgres[_-]?env[_-]?postgres[_-]?password(=| =|:| :)"
          - "postgres[_-]?env[_-]?postgres[_-]?db(=| =|:| :)"
          - "plugin[_-]?password(=| =|:| :)"
          - "plotly[_-]?apikey(=| =|:| :)"
          - "places[_-]?apikey(=| =|:| :)"
          - "places[_-]?api[_-]?key(=| =|:| :)"
          - "pg[_-]?host(=| =|:| :)"
          - "pg[_-]?database(=| =|:| :)"
          - "personal[_-]?secret(=| =|:| :)"
          - "personal[_-]?key(=| =|:| :)"
          - "percy[_-]?token(=| =|:| :)"
          - "percy[_-]?project(=| =|:| :)"
          - "paypal[_-]?client[_-]?secret(=| =|:| :)"
          - "passwordtravis(=| =|:| :)"
          - "parse[_-]?js[_-]?key(=| =|:| :)"
          - "pagerduty[_-]?apikey(=| =|:| :)"
          - "packagecloud[_-]?token(=| =|:| :)"
          - "ossrh[_-]?username(=| =|:| :)"
          - "ossrh[_-]?secret(=| =|:| :)"
          - "ossrh[_-]?password(=| =|:| :)"
          - "ossrh[_-]?pass(=| =|:| :)"
          - "ossrh[_-]?jira[_-]?password(=| =|:| :)"
          - "os[_-]?password(=| =|:| :)"
          - "os[_-]?auth[_-]?url(=| =|:| :)"
          - "org[_-]?project[_-]?gradle[_-]?sonatype[_-]?nexus[_-]?password(=| =|:| :)"
          - "org[_-]?gradle[_-]?project[_-]?sonatype[_-]?nexus[_-]?password(=| =|:| :)"
          - "openwhisk[_-]?key(=| =|:| :)"
          - "open[_-]?whisk[_-]?key(=| =|:| :)"
          - "onesignal[_-]?user[_-]?auth[_-]?key(=| =|:| :)"
          - "onesignal[_-]?api[_-]?key(=| =|:| :)"
          - "omise[_-]?skey(=| =|:| :)"
          - "omise[_-]?pubkey(=| =|:| :)"
          - "omise[_-]?pkey(=| =|:| :)"
          - "omise[_-]?key(=| =|:| :)"
          - "okta[_-]?oauth2[_-]?clientsecret(=| =|:| :)"
          - "okta[_-]?oauth2[_-]?client[_-]?secret(=| =|:| :)"
          - "okta[_-]?client[_-]?token(=| =|:| :)"
          - "ofta[_-]?secret(=| =|:| :)"
          - "ofta[_-]?region(=| =|:| :)"
          - "ofta[_-]?key(=| =|:| :)"
          - "octest[_-]?password(=| =|:| :)"
          - "octest[_-]?app[_-]?username(=| =|:| :)"
          - "octest[_-]?app[_-]?password(=| =|:| :)"
          - "oc[_-]?pass(=| =|:| :)"
          - "object[_-]?store[_-]?creds(=| =|:| :)"
          - "object[_-]?store[_-]?bucket(=| =|:| :)"
          - "object[_-]?storage[_-]?region[_-]?name(=| =|:| :)"
          - "object[_-]?storage[_-]?password(=| =|:| :)"
          - "oauth[_-]?token(=| =|:| :)"
          - "numbers[_-]?service[_-]?pass(=| =|:| :)"
          - "nuget[_-]?key(=| =|:| :)"
          - "nuget[_-]?apikey(=| =|:| :)"
          - "nuget[_-]?api[_-]?key(=| =|:| :)"
          - "npm[_-]?token(=| =|:| :)"
          - "npm[_-]?secret[_-]?key(=| =|:| :)"
          - "npm[_-]?password(=| =|:| :)"
          - "npm[_-]?email(=| =|:| :)"
          - "npm[_-]?auth[_-]?token(=| =|:| :)"
          - "npm[_-]?api[_-]?token(=| =|:| :)"
          - "npm[_-]?api[_-]?key(=| =|:| :)"
          - "now[_-]?token(=| =|:| :)"
          - "non[_-]?token(=| =|:| :)"
          - "node[_-]?pre[_-]?gyp[_-]?secretaccesskey(=| =|:| :)"
          - "node[_-]?pre[_-]?gyp[_-]?github[_-]?token(=| =|:| :)"
          - "node[_-]?pre[_-]?gyp[_-]?accesskeyid(=| =|:| :)"
          - "node[_-]?env(=| =|:| :)"
          - "ngrok[_-]?token(=| =|:| :)"
          - "ngrok[_-]?auth[_-]?token(=| =|:| :)"
          - "nexuspassword(=| =|:| :)"
          - "nexus[_-]?password(=| =|:| :)"
          - "new[_-]?relic[_-]?beta[_-]?token(=| =|:| :)"
          - "netlify[_-]?api[_-]?key(=| =|:| :)"
          - "nativeevents(=| =|:| :)"
          - "mysqlsecret(=| =|:| :)"
          - "mysqlmasteruser(=| =|:| :)"
          - "mysql[_-]?username(=| =|:| :)"
          - "mysql[_-]?user(=| =|:| :)"
          - "mysql[_-]?root[_-]?password(=| =|:| :)"
          - "mysql[_-]?password(=| =|:| :)"
          - "mysql[_-]?hostname(=| =|:| :)"
          - "mysql[_-]?database(=| =|:| :)"
          - "my[_-]?secret[_-]?env(=| =|:| :)"
          - "multi[_-]?workspace[_-]?sid(=| =|:| :)"
          - "multi[_-]?workflow[_-]?sid(=| =|:| :)"
          - "multi[_-]?disconnect[_-]?sid(=| =|:| :)"
          - "multi[_-]?connect[_-]?sid(=| =|:| :)"
          - "multi[_-]?bob[_-]?sid(=| =|:| :)"
          - "minio[_-]?secret[_-]?key(=| =|:| :)"
          - "minio[_-]?access[_-]?key(=| =|:| :)"
          - "mile[_-]?zero[_-]?key(=| =|:| :)"
          - "mh[_-]?password(=| =|:| :)"
          - "mh[_-]?apikey(=| =|:| :)"
          - "mg[_-]?public[_-]?api[_-]?key(=| =|:| :)"
          - "mg[_-]?api[_-]?key(=| =|:| :)"
          - "mapboxaccesstoken(=| =|:| :)"
          - "mapbox[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "mapbox[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "mapbox[_-]?api[_-]?token(=| =|:| :)"
          - "mapbox[_-]?access[_-]?token(=| =|:| :)"
          - "manifest[_-]?app[_-]?url(=| =|:| :)"
          - "manifest[_-]?app[_-]?token(=| =|:| :)"
          - "mandrill[_-]?api[_-]?key(=| =|:| :)"
          - "managementapiaccesstoken(=| =|:| :)"
          - "management[_-]?token(=| =|:| :)"
          - "manage[_-]?secret(=| =|:| :)"
          - "manage[_-]?key(=| =|:| :)"
          - "mailgun[_-]?secret[_-]?api[_-]?key(=| =|:| :)"
          - "mailgun[_-]?pub[_-]?key(=| =|:| :)"
          - "mailgun[_-]?pub[_-]?apikey(=| =|:| :)"
          - "mailgun[_-]?priv[_-]?key(=| =|:| :)"
          - "mailgun[_-]?password(=| =|:| :)"
          - "mailgun[_-]?apikey(=| =|:| :)"
          - "mailgun[_-]?api[_-]?key(=| =|:| :)"
          - "mailer[_-]?password(=| =|:| :)"
          - "mailchimp[_-]?key(=| =|:| :)"
          - "mailchimp[_-]?api[_-]?key(=| =|:| :)"
          - "mail[_-]?password(=| =|:| :)"
          - "magento[_-]?password(=| =|:| :)"
          - "magento[_-]?auth[_-]?username (=| =|:| :)"
          - "magento[_-]?auth[_-]?password(=| =|:| :)"
          - "lottie[_-]?upload[_-]?cert[_-]?key[_-]?store[_-]?password(=| =|:| :)"
          - "lottie[_-]?upload[_-]?cert[_-]?key[_-]?password(=| =|:| :)"
          - "lottie[_-]?s3[_-]?secret[_-]?key(=| =|:| :)"
          - "lottie[_-]?happo[_-]?secret[_-]?key(=| =|:| :)"
          - "lottie[_-]?happo[_-]?api[_-]?key(=| =|:| :)"
          - "looker[_-]?test[_-]?runner[_-]?client[_-]?secret(=| =|:| :)"
          - "ll[_-]?shared[_-]?key(=| =|:| :)"
          - "ll[_-]?publish[_-]?url(=| =|:| :)"
          - "linux[_-]?signing[_-]?key(=| =|:| :)"
          - "linkedin[_-]?client[_-]?secretor lottie[_-]?s3[_-]?api[_-]?key(=| =|:| :)"
          - "lighthouse[_-]?api[_-]?key(=| =|:| :)"
          - "lektor[_-]?deploy[_-]?username(=| =|:| :)"
          - "lektor[_-]?deploy[_-]?password(=| =|:| :)"
          - "leanplum[_-]?key(=| =|:| :)"
          - "kxoltsn3vogdop92m(=| =|:| :)"
          - "kubeconfig(=| =|:| :)"
          - "kubecfg[_-]?s3[_-]?path(=| =|:| :)"
          - "kovan[_-]?private[_-]?key(=| =|:| :)"
          - "keystore[_-]?pass(=| =|:| :)"
          - "kafka[_-]?rest[_-]?url(=| =|:| :)"
          - "kafka[_-]?instance[_-]?name(=| =|:| :)"
          - "kafka[_-]?admin[_-]?url(=| =|:| :)"
          - "jwt[_-]?secret(=| =|:| :)"
          - "jdbc:mysql(=| =|:| :)"
          - "jdbc[_-]?host(=| =|:| :)"
          - "jdbc[_-]?databaseurl(=| =|:| :)"
          - "itest[_-]?gh[_-]?token(=| =|:| :)"
          - "ios[_-]?docs[_-]?deploy[_-]?token(=| =|:| :)"
          - "internal[_-]?secrets(=| =|:| :)"
          - "integration[_-]?test[_-]?appid(=| =|:| :)"
          - "integration[_-]?test[_-]?api[_-]?key(=| =|:| :)"
          - "index[_-]?name(=| =|:| :)"
          - "ij[_-]?repo[_-]?username(=| =|:| :)"
          - "ij[_-]?repo[_-]?password(=| =|:| :)"
          - "hub[_-]?dxia2[_-]?password(=| =|:| :)"
          - "homebrew[_-]?github[_-]?api[_-]?token(=| =|:| :)"
          - "hockeyapp[_-]?token(=| =|:| :)"
          - "heroku[_-]?token(=| =|:| :)"
          - "heroku[_-]?email(=| =|:| :)"
          - "heroku[_-]?api[_-]?key(=| =|:| :)"
          - "hb[_-]?codesign[_-]?key[_-]?pass(=| =|:| :)"
          - "hb[_-]?codesign[_-]?gpg[_-]?pass(=| =|:| :)"
          - "hab[_-]?key(=| =|:| :)"
          - "hab[_-]?auth[_-]?token(=| =|:| :)"
          - "grgit[_-]?user(=| =|:| :)"
          - "gren[_-]?github[_-]?token(=| =|:| :)"
          - "gradle[_-]?signing[_-]?password(=| =|:| :)"
          - "gradle[_-]?signing[_-]?key[_-]?id(=| =|:| :)"
          - "gradle[_-]?publish[_-]?secret(=| =|:| :)"
          - "gradle[_-]?publish[_-]?key(=| =|:| :)"
          - "gpg[_-]?secret[_-]?keys(=| =|:| :)"
          - "gpg[_-]?private[_-]?key(=| =|:| :)"
          - "gpg[_-]?passphrase(=| =|:| :)"
          - "gpg[_-]?ownertrust(=| =|:| :)"
          - "gpg[_-]?keyname(=| =|:| :)"
          - "gpg[_-]?key[_-]?name(=| =|:| :)"
          - "google[_-]?private[_-]?key(=| =|:| :)"
          - "google[_-]?maps[_-]?api[_-]?key(=| =|:| :)"
          - "google[_-]?client[_-]?secret(=| =|:| :)"
          - "google[_-]?client[_-]?id(=| =|:| :)"
          - "google[_-]?client[_-]?email(=| =|:| :)"
          - "google[_-]?account[_-]?type(=| =|:| :)"
          - "gogs[_-]?password(=| =|:| :)"
          - "gitlab[_-]?user[_-]?email(=| =|:| :)"
          - "github[_-]?tokens(=| =|:| :)"
          - "github[_-]?token(=| =|:| :)"
          - "github[_-]?repo(=| =|:| :)"
          - "github[_-]?release[_-]?token(=| =|:| :)"
          - "github[_-]?pwd(=| =|:| :)"
          - "github[_-]?password(=| =|:| :)"
          - "github[_-]?oauth[_-]?token(=| =|:| :)"
          - "github[_-]?oauth(=| =|:| :)"
          - "github[_-]?key(=| =|:| :)"
          - "github[_-]?hunter[_-]?username(=| =|:| :)"
          - "github[_-]?hunter[_-]?token(=| =|:| :)"
          - "github[_-]?deployment[_-]?token(=| =|:| :)"
          - "github[_-]?deploy[_-]?hb[_-]?doc[_-]?pass(=| =|:| :)"
          - "github[_-]?client[_-]?secret(=| =|:| :)"
          - "github[_-]?auth[_-]?token(=| =|:| :)"
          - "github[_-]?auth(=| =|:| :)"
          - "github[_-]?api[_-]?token(=| =|:| :)"
          - "github[_-]?api[_-]?key(=| =|:| :)"
          - "github[_-]?access[_-]?token(=| =|:| :)"
          - "git[_-]?token(=| =|:| :)"
          - "git[_-]?name(=| =|:| :)"
          - "git[_-]?email(=| =|:| :)"
          - "git[_-]?committer[_-]?name(=| =|:| :)"
          - "git[_-]?committer[_-]?email(=| =|:| :)"
          - "git[_-]?author[_-]?name(=| =|:| :)"
          - "git[_-]?author[_-]?email(=| =|:| :)"
          - "ghost[_-]?api[_-]?key(=| =|:| :)"
          - "ghb[_-]?token(=| =|:| :)"
          - "gh[_-]?unstable[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
          - "gh[_-]?token(=| =|:| :)"
          - "gh[_-]?repo[_-]?token(=| =|:| :)"
          - "gh[_-]?oauth[_-]?token(=| =|:| :)"
          - "gh[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
          - "gh[_-]?next[_-]?unstable[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
          - "gh[_-]?next[_-]?unstable[_-]?oauth[_-]?client[_-]?id(=| =|:| :)"
          - "gh[_-]?next[_-]?oauth[_-]?client[_-]?secret(=| =|:| :)"
          - "gh[_-]?email(=| =|:| :)"
          - "gh[_-]?api[_-]?key(=| =|:| :)"
          - "gcs[_-]?bucket(=| =|:| :)"
          - "gcr[_-]?password(=| =|:| :)"
          - "gcloud[_-]?service[_-]?key(=| =|:| :)"
          - "gcloud[_-]?project(=| =|:| :)"
          - "gcloud[_-]?bucket(=| =|:| :)"
          - "ftp[_-]?username(=| =|:| :)"
          - "ftp[_-]?user(=| =|:| :)"
          - "ftp[_-]?pw(=| =|:| :)"
          - "ftp[_-]?password(=| =|:| :)"
          - "ftp[_-]?login(=| =|:| :)"
          - "ftp[_-]?host(=| =|:| :)"
          - "fossa[_-]?api[_-]?key(=| =|:| :)"
          - "flickr[_-]?api[_-]?secret(=| =|:| :)"
          - "flickr[_-]?api[_-]?key(=| =|:| :)"
          - "flask[_-]?secret[_-]?key(=| =|:| :)"
          - "firefox[_-]?secret(=| =|:| :)"
          - "firebase[_-]?token(=| =|:| :)"
          - "firebase[_-]?project[_-]?develop(=| =|:| :)"
          - "firebase[_-]?key(=| =|:| :)"
          - "firebase[_-]?api[_-]?token(=| =|:| :)"
          - "firebase[_-]?api[_-]?json(=| =|:| :)"
          - "file[_-]?password(=| =|:| :)"
          - "exp[_-]?password(=| =|:| :)"
          - "eureka[_-]?awssecretkey(=| =|:| :)"
          - "env[_-]?sonatype[_-]?password(=| =|:| :)"
          - "env[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "env[_-]?secret(=| =|:| :)"
          - "env[_-]?key(=| =|:| :)"
          - "env[_-]?heroku[_-]?api[_-]?key(=| =|:| :)"
          - "env[_-]?github[_-]?oauth[_-]?token(=| =|:| :)"
          - "end[_-]?user[_-]?password(=| =|:| :)"
          - "encryption[_-]?password(=| =|:| :)"
          - "elasticsearch[_-]?password(=| =|:| :)"
          - "elastic[_-]?cloud[_-]?auth(=| =|:| :)"
          - "dsonar[_-]?projectkey(=| =|:| :)"
          - "dsonar[_-]?login(=| =|:| :)"
          - "droplet[_-]?travis[_-]?password(=| =|:| :)"
          - "dropbox[_-]?oauth[_-]?bearer(=| =|:| :)"
          - "doordash[_-]?auth[_-]?token(=| =|:| :)"
          - "dockerhubpassword(=| =|:| :)"
          - "dockerhub[_-]?password(=| =|:| :)"
          - "docker[_-]?token(=| =|:| :)"
          - "docker[_-]?postgres[_-]?url(=| =|:| :)"
          - "docker[_-]?password(=| =|:| :)"
          - "docker[_-]?passwd(=| =|:| :)"
          - "docker[_-]?pass(=| =|:| :)"
          - "docker[_-]?key(=| =|:| :)"
          - "docker[_-]?hub[_-]?password(=| =|:| :)"
          - "digitalocean[_-]?ssh[_-]?key[_-]?ids(=| =|:| :)"
          - "digitalocean[_-]?ssh[_-]?key[_-]?body(=| =|:| :)"
          - "digitalocean[_-]?access[_-]?token(=| =|:| :)"
          - "dgpg[_-]?passphrase(=| =|:| :)"
          - "deploy[_-]?user(=| =|:| :)"
          - "deploy[_-]?token(=| =|:| :)"
          - "deploy[_-]?secure(=| =|:| :)"
          - "deploy[_-]?password(=| =|:| :)"
          - "ddgc[_-]?github[_-]?token(=| =|:| :)"
          - "ddg[_-]?test[_-]?email[_-]?pw(=| =|:| :)"
          - "ddg[_-]?test[_-]?email(=| =|:| :)"
          - "db[_-]?username(=| =|:| :)"
          - "db[_-]?user(=| =|:| :)"
          - "db[_-]?pw(=| =|:| :)"
          - "db[_-]?password(=| =|:| :)"
          - "db[_-]?host(=| =|:| :)"
          - "db[_-]?database(=| =|:| :)"
          - "db[_-]?connection(=| =|:| :)"
          - "datadog[_-]?app[_-]?key(=| =|:| :)"
          - "datadog[_-]?api[_-]?key(=| =|:| :)"
          - "database[_-]?username(=| =|:| :)"
          - "database[_-]?user(=| =|:| :)"
          - "database[_-]?port(=| =|:| :)"
          - "database[_-]?password(=| =|:| :)"
          - "database[_-]?name(=| =|:| :)"
          - "database[_-]?host(=| =|:| :)"
          - "danger[_-]?github[_-]?api[_-]?token(=| =|:| :)"
          - "cypress[_-]?record[_-]?key(=| =|:| :)"
          - "coverity[_-]?scan[_-]?token(=| =|:| :)"
          - "coveralls[_-]?token(=| =|:| :)"
          - "coveralls[_-]?repo[_-]?token(=| =|:| :)"
          - "coveralls[_-]?api[_-]?token(=| =|:| :)"
          - "cos[_-]?secrets(=| =|:| :)"
          - "conversation[_-]?username(=| =|:| :)"
          - "conversation[_-]?password(=| =|:| :)"
          - "contentful[_-]?v2[_-]?access[_-]?token(=| =|:| :)"
          - "contentful[_-]?test[_-]?org[_-]?cma[_-]?token(=| =|:| :)"
          - "contentful[_-]?php[_-]?management[_-]?test[_-]?token(=| =|:| :)"
          - "contentful[_-]?management[_-]?api[_-]?access[_-]?token[_-]?new(=| =|:| :)"
          - "contentful[_-]?management[_-]?api[_-]?access[_-]?token(=| =|:| :)"
          - "contentful[_-]?integration[_-]?management[_-]?token(=| =|:| :)"
          - "contentful[_-]?cma[_-]?test[_-]?token(=| =|:| :)"
          - "contentful[_-]?access[_-]?token(=| =|:| :)"
          - "consumerkey(=| =|:| :)"
          - "consumer[_-]?key(=| =|:| :)"
          - "conekta[_-]?apikey(=| =|:| :)"
          - "coding[_-]?token(=| =|:| :)"
          - "codecov[_-]?token(=| =|:| :)"
          - "codeclimate[_-]?repo[_-]?token(=| =|:| :)"
          - "codacy[_-]?project[_-]?token(=| =|:| :)"
          - "cocoapods[_-]?trunk[_-]?token(=| =|:| :)"
          - "cocoapods[_-]?trunk[_-]?email(=| =|:| :)"
          - "cn[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "cn[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "clu[_-]?ssh[_-]?private[_-]?key[_-]?base64(=| =|:| :)"
          - "clu[_-]?repo[_-]?url(=| =|:| :)"
          - "cloudinary[_-]?url[_-]?staging(=| =|:| :)"
          - "cloudinary[_-]?url(=| =|:| :)"
          - "cloudflare[_-]?email(=| =|:| :)"
          - "cloudflare[_-]?auth[_-]?key(=| =|:| :)"
          - "cloudflare[_-]?auth[_-]?email(=| =|:| :)"
          - "cloudflare[_-]?api[_-]?key(=| =|:| :)"
          - "cloudant[_-]?service[_-]?database(=| =|:| :)"
          - "cloudant[_-]?processed[_-]?database(=| =|:| :)"
          - "cloudant[_-]?password(=| =|:| :)"
          - "cloudant[_-]?parsed[_-]?database(=| =|:| :)"
          - "cloudant[_-]?order[_-]?database(=| =|:| :)"
          - "cloudant[_-]?instance(=| =|:| :)"
          - "cloudant[_-]?database(=| =|:| :)"
          - "cloudant[_-]?audited[_-]?database(=| =|:| :)"
          - "cloudant[_-]?archived[_-]?database(=| =|:| :)"
          - "cloud[_-]?api[_-]?key(=| =|:| :)"
          - "clojars[_-]?password(=| =|:| :)"
          - "client[_-]?secret(=| =|:| :)"
          - "cli[_-]?e2e[_-]?cma[_-]?token(=| =|:| :)"
          - "claimr[_-]?token(=| =|:| :)"
          - "claimr[_-]?superuser(=| =|:| :)"
          - "claimr[_-]?db(=| =|:| :)"
          - "claimr[_-]?database(=| =|:| :)"
          - "ci[_-]?user[_-]?token(=| =|:| :)"
          - "ci[_-]?server[_-]?name(=| =|:| :)"
          - "ci[_-]?registry[_-]?user(=| =|:| :)"
          - "ci[_-]?project[_-]?url(=| =|:| :)"
          - "ci[_-]?deploy[_-]?password(=| =|:| :)"
          - "chrome[_-]?refresh[_-]?token(=| =|:| :)"
          - "chrome[_-]?client[_-]?secret(=| =|:| :)"
          - "cheverny[_-]?token(=| =|:| :)"
          - "cf[_-]?password(=| =|:| :)"
          - "certificate[_-]?password(=| =|:| :)"
          - "censys[_-]?secret(=| =|:| :)"
          - "cattle[_-]?secret[_-]?key(=| =|:| :)"
          - "cattle[_-]?agent[_-]?instance[_-]?auth(=| =|:| :)"
          - "cattle[_-]?access[_-]?key(=| =|:| :)"
          - "cargo[_-]?token(=| =|:| :)"
          - "cache[_-]?s3[_-]?secret[_-]?key(=| =|:| :)"
          - "bx[_-]?username(=| =|:| :)"
          - "bx[_-]?password(=| =|:| :)"
          - "bundlesize[_-]?github[_-]?token(=| =|:| :)"
          - "built[_-]?branch[_-]?deploy[_-]?key(=| =|:| :)"
          - "bucketeer[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "bucketeer[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "browserstack[_-]?access[_-]?key(=| =|:| :)"
          - "browser[_-]?stack[_-]?access[_-]?key(=| =|:| :)"
          - "brackets[_-]?repo[_-]?oauth[_-]?token(=| =|:| :)"
          - "bluemix[_-]?username(=| =|:| :)"
          - "bluemix[_-]?pwd(=| =|:| :)"
          - "bluemix[_-]?password(=| =|:| :)"
          - "bluemix[_-]?pass[_-]?prod(=| =|:| :)"
          - "bluemix[_-]?pass(=| =|:| :)"
          - "bluemix[_-]?auth(=| =|:| :)"
          - "bluemix[_-]?api[_-]?key(=| =|:| :)"
          - "bintraykey(=| =|:| :)"
          - "bintray[_-]?token(=| =|:| :)"
          - "bintray[_-]?key(=| =|:| :)"
          - "bintray[_-]?gpg[_-]?password(=| =|:| :)"
          - "bintray[_-]?apikey(=| =|:| :)"
          - "bintray[_-]?api[_-]?key(=| =|:| :)"
          - "b2[_-]?bucket(=| =|:| :)"
          - "b2[_-]?app[_-]?key(=| =|:| :)"
          - "awssecretkey(=| =|:| :)"
          - "awscn[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "awscn[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "awsaccesskeyid(=| =|:| :)"
          - "aws[_-]?ses[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "aws[_-]?ses[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "aws[_-]?secrets(=| =|:| :)"
          - "aws[_-]?secret[_-]?key(=| =|:| :)"
          - "aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "aws[_-]?secret(=| =|:| :)"
          - "aws[_-]?key(=| =|:| :)"
          - "aws[_-]?config[_-]?secretaccesskey(=| =|:| :)"
          - "aws[_-]?config[_-]?accesskeyid(=| =|:| :)"
          - "aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "aws[_-]?access[_-]?key(=| =|:| :)"
          - "aws[_-]?access(=| =|:| :)"
          - "author[_-]?npm[_-]?api[_-]?key(=| =|:| :)"
          - "author[_-]?email[_-]?addr(=| =|:| :)"
          - "auth0[_-]?client[_-]?secret(=| =|:| :)"
          - "auth0[_-]?api[_-]?clientsecret(=| =|:| :)"
          - "auth[_-]?token(=| =|:| :)"
          - "assistant[_-]?iam[_-]?apikey(=| =|:| :)"
          - "artifacts[_-]?secret(=| =|:| :)"
          - "artifacts[_-]?key(=| =|:| :)"
          - "artifacts[_-]?bucket(=| =|:| :)"
          - "artifacts[_-]?aws[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "artifacts[_-]?aws[_-]?access[_-]?key[_-]?id(=| =|:| :)"
          - "artifactory[_-]?key(=| =|:| :)"
          - "argos[_-]?token(=| =|:| :)"
          - "apple[_-]?id[_-]?password(=| =|:| :)"
          - "appclientsecret(=| =|:| :)"
          - "app[_-]?token(=| =|:| :)"
          - "app[_-]?secrete(=| =|:| :)"
          - "app[_-]?report[_-]?token[_-]?key(=| =|:| :)"
          - "app[_-]?bucket[_-]?perm(=| =|:| :)"
          - "apigw[_-]?access[_-]?token(=| =|:| :)"
          - "apiary[_-]?api[_-]?key(=| =|:| :)"
          - "api[_-]?secret(=| =|:| :)"
          - "api[_-]?key[_-]?sid(=| =|:| :)"
          - "api[_-]?key[_-]?secret(=| =|:| :)"
          - "api[_-]?key(=| =|:| :)"
          - "aos[_-]?sec(=| =|:| :)"
          - "aos[_-]?key(=| =|:| :)"
          - "ansible[_-]?vault[_-]?password(=| =|:| :)"
          - "android[_-]?docs[_-]?deploy[_-]?token(=| =|:| :)"
          - "anaconda[_-]?token(=| =|:| :)"
          - "amazon[_-]?secret[_-]?access[_-]?key(=| =|:| :)"
          - "amazon[_-]?bucket[_-]?name(=| =|:| :)"
          - "alicloud[_-]?secret[_-]?key(=| =|:| :)"
          - "alicloud[_-]?access[_-]?key(=| =|:| :)"
          - "alias[_-]?pass(=| =|:| :)"
          - "algolia[_-]?search[_-]?key[_-]?1(=| =|:| :)"
          - "algolia[_-]?search[_-]?key(=| =|:| :)"
          - "algolia[_-]?search[_-]?api[_-]?key(=| =|:| :)"
          - "algolia[_-]?api[_-]?key[_-]?search(=| =|:| :)"
          - "algolia[_-]?api[_-]?key[_-]?mcm(=| =|:| :)"
          - "algolia[_-]?api[_-]?key(=| =|:| :)"
          - "algolia[_-]?admin[_-]?key[_-]?mcm(=| =|:| :)"
          - "algolia[_-]?admin[_-]?key[_-]?2(=| =|:| :)"
          - "algolia[_-]?admin[_-]?key[_-]?1(=| =|:| :)"
          - "adzerk[_-]?api[_-]?key(=| =|:| :)"
          - "admin[_-]?email(=| =|:| :)"
          - "account[_-]?sid(=| =|:| :)"
          - "access[_-]?token(=| =|:| :)"
          - "access[_-]?secret(=| =|:| :)"
          - "access[_-]?key[_-]?secret(=| =|:| :)"