From 75f3feb83779e7a1011808cf1a98f0fabe8d9f33 Mon Sep 17 00:00:00 2001 From: joshfalgout Date: Mon, 31 Mar 2025 15:03:26 -0500 Subject: [PATCH 1/3] falgout additions to secrets tests [skip secret push protection] --- .../prompt-library/sample_secret_data.csv | 563 ++++++++++++++++++ .../prompt-security-test-scripter.py | 11 +- 2 files changed, 570 insertions(+), 4 deletions(-) create mode 100644 prompt-security-test-scripter/prompt-library/sample_secret_data.csv diff --git a/prompt-security-test-scripter/prompt-library/sample_secret_data.csv b/prompt-security-test-scripter/prompt-library/sample_secret_data.csv new file mode 100644 index 0000000..4af428a --- /dev/null +++ b/prompt-security-test-scripter/prompt-library/sample_secret_data.csv @@ -0,0 +1,563 @@ +prompt,label,Display name,Category,Description,Regex,Keywords +"adafruit_api_key = ""hukWYUBi6UHwYXymJQbVO5vhTALveM5R""",1,Adafruit API Key,API Keys,"Identified a potential Adafruit API Key, which could lead to unauthorized + access to Adafruit services and sensitive data exposure.","(?i)(?:adafruit)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""adafruit""']" +"adobe_id = ""e99a18c428cb38d5f260853678922e03""",1,Adobe OAuth Web Client ID,Client Credentials,"Detected a pattern that resembles an Adobe OAuth Web Client ID, posing a + risk of compromised Adobe integrations and data breaches.","(?i)(?:adobe)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""adobe""']" +"adobe_client_secret = ""p8e-1a2b3c4d5e6f7g8h9i0j1k2l3m4n5o6p""",1,Adobe Client Secret,Client Credentials,"Discovered a potential Adobe Client Secret, which, if exposed, could + allow unauthorized Adobe service access and data manipulation.","(?i)\b((p8e-)(?i)[a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""p8e-""']" +AGE-SECRET-KEY-1QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L7GF2TVDW0S3JN54KHCE6MUA7LQPZRY9X8,1,Age encryption tool secret key,Encryption Keys,"Discovered a potential Age encryption tool secret key, risking data + decryption and unauthorized access to sensitive information.",AGE-SECRET-KEY-1QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L7GF2TVDW0S3JN54KHCE6MUA7LQPZRY9X8,"['""age-secret-key-1""']" +"airtable_api_key = ""a1b2c3d4e5f6g7h8i""",1,Airtable API Key,API Keys,"Uncovered a possible Airtable API Key, potentially compromising database + access and leading to data leakage or alteration.","(?i)(?:airtable)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""airtable""']" +"algolia_api_key = ""OtBS8d7V9uZqB4RBn6mIQfiQo3PzuSLp""",1,Algolia API Key,API Keys,"Identified an Algolia API Key, which could result in unauthorized search + operations and data exposure on Algolia-managed platforms.","(?i)(?:algolia)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""algolia""']" +LTAIabcdefghij1234567890,1,Alibaba Cloud AccessKey ID,API Keys,"Detected an Alibaba Cloud AccessKey ID, posing a risk of unauthorized + cloud resource access and potential data compromise.","(?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""ltai""']" +"alibaba_cloud_secret_key = ""abcd1234efgh5678ijklmnopqrstuv""",1,Alibaba Cloud Secret Key,API Keys,"Discovered a potential Alibaba Cloud Secret Key, potentially allowing + unauthorized operations and data access within Alibaba Cloud.","(?i)(?:alibaba)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""alibaba""']" +"asana_client_id = ""ec8Yqn9PmWd7QotUyGzBk8nDTlnj89Jn""",1,Asana Client ID,Client Credentials,"Discovered a potential Asana Client ID, risking unauthorized access to + Asana projects and sensitive task information.","(?i)(?:asana)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9]{16})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""asana""']" +"asana_client_secret = ""54bWaF9M7pr060b3LREeUyX7QxrYOKsZ""",1,Asana Client Secret,Client Credentials,"Identified an Asana Client Secret, which could lead to compromised + project management integrity and unauthorized access.","(?i)(?:asana)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""asana""']" +jira_apiKey ='te82k4k5dxpypsdj7pdqvime',1,Atlassian API token,API Keys,"Detected an Atlassian API token, posing a threat to project management + and collaboration tool security and data confidentiality.","(?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""atlassian""', '""confluence""', '""jira""']" +sc_abcde12345.fghij.acc_abcdefghijkl1234567890-xyz.ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=,1,Authress Service Client Access Key,API Keys,"Uncovered a possible Authress Service Client Access Key, which may + compromise access control services and sensitive data.","(?i)\b((?:sc|ext|scauth|authress)_[a-z0-9]{5,30}\.[a-z0-9]{4,6}\.acc[_-][a-z0-9-]{10,32}\.[a-z0-9+/_=-]{30,120})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sc_""', '""ext_""', '""scauth_""', + '""authress_""']" +AKIAIOSFODNN7EXAMPLE,1,AWS Access Key ID,API Keys,"Identified a pattern that may indicate AWS access key ID, risking + unauthorized cloud resource access and data breaches on AWS platforms.","(?i)['""]?(?:aws_access_key_id)['""]?[ \t]*[:=][ + \t]*(['""][^'""]{4,}['""])","['""aws-access-key-id""', '""aws_access_key_id""']" +AKIAIOSFODNN7EXAMPLE,1,AWS credentials,Access Tokens,"Identified a pattern that may indicate AWS credentials, risking + unauthorized cloud resource access and data breaches on AWS platforms.",(?:A3T[A-Z0-9]|AKIA|ASIA|ABIA|ACCA)[A-Z0-9]{16},"['""akia""', '""asia""', '""abia""', + '""acca""']" +arn:aws:iam::123456789012:role/example-role,1,AWS ARN,Other,Found an AWS ARN.,\b(arn:(aws|aws-cn|aws-us-gov):[a-zA-Z0-9\{\}\$\%_\-:\/*]*)\b,[] +wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY,1,AWS secret key credentials,API Keys,"Identified a pattern that may indicate AWS credentials, risking + unauthorized cloud resource access and data breaches on AWS platforms.","(?i)\b([0-9A-Z+\/]{40})(?:['\""\\\n\r\s\x60;<]|$)","['""aws_secret_access_key""', '""aws_secret""', + '""awssecret""', '""aws""', '""secret key""']" +FQoGZXIvYXdzEJr//////////wEaDK3jQzsklt7f,1,AWS Session Token,Access Tokens,"Identified a pattern that may indicate AWS session token, risking + unauthorized cloud resource access and data breaches on AWS platforms.",(?i)\b((?:[a-zA-Z0-9]+)?(?:yxdz|iqojb3jpz2lu)[a-zA-Z0-9+\/=]+),"['""yxdz""', '""iqojb3jpz2lu""', '""azure""', + '""session_token""', '""sessiontoken""']" +"azure_open_api_key = ""e3b0c44298fc1c149afbf4c8996fb924""",1,Azure Open API Key,API Keys,"Found an Azure OpenAI API Key, posing a risk of unauthorized access to + Azure AI services and data manipulation.",[0-9a-f]{32},"['""azure_openai""', '""openai.azure""', + '""azure.openai""', '""azure openai""', + '""azure-openai""', '""api_key""', '""api-key""']" +AZURE_STORAGE_CONNECTION_STRING=178iiG6DvnxF54zipaPXnWD20rtbc81ib17ahqkW2uEoJSJsx/KvsycPaaWrrNkBs9lVyRCGHTROyYYzmytEne==,1,Azure Storage Account Key Or API Key,API Keys,"Detects Azure Storage Account Keys or API Keys that may expose sensitive + data and allow unauthorized access to cloud resources.","(?i)(?:AccountKey|SECRET|AZURE_STORAGE_CONNECTION_STRING|StorageConnectionString|apikey)(?:[^a-zA-Z0-9]{0,20})(?:['""]?)([A-Za-z0-9+]{49})\/[A-Za-z0-9+]{36}={2}","['""AccountKey""', '""SECRET""', + '""AZURE_STORAGE_CONNECTION_STRING""', + '""StorageConnectionString""']" +"azure_subscription_key = ""0123456789abcdef0123456789ABCDEF"" ",1,Azure Subscription Key,API Keys,"Found an Azure subscription Key, posing a risk of unauthorized access to + Azure services.",[0-9a-fA-F]{32},"['""azure_subscription_key""', '""apim""', + '""ocp-apim-subscription-key""']" +beamer_token = 'b_bmrfju467nctki8jrkbsnykqq42-y97m=4prpd524x0m',1,Beamer API token,API Keys,"Detected a Beamer API token, potentially compromising content management + and exposing sensitive notifications and updates.","(?i)(?:beamer)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""beamer""']" +Bearer ABCDEF1234567890abcdef1234567890abcdef,1,Bearer Token,Access Tokens,"Discovered a Bearer Token, potentially compromising API access and data + retrieval.","(?i)Bearer\s+([A-Za-z0-9\-._~+\/=]{20,})","['""bearer""']" +"bitbucket_client_id = ""8UibLuEt1y6yqNhI0ywfEMk799t4y6Ui""",1,Bitbucket Client ID,Client Credentials,"Discovered a potential Bitbucket Client ID, risking unauthorized + repository access and potential codebase exposure.","(?i)(?:bitbucket)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""bitbucket""']" +"bitbucket_client_secret = ""nPkl6swqQ93u1A4GSh32Yz1oZUpruve1""",1,Bitbucket Client Secret,Client Credentials,"Discovered a potential Bitbucket Client Secret, posing a risk of + compromised code repositories and unauthorized access.","(?i)(?:bitbucket)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""bitbucket""']" +"bittrex_access_key = ""uXw2of3IIpPgY9AHCZIzJjPGpwYbAh93""",1,Bittrex Access Key,API Keys,"Identified a Bittrex Access Key, which could lead to unauthorized access + to cryptocurrency trading accounts and financial loss.","(?i)(?:bittrex)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""bittrex""']" +"bittrex_secret_key = ""8Svd8riTN4us00NDf1t0Vpl5UY4rH1zT""",1,Bittrex Secret Key,API Keys,"Detected a Bittrex Secret Key, potentially compromising cryptocurrency + transactions and financial security.","(?i)(?:bittrex)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""bittrex""']" +"claude_api_key = ""claude-abcdef1234567890abcdef1234567890""",1,Claude API Key,API Keys,"Found a Claude API Key, posing a risk of unauthorized access to Claude AI + services and data manipulation.",(?i)\b((?:ssk-ant-api|sk-ant-api)[a-zA-Z0-9+\/=\-\_]+),"['""claude""', '""claude_apikey""', '""apikey""', + '""key""', '""sk-ant-api""']" +CLOJARS_kxzb1e33c3tttsw2olssjd7e9pgylr3agpo5kc8q6xwksjiyodm0428ty7fe,1,Clojars API token,API Keys,"Uncovered a possible Clojars API token, risking unauthorized access to + Clojure libraries and potential code manipulation.",(?i)CLOJARS_[a-z0-9]{60},"['""clojars""']" +"cloudflare_key = ""q9z8x7w6-v5t4r3e2y1u0o9p8-l7k6j5h4g3f2d1""",1,Cloudflare API Key,API Keys,"Detected a Cloudflare API Key, potentially compromising cloud application + deployments and operational security.","(?i)(?:cloudflare)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""cloudflare""']" +cloudflare:b0297341afd8441a3af6cb625df600e9f9aba,1,Cloudflare Global API Key,API Keys,"Detected a Cloudflare Global API Key, potentially compromising cloud + application deployments and operational security.","(?i)(?:cloudflare)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{37})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""cloudflare""']" +v1.0-a1b2c3d4e5f6g7h8i9j0k1l-abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef123456,1,Cloudflare Origin CA Key,Encryption Keys,"Detected a Cloudflare Origin CA Key, potentially compromising cloud + application deployments and operational security.","\b(v1\.0-[a-f0-9]{24}-[a-f0-9]{130,146})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""cloudflare""', '""v1.0-""']" +"codecov_access_token = ""xg9FLVwJPxYWQ3tFIPqLFWAOKb5gPMVG""",1,Codecov Access Token,Access Tokens,"Found a pattern resembling a Codecov Access Token, posing a risk of + unauthorized access to code coverage reports and sensitive data.","(?i)(?:codecov)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""codecov""']" +coinbase_api_key=abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890,1,Coinbase Access Token,Access Tokens,"Detected a Coinbase Access Token, posing a risk of unauthorized access to + cryptocurrency accounts and financial transactions.","(?i)(?:coinbase)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""coinbase""']" +"confluent_access_token = ""a1b2c3d4e5f6g7h8""",1,Confluent Access Token,Access Tokens,"Identified a Confluent Access Token, which could compromise access to + streaming data platforms and sensitive data flow.","(?i)(?:confluent)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""confluent""']" +"confluent_secret_key = ""a5b2c3n4e5f6g6h6""",1,Confluent Secret Key,API Keys,"Found a Confluent Secret Key, potentially risking unauthorized operations + and data access within Confluent services.","(?i)(?:confluent)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""confluent""']" +"(db48hDBZrgRK:-R(yYYy>9W_I{(%*UOWPM7'.sUU~co-?35yf,hs&uBd^^1kbi1I}!eId{=g+DEjufz!SP:+Z",1,Consumer Key,Client Credentials,Found a consumer key.,(?i)(?:([^<\\n]*)<\/ConsumerKey>),"['""consumerkey""', '""consumer_key""', + '""comsumer-key""']" +cs_abcdef1234567890abcdef1234567890abcdef,1,Consumer Secret,Client Credentials,Found a consumer secret.,(?i)(?:([^<\\n]*)<\/ConsumerSecret>),"['""consumersecret""', '""consumer_secret""', + '""comsumer-secret""']" +contentfull:80_ffbv8hky30igb82-i1_b53745ljr5pz6h6u4ldq1 ,1,Contentful delivery API token,API Keys,"Discovered a Contentful delivery API token, posing a risk to content + management systems and data integrity.","(?i)(?:contentful)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""contentful""']" +dapi1234567890abcdef1234567890abcdef,1,Databricks API token,API Keys,"Uncovered a Databricks API token, which may compromise big data analytics + platforms and sensitive data processing.","(?i)\b(dapi[a-h0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""dapi""']" +"datadog_access_token = ""2a8fb2fcd600a828b6b104c327b1246499ce2999""",1,Datadog Access Token,Access Tokens,"Detected a Datadog Access Token, potentially risking monitoring and + analytics data exposure and manipulation.","(?i)(?:datadog)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""datadog""']" +dnkey = 'dnkey-37sx1y66v4irsx9roh08__5ivr-2-ohhh5n9-_a6ov_zokht19pdvz_5qq-5oju4=7q2ipqjqcz2v2t',1,Defined Networking API token,API Keys,"Identified a Defined Networking API token, which could lead to + unauthorized network operations and data breaches.","(?i)(?:dnkey)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(dnkey-[a-z0-9=_\-]{26}-[a-z0-9=_\-]{52})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""dnkey""']" +doo_v1_abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890,1,DigitalOcean OAuth Access Token,Access Tokens,"Found a DigitalOcean OAuth Access Token, risking unauthorized cloud + resource access and data compromise.","(?i)\b(doo_v1_[a-f0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""doo_v1_""']" +dop_v1_a1b2c3d4e5f67890abcdef1234567890a1b2c3d4e5f67890abcdef1234567890,1,DigitalOcean Personal Access Token,Access Tokens,"Discovered a DigitalOcean Personal Access Token, posing a threat to cloud + infrastructure security and data privacy.","(?i)\b(dop_v1_[a-f0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""dop_v1_""']" +dor_v1_141b4405eed050913b06e7b56e1313a16f9d7a0ce2f5b3801270f776a8ae358e,1,DigitalOcean OAuth Refresh Token,Access Tokens,"Uncovered a DigitalOcean OAuth Refresh Token, which could allow prolonged + unauthorized access and resource manipulation.","(?i)\b(dor_v1_[a-f0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""dor_v1_""']" +"discord_api_key = ""Yuwoc2khDDFruVJBY3LzuSXy5xmQ1TqK""",1,Discord API key,API Keys,"Detected a Discord API key, potentially compromising communication + channels and user data privacy on Discord.","(?i)(?:discord)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""discord""']" +"discord_token = ""735451534464902708""",1,Discord client ID,Client Credentials,"Identified a Discord client ID, which may lead to unauthorized + integrations and data exposure in Discord applications.","(?i)(?:discord)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9]{18})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""discord""']" +"discord_key = ""vzogwk6_q0mngk70yaz0h6pdpo6bhuk4"" _",1,Discord client secret,Client Credentials,"Discovered a potential Discord client secret, risking compromised Discord + bot integrations and data leaks.","(?i)(?:discord)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""discord""']" +dp.pt.q9f8a7d6c5b4e3g2h1j0k9l8m7n6o5p4q3r2sfdasdf,1,Doppler API token,API Keys,"Discovered a Doppler API token, posing a risk to environment and secrets + management security.",dp\.pt\.(?i)[a-z0-9]{43},"['""doppler""']" +"droneci_key = ""a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6""",1,Droneci Access Token,Access Tokens,"Detected a Droneci Access Token, potentially compromising continuous + integration and deployment workflows.","(?i)(?:droneci)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""droneci""']" +dropbox_key = 'abcde12345fghij',1,Dropbox API secret,API Keys,"Identified a Dropbox API secret, which could lead to unauthorized file + access and data breaches in Dropbox storage.","(?i)(?:dropbox)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{15})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""dropbox""']" +dropbox:efb8nnhyg56AAAAAAAAAAk=h0x_9myvnu-k3b26hv_ftqq4bs664-_cdrxomnfnh,1,Dropbox long-lived API token,API Keys,"Found a Dropbox long-lived API token, risking prolonged unauthorized + access to cloud storage and sensitive data.","(?i)(?:dropbox)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{11}(AAAAAAAAAA)[a-z0-9\-_=]{43})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""dropbox""']" +dropbox_slt=sl.4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2g3h4i5j6k7l8m9n0o1p2q3r4s5t6u7v8w9x0y1z2a3b4c5d6e7f8g9h0ffads423f432ghs68h57hf,1,Dropbox short-lived API token,API Keys,"Discovered a Dropbox short-lived API token, posing a risk of temporary + but potentially harmful data access and manipulation.","(?i)(?:dropbox)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(sl\.[a-z0-9\-=_]{135})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""dropbox""']" +duffel_test_abcdefghijklmnopqrstuvwxyz0123456789_-abc,1,Duffel API token,API Keys,"Uncovered a Duffel API token, which may compromise travel platform + integrations and sensitive customer data.",duffel_(?:test|live)_(?i)[a-z0-9_\-=]{43},"['""duffel""']" +dt0c01.abcdefgpqrstuvwxyz012345.abcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrsxyz012345,1,Dynatrace API token,API Keys,"Detected a Dynatrace API token, potentially risking application + performance monitoring and data exposure.",dt0c01\.(?i)[a-z0-9]{24}\.[a-z0-9]{64},"['""dynatrace""']" +EZAKabcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuv,1,EasyPost API token,API Keys,"Identified an EasyPost API token, which could lead to unauthorized postal + and shipment service access and data exposure.",\bEZAK(?i)[a-z0-9]{54},"['""ezak""']" +EZTKabcdefghijklmnopqrstuvwxyz0123456789abcdefghijklmnopqrstuv,1,EasyPost test API token,API Keys,"Detected an EasyPost test API token, risking exposure of test + environments and potentially sensitive shipment data.",\bEZTK(?i)[a-z0-9]{54},"['""eztk""']" +user@example.com,1,Email Address,Other,Found an email address.,"\b((([+\-_\w])|([+\-_\w][+\-_\.\w]{0,}[+\-_\w]))[@]([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,})\b",[] +etsy_access_token=2ki6g8rv4pwu6ol97k0xw7y2,1,Etsy Access Token,Access Tokens,"Found an Etsy Access Token, potentially compromising Etsy shop management + and customer data.","(?i)(?:etsy)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""etsy""']" +5432167890123456|mnopqrstuVWXYZabcdefghijklmno98765 ,1,Facebook Access Token,Access Tokens,"Discovered a Facebook Access Token, posing a risk of unauthorized access + to Facebook accounts and personal data exposure.","(?i)\b(\d{15,16}(\||%)[0-9a-z\-_]{27,40})(?:['|\""|\n|\r|\s|\x60|;]|$)",[] +EAAMCabcdefghijklmnopqrstuvwxyz0123456789,1,Facebook Page Access Token,Access Tokens,"Discovered a Facebook Page Access Token, posing a risk of unauthorized + access to Facebook accounts and personal data exposure.","(?i)\b(EAA[MC][a-z0-9]{20,})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""eaam""', '""eaac""']" +"facebook_token = ""abcdef1234567890abcdef1234567890""",1,Facebook Application secret,Client Credentials,"Discovered a Facebook Application secret, posing a risk of unauthorized + access to Facebook accounts and personal data exposure.","(?i)(?:facebook)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)|facebook.{0,55}['""'""'""]([0-9a-f]{32,255})['""'""'""]","['""facebook""']" +"fastly_api_key = ""zwHKfUVyt0oCFpz3ectIKZYME7oOd5le""",1,Fastly API key,API Keys,"Uncovered a Fastly API key, which may compromise CDN and edge cloud + services, leading to content delivery and security issues.","(?i)(?:fastly)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""fastly""']" +finicity:f8d4592c6baf645ac88b0fb3c9ce028f,1,Finicity API token,API Keys,"Detected a Finicity API token, potentially risking financial data access + and unauthorized financial operations.","(?i)(?:finicity)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""finicity""']" +"finicity_key = ""abcde12345fghij67890""",1,Finicity Client Secret,Client Credentials,"Identified a Finicity Client Secret, which could lead to compromised + financial service integrations and data breaches.","(?i)(?:finicity)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""finicity""']" +"finnhub_key = ""abcd1234efgh5678ijkl""",1,Finnhub Access Token,Access Tokens,"Found a Finnhub Access Token, risking unauthorized access to financial + market data and analytics.","(?i)(?:finnhub)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""finnhub""']" +"flickr_key = ""abcdefghijklmnopqrstuvwxyz123456""",1,Flickr Access Token,Access Tokens,"Discovered a Flickr Access Token, posing a risk of unauthorized photo + management and potential data leakage.","(?i)(?:flickr)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""flickr""']" +FLWSECK_TEST-a1b2c3d4e5f6,1,Flutterwave Encryption Key,Encryption Keys,"Uncovered a Flutterwave Encryption Key, which may compromise payment + processing and sensitive financial information.",FLWSECK_TEST-(?i)[a-h0-9]{12},"['""flwseck_test""']" +FLWPUBK_TEST-a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6-X,1,Finicity Public Key,Encryption Keys,"Detected a Finicity Public Key, potentially exposing public cryptographic + operations and integrations.",FLWPUBK_TEST-(?i)[a-h0-9]{32}-X,"['""flwpubk_test""']" +FLWSECK_TEST-a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6-X,1,Flutterwave Secret Key,API Keys,"Identified a Flutterwave Secret Key, risking unauthorized financial + transactions and data breaches.",FLWSECK_TEST-(?i)[a-h0-9]{32}-X,"['""flwseck_test""']" +fio-u-a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2g3,1,Frame.io API token,API Keys,"Found a Frame.io API token, potentially compromising video collaboration + and project management.",fio-u-(?i)[a-z0-9\-_=]{64},"['""fio-u-""']" +freshbooks_api_key_1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef,1,Freshbooks Access Token,Access Tokens,"Discovered a Freshbooks Access Token, posing a risk to accounting + software access and sensitive financial data exposure.","(?i)(?:freshbooks)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""freshbooks""']" +AIza5mYgOutlGcS2ZUitKd2a10GJ^9KU8COkdtL,1,GCP API key,API Keys,"Uncovered a GCP API key, which could lead to unauthorized access to + Google Cloud services and data breaches.","(?i)\b(AIza[0-9A-Za-z\\-_]{35})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""aiza""']" +auth-key=x82_tn3yypak667gtwe0tq646=u.w5i0x2kahq6ivi2flyctt,1,Generic API Key,API Keys,"Detected a Generic API Key, potentially exposing access to various + services and sensitive operations. This secret type uses contextual modeling to detect and extract the sensitive data type.","(?i)(?:key|api|token|secret|client|passwd|password|auth|access)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9a-z\-_.=]{10,150})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""key""', '""api""', '""token""', + '""secret""', '""client""', '""passwd""', + '""password""', '""auth""', '""access""']" +"pw: ""s3cr3tP@ss""",1,Generic Password,Other,Found a password. This secret type uses contextual modeling to detect and extract the sensitive data type.,"(?i)['""](ch[a@]ngeme)['""]|(?i)(1q2w3e4r)\s*|(?i)(kafka123)\s*|(?i)(kafkae[1-3])\s*|(?i)(admin[1-9]+)\s*|(?i)(1qaz@WSX)\s*|(?i)(letmein)\s*|(?i)(w2e3r4t5)\s*|(?i)password.+((?:winter|spring|summer|autumn|fall)[a-zA-Z0-9]+)|(?i)(?:['""]?(?:pw|pass|pword|passphrase)['""]?[ + \t]*[:=][ + \t]*(['""][^'""]{4,}['""]|[0-9a-z\-_@#!%\^\?\*&\$~]{4,}))|(?i)(?:['""]?(?:passwrd|passwd|pwd|password)['""]?[ + \t]*[:=][ \t]*(['""][^'""]{4,}['""]|[0-9a-z\-_@#!%\^\?\*&\$~]{4,}))|(?i)(?:<[^(><.)]?(?:password)[^(><.)]?>([^(><.)]+)<\/[^(><.)]?(?:password)[^(><.)]?>)|(?i)(?:<[^(><.)]?(?:passphrase)[^(><.)]?>([^(><.)]+)<\/[^(><.)]?(?:passphrase)[^(><.)]?>)",[] +"generic_secret = ""mySuperSecretKey_12345""",1,Generic Secret,Other,Found a secret. This secret type uses contextual modeling to detect and extract the sensitive data type.,"(?i)(?:['""]?(?:secret|secretKey|secret-key|app[_\-]?secret|client[_\-]?secret|auth[_\-]?key|secret[_\-]?key|auth[_\-]?token|credential)['""]?[ + \t]*[:=][ + \t]*(['""][^'""]{3,}['""]|[0-9a-z\-_@#!%\^\?\*&\$~]+))|(?i)(AIzaSy[0-9a-zA-Z_\\-]{33})",[] +"github_access_token = ""a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0""",1,GitHub Access Token,Access Tokens,"Detected a GitHub Access Token, which could allow prolonged unauthorized + access to GitHub services.",[0-9a-f]{40},"['""github_token""', '""githubtoken""', + '""github_access_token""', '""githubaccesstoken""']" +ghs_abcdef1234567890abcdef1234567890abcdef,1,GitHub App Token,API Keys,"Identified a GitHub App Token, which may compromise GitHub application + integrations and source code security.",(?:ghu|ghs)_[0-9a-zA-Z]{36},"['""ghu_""', '""ghs_""']" +github_pat_123ABCdef456GHIjkl789MNOpqr012STUvwx345YZ_678abcDEF901ghiJKL234mnoPQR567stuVWX890yz_,1,GitHub Fine-Grained Personal Access Token,Access Tokens,"Found a GitHub Fine-Grained Personal Access Token, risking unauthorized + repository access and code manipulation.",github_pat_[0-9a-zA-Z_]{82},"['""github_pat_""']" +gho_abcdef1234567890abcdef1234567890abcdef,1,GitHub OAuth Access Token,Access Tokens,"Discovered a GitHub OAuth Access Token, posing a risk of compromised + GitHub account integrations and data leaks.",gho_[0-9a-zA-Z]{36},"['""gho_""']" +ghp_abcdef1234567890abcdef1234567890abcdef,1,GitHub Personal Access Token,Access Tokens,"Uncovered a GitHub Personal Access Token, potentially leading to + unauthorized repository access and sensitive content exposure.",ghp_[0-9a-zA-Z]{36},"['""ghp_""']" +ghr_abcdef1234567890abcdef1234567890abcdef,1,GitHub Refresh Token,Access Tokens,"Detected a GitHub Refresh Token, which could allow prolonged unauthorized + access to GitHub services.",ghr_[0-9a-zA-Z]{36},"['""ghr_""']" +ghs_abcdef1234567890abcdef1234567890abcdef,1,GitHub Secret,Client Credentials,"Discovered a GitHub secret, posing a risk of unauthorized access to + github accounts and personal data exposure.","(?i)((?:github)[ \t]*[:=][ + \t]*['""'""'""]+[a-zA-Z0-9]{35,40}['""'""'""])","['""github""']" +glpat-abcdefghijklmnopqrstuvwxyz1234,1,GitLab Personal Access Token,Access Tokens,"Identified a GitLab Personal Access Token, risking unauthorized access to + GitLab repositories and codebase exposure.",glpat-[0-9a-zA-Z\-\_]{20},"['""glpat-""']" +glptt-a9a04b6700b1616dd49882ffc200a062f952b829,1,GitLab Pipeline Trigger Token,Access Tokens,"Found a GitLab Pipeline Trigger Token, potentially compromising + continuous integration workflows and project security.",glptt-[0-9a-f]{40},"['""glptt-""']" +GR1348941aB2C3d4E5F6G7H8I9J0K1L2M3N4O_,1,GitLab Runner Registration Token,Access Tokens,"Discovered a GitLab Runner Registration Token, posing a risk to CI/CD + pipeline integrity and unauthorized access.",GR1348941[0-9a-zA-Z\-\_]{20},"['""gr1348941""']" +gitter=rps2svx21rfefhxt1c-fm2e3vbnnlf9h9dnatvxm,1,Gitter Access Token,Access Tokens,"Uncovered a Gitter Access Token, which may lead to unauthorized access to + chat and communication services.","(?i)(?:gitter)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""gitter""']" +gocardless = live_a1b2c3d4e5f678901234567890abcdef12345678,1,GoCardless API token,API Keys,"Detected a GoCardless API token, potentially risking unauthorized direct + debit payment operations and financial data exposure.","(?i)(?:gocardless)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(live_(?i)[a-z0-9\-_=]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""live_""', '""gocardless""']" +"google_access_token = ""ya29.a0AfH6SMC-examplegoogleaccesstoken123456""",1,Google Access Token,Access Tokens,Found a Google access token.,"(?i)['""]?(?:google[_\-]?access[_\-]?token)['""]?[ \t]*[:=][ + \t]*(['""][^'""]{4,}['""])","['""google-access-token""', '""google_access_token""', + '""google_access""', '""googleaccess""']" +googleapi':'examplesecret',1,Google API,API Keys,Found a Google API secret.,"(?i)['""]?(?:google[_\-]?api)['""]?[ \t]*[:=][ + \t]*(['""][^'""]{4,}['""])","['""google-api""', '""google_api""', + '""googleapi""']" +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THPJFEPL_HKg8cuYDC,1,Google OAuth2 Client Secret,Client Credentials,"Detected a Google OAuth2 Client Secret, which can be used to gain + unauthorized access to sensitive information.","GOCSPX-[A-Za-z0-9_-]{20,}","['""google""', '""oauth2""', + '""apps.googleusercontent.com""']" +"grafana_api_key = ""abcdef1234567890abcdef1234567890abcdef""",1,Grafana API key,API Keys,"Identified a Grafana API key, which could compromise monitoring + dashboards and sensitive data analytics.","(?i)\b(eyJrIjoi[A-Za-z0-9]{70,400}={0,2})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""eyjrijoi""']" +glsa_YKSfJvL3LefeVRvwMW4z43VSYsIekGmf_4F8A18dF,1,Grafana cloud API token,API Keys,"Found a Grafana cloud API token, risking unauthorized access to + cloud-based monitoring services and data exposure.","(?i)\b(glc_[A-Za-z0-9+/]{32,400}={0,2})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""glc_""']" +glsa_AbCdEfGhIjKlMnOpQrStUvWxYz1234_1a2b3c4d,1,Grafana service account token,Access Tokens,"Discovered a Grafana service account token, posing a risk of compromised + monitoring services and data integrity.","(?i)\b(glsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""glsa_""']" +gsk_AbCdEfGhIjKlMnOpQrStWGdyb3FY12345,1,Groq API Key,API Keys,"Detected a Groq API Key, which could allow unauthorized access to Groq + services.","gsk_[A-Za-z0-9]{1,25}WGdyb3FY[A-Za-z0-9]{1,25}","['""groq""', '""gsk_""']" +pat.1FCoiHjpzLq7jh9mZ3LC5r.xB5vjnEGps8C9xBToc60n8p7.zkAcvgCDFeNkaq7MQl3p,1,Harness Access Token,Access Tokens,"Identified a Harness Access Token (PAT or SAT), risking unauthorized + access to a Harness account.",(?:pat|sat)\.[a-zA-Z0-9]{22}\.[a-zA-Z0-9]{24}\.[a-zA-Z0-9]{20},"['""pat.""', '""sat.""']" +b184x2wff9lytm.atlasv1.=7ycb_vrb32r7y16=gcwcpfvubaunq6z_9f0nh97xidxypfbdb-mvfjyx4xm,1,HashiCorp Terraform user/org API token,API Keys,"Uncovered a HashiCorp Terraform user/org API token, which may lead to + unauthorized infrastructure management and security breaches.","(?i)[a-z0-9]{14}\.(?-i:atlasv1)\.[a-z0-9\-_=]{60,70}","['""atlasv1""']" +"administrator_login_password=""""abcd1234xy""""",1,HashiCorp Terraform password field,Other,"Identified a HashiCorp Terraform password field, risking unauthorized + infrastructure configuration and security breaches.","(?i)(?:administrator_login_password|password)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(""[a-z0-9=_\-]{8,20}"")(?:['|\""|\n|\r|\s|\x60|;]|$)","['""administrator_login_password""', '""password""']" +"heroku = ""123e4567-e89b-12d3-a456-426614174000""",1,Heroku API Key,API Keys,"Detected a Heroku API Key, potentially compromising cloud application + deployments and operational security.","(?i)(?:heroku)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""heroku""']" +"hubspot = ""123e4567-E89B-12D3-A456-426614174000""",1,HubSpot API Token,API Keys,"Found a HubSpot API Token, posing a risk to CRM data integrity and + unauthorized marketing operations.","(?i)(?:hubspot)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""hubspot""']" +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,1,Hugging Face Access token,Access Tokens,"Discovered a Hugging Face Access token, which could lead to unauthorized + access to AI models and sensitive data.","(?:^|[\\'""` >=:])(hf_[a-zA-Z]{34})(?:$|[\\'""` <])","['""hf_""']" +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,1,Hugging Face Organization API token,API Keys,"Uncovered a Hugging Face Organization API token, potentially compromising + AI organization accounts and associated data.","(?:^|[\\'""` >=:\(,)])(api_org_[a-zA-Z]{34})(?:$|[\\'""` + <\),])","['""api_org_""']" +DE89370400440532013000,1,IBAN,Other,Found an international bank account number (IBAN).,\b(AL[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){2}([a-zA-Z0-9]{4}\s?){4}\s?|AD[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){2}([a-zA-Z0-9]{4}\s?){3}\s?|AT[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}\s?|AZ[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{4}\s?){1}([0-9]{4}\s?){5}\s?|BH[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([a-zA-Z0-9]{4}\s?){3}([a-zA-Z0-9]{2})\s?|BY[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{4}\s?){1}([0-9]{4}\s?){5}\s?|BE[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){3}\s?|BA[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}\s?|BR[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}([0-9]{3})([a-zA-Z]{1}\s?)([a-zA-Z0-9]{1})\s?|BG[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([0-9]{4}\s?){1}([0-9]{2})([a-zA-Z0-9]{2}\s?)([a-zA-Z0-9]{4}\s?){1}([a-zA-Z0-9]{2})\s?|CR[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}([0-9]{2})\s?|HR[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}([0-9]{1})\s?|CY[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){2}([a-zA-Z0-9]{4}\s?){4}\s?|CZ[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}\s?|DK[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){3}([0-9]{2})\s?|DO[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([0-9]{4}\s?){5}\s?|TL[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}([0-9]{3})\s?|EE[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}\s?|FO[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){3}([0-9]{2})\s?|FI[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){3}([0-9]{2})\s?|FR[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){2}([0-9]{2})([a-zA-Z0-9]{2}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{1})([0-9]{2})\s?|GE[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{2})([0-9]{2}\s?)([0-9]{4}\s?){3}([0-9]{2})\s?|DE[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}([0-9]{2})\s?|GI[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([a-zA-Z0-9]{4}\s?){3}([a-zA-Z0-9]{3})\s?|GR[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){1}([0-9]{3})([a-zA-Z0-9]{1}\s?)([a-zA-Z0-9]{4}\s?){3}([a-zA-Z0-9]{3})\s?|GL[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){3}([0-9]{2})\s?|GT[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{4}\s?){1}([a-zA-Z0-9]{4}\s?){5}\s?|HU[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){6}\s?|IS[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}([0-9]{2})\s?|IE[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{4}\s?){1}([0-9]{4}\s?){3}([0-9]{2})\s?|IL[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}([0-9]{3})\s?|IT[a-zA-Z0-9]{2}\s?([a-zA-Z]{1})([0-9]{3}\s?)([0-9]{4}\s?){1}([0-9]{3})([a-zA-Z0-9]{1}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{3})\s?|JO[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([0-9]{4}\s?){5}([0-9]{2})\s?|KZ[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){3}([0-9]{1})([a-zA-Z0-9]{3}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{2})\s?|XK[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){1}([0-9]{4}\s?){2}([0-9]{2})([0-9]{2}\s?)\s?|KW[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([a-zA-Z0-9]{4}\s?){5}([a-zA-Z0-9]{2})\s?|LV[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([a-zA-Z0-9]{4}\s?){3}([a-zA-Z0-9]{1})\s?|LB[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){1}([a-zA-Z0-9]{4}\s?){5}\s?|LI[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){1}([0-9]{1})([a-zA-Z0-9]{3}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{1})\s?|LT[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}\s?|LU[a-zA-Z0-9]{2}\s?([0-9]{3})([a-zA-Z0-9]{1}\s?)([a-zA-Z0-9]{4}\s?){3}\s?|MK[a-zA-Z0-9]{2}\s?([0-9]{3})([a-zA-Z0-9]{1}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{1})([0-9]{2})\s?|MT[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([0-9]{4}\s?){1}([0-9]{1})([a-zA-Z0-9]{3}\s?)([a-zA-Z0-9]{4}\s?){3}([a-zA-Z0-9]{3})\s?|MR[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}([0-9]{3})\s?|MU[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([0-9]{4}\s?){4}([0-9]{3})([a-zA-Z]{1}\s?)([a-zA-Z]{2})\s?|MC[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){2}([0-9]{2})([a-zA-Z0-9]{2}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{1})([0-9]{2})\s?|MD[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{2})([a-zA-Z0-9]{2}\s?)([a-zA-Z0-9]{4}\s?){4}\s?|ME[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}([0-9]{2})\s?|NL[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([0-9]{4}\s?){2}([0-9]{2})\s?|NO[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){2}([0-9]{3})\s?|PK[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{4}\s?){1}([0-9]{4}\s?){4}\s?|PS[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{4}\s?){1}([0-9]{4}\s?){5}([0-9]{1})\s?|PL[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){6}\s?|PT[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}([0-9]{1})\s?|QA[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([a-zA-Z0-9]{4}\s?){5}([a-zA-Z0-9]{1})\s?|RO[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([a-zA-Z0-9]{4}\s?){4}\s?|SM[a-zA-Z0-9]{2}\s?([a-zA-Z]{1})([0-9]{3}\s?)([0-9]{4}\s?){1}([0-9]{3})([a-zA-Z0-9]{1}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{3})\s?|SA[a-zA-Z0-9]{2}\s?([0-9]{2})([a-zA-Z0-9]{2}\s?)([a-zA-Z0-9]{4}\s?){4}\s?|RS[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){4}([0-9]{2})\s?|SK[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}\s?|SI[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){3}([0-9]{3})\s?|ES[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}\s?|SE[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}\s?|CH[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){1}([0-9]{1})([a-zA-Z0-9]{3}\s?)([a-zA-Z0-9]{4}\s?){2}([a-zA-Z0-9]{1})\s?|TN[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){5}\s?|TR[a-zA-Z0-9]{2}\s?([0-9]{4}\s?){1}([0-9]{1})([a-zA-Z0-9]{3}\s?)([a-zA-Z0-9]{4}\s?){3}([a-zA-Z0-9]{2})\s?|AE[a-zA-Z0-9]{2}\s?([0-9]{3})([0-9]{1}\s?)([0-9]{4}\s?){3}([0-9]{3})\s?|GB[a-zA-Z0-9]{2}\s?([a-zA-Z]{4}\s?){1}([0-9]{4}\s?){3}([0-9]{2})\s?|VA[a-zA-Z0-9]{2}\s?([0-9]{3})([0-9]{1}\s?)([0-9]{4}\s?){3}([0-9]{2})\s?|VG[a-zA-Z0-9]{2}\s?([a-zA-Z0-9]{4}\s?){1}([0-9]{4}\s?){4}\s?)\b,[] +"x-ibm-client-id:abcdef123456a7890abcdefabcefdddababd,x-ibm-client-secret:abcdef1234567890abcdefabcdef1234567890abcdefababab",1,IBM API Connect Credentials,Client Credentials,"Identifies IBM API Connect credentials, which includes client ID and + client secret, used for authenticating API requests.","x-ibm-client-id['""\s:]*([a-f0-9\-]{36})['""\s,]*x-ibm-client-secret['""\s:]*([a-zA-Z0-9]{50})","['""x-ibm-client-id""', '""x-ibm-client-secret""', + '""ibm""']" +"ibm_cloud_api_key = ""abcdef1234567890abcdef1234567890abcdef1234""",1,IBM Cloud API Key,API Keys,"Detects an IBM Cloud API Key, typically used to access IBM Cloud + resources.","(?:IBM|IBM_PLATFORM_KEY|ibm|ibm_platform_key)(?:[^a-zA-Z0-9]{0,20})(?:['""]?)([-_A-Za-z0-9]{44})","['""ibm""', '""ibm_platform_key""']" +ico-b8xl5Cv1KJrpukt2eld5UPex7EMIrKnK,1,Infracost API Token,API Keys,"Detected an Infracost API Token, risking unauthorized access to cloud + cost estimation tools and financial data.","(?i)\b(ico-[a-zA-Z0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""ico-""']" +intercom=ndccr40815oikh4p1i5v2i_=q5ibmg6g1na_33xnrsyxzd2th6l9p53qh3zw,1,Intercom API Token,API Keys,"Identified an Intercom API Token, which could compromise customer + communication channels and data privacy.","(?i)(?:intercom)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{60})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""intercom""']" +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,1,Intra42 Client Secret,Client Credentials,"Found a Intra42 client secret, which could lead to unauthorized access to + the 42School API and sensitive data.","(?i)\b(s-s4t2(?:ud|af)-[abcdef0123456789]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""intra""', '""s-s4t2ud-""', '""s-s4t2af-""']" +192.168.1.100,1,IPv4 Address,Other,ignore local ips,[,[] +2001:db8::ff00:42:8329,1,IPv6 Address,Other,'Found an IPv6 address.',"\b(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))\b",[] +"jfrog_api_key = ""jfrog-abcdef1234567890abcdef1234567890abcdef""",1,JFrog API Key,API Keys,"Found a JFrog API Key, posing a risk of unauthorized access to software + artifact repositories and build pipelines.","(?i)(?:jfrog|artifactory|bintray|xray)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{73})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""jfrog""', '""artifactory""', '""bintray""', + '""xray""']" +xray:luwhtb0pzi2e3en1xj7g38mvqckcwyl9u1x4v9ulwrmo1yufh37wc7fduq37f3z3,1,JFrog Identity Token,Access Tokens,"Discovered a JFrog Identity Token, potentially compromising access to + JFrog services and sensitive software artifacts.","(?i)(?:jfrog|artifactory|bintray|xray)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""jfrog""', '""artifactory""', '""bintray""', + '""xray""']" +eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxMjM0NTY3ODkwfQ.MG-5WZVFCuq8MK84Z-8uNwX5gQ76r1Y29ti2-b03QpI,1,JSON Web Token,Access Tokens,"Uncovered a JSON Web Token, which may lead to unauthorized access to web + applications and sensitive user data.","\b(ey[a-zA-Z0-9]{17,}\.ey[a-zA-Z0-9\/\\_-]{17,}\.(?:[a-zA-Z0-9\/\\_-]{10,}={0,2})?)(?:['|\""|\n|\r|\s|\x60|;]|$)","['""ey""']" +ZXlKaGJHY2lPaUo2SWpJd01UQXdOekF4T1dKaFkyVmtZbmt6Y3pveWVrVmpkMlFnS1h5VXpPclZ5MzFBdjBLcnltS1E1OGg6OTl4NFNMbE5TeFBCWmlfR1lGNVU0bHoK,1,Base64-encoded JSON Web Token,Access Tokens,"Detected a Base64-encoded JSON Web Token, posing a risk of exposing + encoded authentication and data exchange information.","\bZXlK(?:(?PaGJHY2lPaU)|(?PaGNIVWlPaU)|(?PaGNIWWlPaU)|(?PaGRXUWlPaU)|(?PaU5qUWlP)|(?PamNtbDBJanBi)|(?PamRIa2lPaU)|(?PbGNHc2lPbn)|(?PbGJtTWlPaU)|(?PcWEzVWlPaU)|(?PcWQyc2lPb)|(?PcGMzTWlPaU)|(?PcGRpSTZJ)|(?PcmFXUWlP)|(?PclpYbGZiM0J6SWpwY)|(?PcmRIa2lPaUp)|(?PdWIyNWpaU0k2)|(?Pd01tTWlP)|(?Pd01uTWlPaU)|(?Pd2NIUWlPaU)|(?PemRXSWlPaU)|(?PemRuUWlP)|(?PMFlXY2lPaU)|(?PMGVYQWlPaUp)|(?PMWNtd2l)|(?PMWMyVWlPaUp)|(?PMlpYSWlPaU)|(?PMlpYSnphVzl1SWpv)|(?PNElqb2)|(?PNE5XTWlP)|(?PNE5YUWlPaU)|(?PNE5YUWpVekkxTmlJNkl)|(?PNE5YVWlPaU)|(?PNmFYQWlPaU))[a-zA-Z0-9\/\\_+\-\r\n]{40,}={0,2}","['""zxlk""']" +kraken:h2lssld68qcsduk=simd8=rzx3ljyb2al1ot3y2ngfd9hxm5berp2zunow59dygpqaz7hzp_t9=wk-17215=i,1,Kraken Access Token,Access Tokens,"Identified a Kraken Access Token, potentially compromising cryptocurrency + trading accounts and financial security.","(?i)(?:kraken)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9\/=_\+\-]{80,90})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""kraken""']" +"kucoin_access_token = ""6c42b9f9-58b5-40ff-9633-e6f6ed92d4a3""",1,Kucoin Access Token,Access Tokens,"Found a Kucoin Access Token, risking unauthorized access to + cryptocurrency exchange services and transactions.","(?i)(?:kucoin)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{24})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""kucoin""']" +"kucoin = ""123e4567-e89b-12d3-a456-426614174000""",1,Kucoin Secret Key,API Keys,"Discovered a Kucoin Secret Key, which could lead to compromised + cryptocurrency operations and financial data breaches.","(?i)(?:kucoin)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""kucoin""']" +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,1,Langchain API Key,API Keys,"Detected a Langchain API key, potentially allowing unauthorized access to + Langchain services.",(lsv2_sk_[a-f0-9]{32}_[a-f0-9]{10}|ls__[a-f0-9]{32}),"['""lsv2_sk_""', '""ls__""', '""langchain""']" +launchdarkly:abc123_def456ghi789jkl0mnopqrs_tuvwxzyza,1,Launchdarkly Access Token,Access Tokens,"Uncovered a Launchdarkly Access Token, potentially compromising feature + flag management and application functionality.","(?i)(?:launchdarkly)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""launchdarkly""']" +lin_api_abc123def456ghijkl789mnopqrstu0123456789,1,Linear API Token,API Keys,"Detected a Linear API Token, posing a risk to project management tools + and sensitive task data.",lin_api_(?i)[a-z0-9]{40},"['""lin_api_""']" +"linear = ""123e4567e89b12d3a456426614174000""",1,Linear Client Secret,Client Credentials,"Identified a Linear Client Secret, which may compromise secure + integrations and sensitive project management data.","(?i)(?:linear)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""linear""']" +"linkedin_client_id = ""77szrk6qkznxkl""",1,LinkedIn Client ID,Client Credentials,"Found a LinkedIn Client ID, risking unauthorized access to LinkedIn + integrations and professional data exposure.","(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""linkedin""', '""linked-in""']" +linkedin=m7jyxo7qmvl1fy0g,1,LinkedIn Client secret,Client Credentials,"Discovered a LinkedIn Client secret, potentially compromising LinkedIn + application integrations and user data.","(?i)(?:linkedin|linked-in)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""linkedin""', '""linked-in""']" +"lob_api_key = ""lob_api_abcdef1234567890abcdef1234567890abcdef""",1,Lob API Key,API Keys,"Uncovered a Lob API Key, which could lead to unauthorized access to + mailing and address verification services.","(?i)(?:lob)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}((live|test)_[a-f0-9]{35})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""test_""', '""live_""']" +lob:live_pub_ba5b295d68e7751882248b457840176,1,Lob Publishable API Key,API Keys,"Detected a Lob Publishable API Key, posing a risk of exposing mail and + print service integrations.","(?i)(?:lob)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}((test|live)_pub_[a-f0-9]{31})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""test_pub""', '""live_pub""', '""_pub""']" +00:1A:2B:3C:4D:5E,1,MAC Address,Other,Found a MAC address.,((?:\b[0-9A-Fa-f]{2}[:-]){5}(?:[0-9A-Fa-f]{2}\b)),[] +"mailchimp_api_key = ""abcdef1234567890abcdef1234567890abcdef""",1,Mailchimp API key,API Keys,"Identified a Mailchimp API key, potentially compromising email marketing + campaigns and subscriber data.","(?i)(?:MailchimpSDK.initialize|mailchimp)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{32}-us\d\d)(?:['|\""|\n|\r|\s|\x60|;]|$)","['""mailchimp""']" +"mailgun = ""key-a1b2c3d4e5f67890abcdef1234567890""",1,Mailgun private API token,API Keys,"Found a Mailgun private API token, risking unauthorized email service + operations and data breaches.","(?i)(?:mailgun)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(key-[a-f0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""mailgun""']" +"mailgun = ""pubkey-a1b2c3d4e5f67890abcdef1234567890""",1,Mailgun public validation key,Encryption Keys,"Discovered a Mailgun public validation key, which could expose email + verification processes and associated data.","(?i)(?:mailgun)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(pubkey-[a-f0-9]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""mailgun""']" +"mailgun_webhook = ""a1b2c3d4e5f67890abcdef1234567890-a1b2c3d4-a1b2c3d4""",1,Mailgun webhook signing key,Encryption Keys,"Uncovered a Mailgun webhook signing key, potentially compromising email + automation and data integrity.","(?i)(?:mailgun)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-h0-9]{32}-[a-h0-9]{8}-[a-h0-9]{8})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""mailgun""']" +"mapbox_token = ""pk.a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef123456.abcdef1234567890abcdef""",1,MapBox API token,API Keys,"Detected a MapBox API token, posing a risk to geospatial services and + sensitive location data exposure.","(?i)(?:mapbox)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(pk\.[a-z0-9]{60}\.[a-z0-9]{22})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""mapbox""']" +mattermost=dz7o9cjizciygedbx24mrjv78l,1,Mattermost Access Token,Access Tokens,"Identified a Mattermost Access Token, which may compromise team + communication channels and data privacy.","(?i)(?:mattermost)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{26})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""mattermost""']" +message_bird=69zsufzltb7yjtfqg7gm0ya1m,1,MessageBird API token,API Keys,"Found a MessageBird API token, risking unauthorized access to + communication platforms and message data.","(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""messagebird""', '""message-bird""', + '""message_bird""']" +messagebird_123e4567-e89b-12d3-a456-426614174000,1,MessageBird client ID,Client Credentials,"Discovered a MessageBird client ID, potentially compromising API + integrations and sensitive communication data.","(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""messagebird""', '""message-bird""', + '""message_bird""']" +https://abc123.webhook.office.com/webhookb2/12345678-1234-1234-1234-123456789011@87654321-4321-4321-4321-210987654321/IncomingWebhook/abcdef1234567890abcdef1234567890/13572468-2468-4682-6824-246813579246,1,Microsoft Teams Webhook,Other,"Uncovered a Microsoft Teams Webhook, which could lead to unauthorized + access to team collaboration tools and data leaks.",https:\/\/[a-z0-9]+\.webhook\.office\.com\/webhookb2\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}@[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12}\/IncomingWebhook\/[a-z0-9]{32}\/[a-z0-9]{8}-([a-z0-9]{4}-){3}[a-z0-9]{12},"['""webhook.office.com""', '""webhookb2""', + '""incomingwebhook""']" +https://abc123.webhook.office.com/webhookb2/12345678-1234-1234-1234-123456789012@87654321-4321-4321-4321-210987654321/IncomingWebhook/abcdef1234567890abcdef1234567890/13572468-2468-4682-6824-246813579246,1,Microsoft Teams Webhook 2,Other,"Uncovered a Microsoft Teams Webhook, which could lead to unauthorized + access to team collaboration tools and data leaks.",https:\/\/[a-zA-Z0-9-]+\.webhook\.office\.com\/webhookb2\/([a-f0-9\-]{36})@([a-f0-9\-]{36})\/[A-Za-z]+\/([a-f0-9]{32})\/([a-f0-9\-]{36}),"['""webhook.office.com""', '""webhookb2""', + '""incomingwebhook""']" +"netlify_access_token = ""1234567890abcdef1234567890abcdef12345678""",1,Netlify Access Token,Access Tokens,"Detected a Netlify Access Token, potentially compromising web hosting + services and site management.","(?i)(?:netlify)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{40,46})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""netlify""']" +new_relic:NRJS-c586b7f75eb9ff44d38,1,New Relic ingest browser API token,API Keys,"Identified a New Relic ingest browser API token, risking unauthorized + access to application performance data and analytics.","(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(NRJS-[a-f0-9]{19})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""nrjs-""']" +"newrelic:""NRII-k8gfs4cochkewpus2ek5t34c7eu-pzoi""",1,New Relic insight insert key,API Keys,"Discovered a New Relic insight insert key, compromising data injection + into the platform.","(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(NRII-[a-z0-9-]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""nrii-""']" +"newrelic = ""a1b2c3d4e5f678901234567890abcdef1234567890abcdef1234567890abcdef""",1,New Relic user API ID,Client Credentials,"Found a New Relic user API ID, posing a risk to application monitoring + services and data integrity.","(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""new-relic""', '""newrelic""', + '""new_relic""']" +"newrelic-api-key: ""NRAK-odlbof8bopp6hc6jmyrezw1xybc""",1,New Relic user API Key,API Keys,"Discovered a New Relic user API Key, which could lead to compromised + application insights and performance monitoring.","(?i)(?:new-relic|newrelic|new_relic)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(NRAK-[a-z0-9]{27})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""nrak""']" +//registry.npmjs.org/:_authToken=123e4567-e89b-12d3-a456-426614174000,1,npm access token,Access Tokens,"Uncovered an npm access token, potentially compromising package + management and code repository access.","(?i)\b(npm_[a-z0-9]{36})(?:['|\""|\n|\r|\s|\x60|;]|$)|(?i)(?:\/\/registry\.npmjs\.org\/:_authToken=([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}))","['""npm""']" +newyorktimess:xqHqeyn6mzfnDwqFDws5gqp42kF2f91e,1,Nytimes Access Token,Access Tokens,"Detected a Nytimes Access Token, risking unauthorized access to New York + Times APIs and content services.","(?i)(?:nytimes|new-york-times,|newyorktimes)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""nytimes""', '""new-york-times""', + '""newyorktimes""']" +"oauth.appSecret = ""12345abcdXYZ""",1,OAuth Secret,Client Credentials,Found an OAuth secret.,(?i)(?:oauth.appSecret[ \\t]*[:=][ \\t]*([^\\s]+)),"['""oauth""']" +okta=0aa_hkisbyfzmsx_x-4w6xyd7tjx06yr0_hdtz_ett,1,Okta Access Token,Access Tokens,"Identified an Okta Access Token, which may compromise identity management + services and user authentication data.","(?i)(?:okta)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9=_\-]{42})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""okta""']" +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,1,OpenAI API Key,API Keys,"Found an OpenAI API Key, posing a risk of unauthorized access to AI + services and data manipulation.","(?i)\b(sk-[a-zA-Z0-9]{20}T3BlbkFJ[a-zA-Z0-9]{20})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""t3blbkfj""']" +sk-proj-O4eL9J75YsEsDClhHu9dT3BlbkFJY5aVdnHvtv7iFVgZul2P,1,OpenAI Project API Key,API Keys,"Detected an OpenAI Project API key, which could allow unauthorized access + to OpenAI project resources.",sk-proj-[a-zA-Z0-9]{20}T3BlbkFJ[a-zA-Z0-9]{20},"['""openai""', '""project""']" +"openai_service_account_api_key = ""sk-abcdef1234567890abcdef1234567890abcdef""",1,OpenAI Service Account API Key,API Keys,"Detected an OpenAI service account API key, which could allow + unauthorized access to OpenAI services.",sk-[a-z0-9-]+-account-[a-zA-Z0-9]{20}T3BlbkFJ[a-zA-Z0-9]{20},"['""openai""', '""service-account""']" +"openshift_user_token = ""sha256~abcdef1234567890abcdef1234567890abcdefababa""",1,OpenShift User Token,Access Tokens,"Found an OpenShift user token, potentially compromising an + OpenShift/Kubernetes cluster.",\b(sha256~[\w-]{43})(?:[^\w-]|\z),"['""sha256~""']" +https://outlook.office.com/webhook/18072209254ea56ac-48e-8-4b-97c63feb0@f95294a1824168d427948-cfd6588a880530/mDIwRdgySXKUwQnyGllUMumNnkqTHlKdpZ/a1b97e14037f69bee0f34657fa2eb43e/26ef2fa6b9475b67f97d0c2fd138416fa3b9,1,Outlook Teams Webhook,Other,"Detected a Microsoft Teams Webhook, potentially allowing unauthorized + access to Teams channels, leading to data leaks and security risks.",https:\/\/outlook\.office(365)?\.com\/webhook\/([a-f0-9\-]{36})@([a-f0-9\-]{36})\/[A-Za-z]+\/([a-f0-9]{32})\/([a-f0-9\-]{36}),"['""webhook""', '""outlook""']" +pinecone=6e38bcb0-c7f6-4ad3-95da-3eae598d7239,1,Pinecone API Key,API Keys,"Detected a Pinecone API Key, which could grant unauthorized access to the + Pinecone vector database, potentially exposing or compromising data.","(?i)(?:pinecone)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89ab][a-f0-9]{3}-[a-f0-9]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""pinecone""']" +plaid=access-development-3a1e0168-12fa-c52d-24ba-18db598f8a00,1,Plaid API Token,API Keys,"Discovered a Plaid API Token, potentially compromising financial data + aggregation and banking services.","(?i)(?:plaid)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(access-(?:sandbox|development|production)-[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""plaid""']" +plaid:=rud3kbi2ht1i883qq5k78hng,1,Plaid Client ID,Client Credentials,"Uncovered a Plaid Client ID, which could lead to unauthorized financial + service integrations and data breaches.","(?i)(?:plaid)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""plaid""']" +plaid=lase18kvdv4r0ugnlb53lph3awd28p,1,Plaid Secret key,Client Credentials,"Detected a Plaid Secret key, risking unauthorized access to financial + accounts and sensitive transaction data.","(?i)(?:plaid)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""plaid""']" +pscale_tkn_xyz987uvw654rst321opq098mno765lkj432ihg210fedcbaZYX_WVU.TSR,1,PlanetScale API token,API Keys,"Identified a PlanetScale API token, potentially compromising database + management and operations.","(?i)\b(pscale_tkn_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""pscale_tkn_""']" +pscale_oauth_123abc456def789ghi012jkl345mno678pqr901stu234vwx567yzA_BCD.EFG ,1,PlanetScale OAuth token,Access Tokens,"Found a PlanetScale OAuth token, posing a risk to database access control + and sensitive data integrity.","(?i)\b(pscale_oauth_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""pscale_oauth_""']" +pscale_pw_abc123def456ghi789jkl012mno345pqr678stu901vwx234yzA=BC_DEF.GHI ,1,PlanetScale password,Other,"Discovered a PlanetScale password, which could lead to unauthorized + database operations and data breaches.","(?i)\b(pscale_pw_(?i)[a-z0-9=\-_\.]{32,64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""pscale_pw_""']" +PMAK-123abc456def7890abcdef12-123abc456def7890abcdef12ababababcb,1,Postman API token,API Keys,"Uncovered a Postman API token, potentially compromising API testing and + development workflows.","(?i)\b(PMAK-(?i)[a-f0-9]{24}\-[a-f0-9]{34})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""pmak-""']" +pnu_jg75pqw7zvi7ao7ddadvt4hn059g31b0utf8 ,1,Prefect API token,API Keys,"Detected a Prefect API token, risking unauthorized access to workflow + management and automation services.","(?i)\b(pnu_[a-z0-9]{36})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""pnu_""']" +"`-----BEGIN PRIVATE KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Qf+3ZT+1NKYZll8Uk5z +tfs7P7qkq8qoy77XyyZP1yIuKPbf1mwhEd5Cz3J8BzHW1Fbs5T1cwT4abXr7KZWL +lA1HJ7jO8qtMj5u6cQF+Y1aJ7T8yDmyCdf4cSMosdoYmD3LOOQmnHUbzF6pHJHi0 +LrRVZOkQbgnq6iId+1B5AKYoH2BqaJkjLRNwH4OdvLaXe6Ta3EjR77fqenBZ3g +g/RwAONuF5P1cJq7zv+mLtWZbSkE0tLpu79lhpOgAW5HVhJeLv28kXXx0xSHvkHf +I2pHEj5aH0jlkCjXTG1n2fxf8pHDO6ZcrKPHs8FZg5u2tn7vhplw2tFjFqgZni2+ +4wIDAQAB +-----END PRIVATE KEY-----",1,Private Key,Encryption Keys,"Identified a Private Key, which may compromise cryptographic security and + sensitive data encryption.","(?i)-----BEGIN[ A-Z0-9_-]{0,100}PRIVATE KEY(?: BLOCK)?-----[\s\S-]*KEY(?: + BLOCK)?----","['""-----begin""', '""BEGIN RSA PRIVATE KEY""', + '""BEGIN DSA PRIVATE KEY""', '""BEGIN EC PRIVATE KEY""', + '""BEGIN PGP PRIVATE KEY""']" +pul-afc80e554d338d2e0fe263c0d0f72bafd681fe64,1,Pulumi API token,API Keys,"Found a Pulumi API token, posing a risk to infrastructure as code + services and cloud resource management.","(?i)\b(pul-[a-f0-9]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""pul-""']" +pypi-AgEIcHlwaS5vcmcTC00CJ2z5FQ0OhcaeVRBoKFeJJPp4mvjorT6bWnLZbTSbwB4LM,1,PyPI upload token,API Keys,"Discovered a PyPI upload token, potentially compromising Python package + distribution and repository integrity.","pypi-AgEIcHlwaS5vcmc[A-Za-z0-9\-_]{50,1000}","['""pypi-ageichlwas5vcmc""']" +rapidapi=bfhr7a4-i96q2-8incoc433831it8l1j0yq3t5w-a2y48h0l8a,1,RapidAPI Access Token,Access Tokens,"Uncovered a RapidAPI Access Token, which could lead to unauthorized + access to various APIs and data services.","(?i)(?:rapidapi)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""rapidapi""']" +rdme_ff97lgmfry2bbiezajo6wjvu6eikpgzpefta16yt8wcx8ohmq2zkwgucl06q17ts0uvapt,1,Readme API token,API Keys,"Detected a Readme API token, risking unauthorized documentation + management and content exposure.","(?i)\b(rdme_[a-z0-9]{70})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""rdme_""']" +"rubygems_363277bed10c385574f8335ccff0b35a296ca88ce010417f ",1,Rubygem API token,API Keys,"Identified a Rubygem API token, potentially compromising Ruby library + distribution and package management.","(?i)\b(rubygems_[a-f0-9]{48})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""rubygems_""']" +tk-us-4ER_T5L963CUTEDYIPXNlEtPkSnjU9ewci-cdlrfBeMseFve,1,Scalingo API token,API Keys,"Found a Scalingo API token, posing a risk to cloud platform services and + application deployment security.","\b(tk-us-[a-zA-Z0-9-_]{48})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""tk-us-""']" +"sendbird = ""12345678-abcd-1234-abcd-123456abcdef""",1,Sendbird Access ID,Client Credentials,"Discovered a Sendbird Access ID, which could compromise chat and + messaging platform integrations.","(?i)(?:sendbird)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sendbird""']" +"sendbird = ""a1b2c3d4e5f678901234567890abcdef12345678""",1,Sendbird Access Token,Access Tokens,"Uncovered a Sendbird Access Token, potentially risking unauthorized + access to communication services and user data.","(?i)(?:sendbird)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sendbird""']" +SG.abcd1234efghijklmnopqrstuvwxyz1234567890abcd1234efghijklmnopqrabab,1,SendGrid API token,API Keys,"Detected a SendGrid API token, posing a risk of unauthorized email + service operations and data exposure.","(?i)\b(SG\.(?i)[a-z0-9=_\-\.]{66})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sg.""']" +xkeysib-abcdef1234567890abcdef1234567890abcdef1234567890abcdaaef12345678-abcd1234abcd1234,1,Sendinblue API token,API Keys,"Identified a Sendinblue API token, which may compromise email marketing + services and subscriber data privacy.","(?i)\b(xkeysib-[a-f0-9]{64}\-(?i)[a-z0-9]{16})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""xkeysib-""']" +"sentry = ""a1b2c3d4e5f678901234567890abcdef1234567890abcdef1234567890abcdef""",1,Sentry Access Token,Access Tokens,"Found a Sentry Access Token, risking unauthorized access to error + tracking services and sensitive application data.","(?i)(?:sentry)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sentry""']" +shippo_live_abcdef1234567890abcdef1234567890abcdef12,1,Shippo API token,API Keys,"Discovered a Shippo API token, potentially compromising shipping services + and customer order data.","(?i)\b(shippo_(live|test)_[a-f0-9]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""shippo_""']" +shpat_a1b2c3d4e5f67890abcdef1234567890,1,Shopify access token,Access Tokens,"Uncovered a Shopify access token, which could lead to unauthorized + e-commerce platform access and data breaches.",shpat_[a-fA-F0-9]{32},"['""shpat_""']" +shpca_a1b2c3d4e5f67890abcdef1234567890,1,Shopify custom access token,Access Tokens,"Detected a Shopify custom access token, potentially compromising custom + app integrations and e-commerce data security.",shpca_[a-fA-F0-9]{32},"['""shpca_""']" +shppa_a1b2c3d4e5f67890abcdef1234567890,1,Shopify private app access token,Access Tokens,"Identified a Shopify private app access token, risking unauthorized + access to private app data and store operations.",shppa_[a-fA-F0-9]{32},"['""shppa_""']" +shpss_a1b2c3d4e5f67890abcdef1234567890,1,Shopify shared secret,Client Credentials,"Found a Shopify shared secret, posing a risk to application + authentication and e-commerce platform security.",shpss_[a-fA-F0-9]{32},"['""shpss_""']" +BUNDLE_GEMS__CONTRIBSYS__COMe2i=>'8f4df544:414d5f8c,1,Sidekiq Secret,Other,"Discovered a Sidekiq Secret, which could lead to compromised background + job processing and application data breaches.","(?i)(?:BUNDLE_ENTERPRISE__CONTRIBSYS__COM|BUNDLE_GEMS__CONTRIBSYS__COM)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-f0-9]{8}:[a-f0-9]{8})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""bundle_enterprise__contribsys__com""', + '""bundle_gems__contribsys__com""']" +https://d4b52b2a:d245d68c@gemsXcontribsysucom,1,Sidekiq Sensitive URL,Other,"Uncovered a Sidekiq Sensitive URL, potentially exposing internal job + queues and sensitive operation details.",(?i)\b(http(?:s??):\/\/)([a-f0-9]{8}:[a-f0-9]{8})@(?:gems.contribsys.com|enterprise.contribsys.com)(?:[\/|\#|\?|:]|$),"['""gems.contribsys.com""', + '""enterprise.contribsys.com""']" +xoxa-123456789012-abcdef1234567890abcdef,1,Slack App-level token,Access Tokens,"Detected a Slack App-level token, risking unauthorized access to Slack + applications and workspace data.",(?i)xapp-\d-[A-Z0-9]+-\d+-[a-z0-9]+,"['""xapp""']" +xoxb-123456789012-abcdef1234567890abcdef,1,Slack Bot token,Access Tokens,"Identified a Slack Bot token, which may compromise bot integrations and + communication channel security.","(xoxb-[0-9]{10,13}\-[0-9]{10,13}[a-zA-Z0-9-]*)","['""xoxb""']" +xoxp-123456789012-abcdef1234567890abcdef,1,Slack Configuration access token,Access Tokens,"Found a Slack Configuration access token, posing a risk to workspace + configuration and sensitive data access.","(?i)xoxe.xox[bp]-\d-[A-Z0-9]{163,166}","['""xoxe.xoxb-""', '""xoxe.xoxp-""']" +xoxr-abcdef1234567890abcdef1234567890abcdef,1,Slack Configuration refresh token,Access Tokens,"Discovered a Slack Configuration refresh token, potentially allowing + prolonged unauthorized access to configuration settings.",(?i)xoxe-\d-[A-Z0-9]{146},"['""xoxe-""']" +xoxb-legacy-123456789012-abcdef1234567890abcdef,1,Slack Legacy bot token,Access Tokens,"Uncovered a Slack Legacy bot token, which could lead to compromised + legacy bot operations and data exposure.","(xoxb-[0-9]{8,14}\-[a-zA-Z0-9]{18,26})","['""xoxb""']" +xoxp-legacy-123456789012-abcdef1234567890abcdef,1,Slack Legacy token,Access Tokens,"Detected a Slack Legacy token, risking unauthorized access to older Slack + integrations and user data.",(xox[os]-\d+-\d+-\d+-[a-zA-Z\d]+),"['""xoxo""', '""xoxs""']" +xoxr-1234-abcdefgHijkLmNopQrstuvwxyZ12345678,1,Slack Legacy Workspace token,Access Tokens,"Identified a Slack Legacy Workspace token, potentially compromising + access to workspace data and legacy features.","(xox[ar]-(?:\d-)?[0-9a-zA-Z\-]{8,48})","['""xoxa""', '""xoxr""']" +xoxp-1234567890-9876543210-1234567890-abCdEfGhIjKlMnOpQrStUvWxYz12345,1,Slack User token,Access Tokens,"Found a Slack User token, posing a risk of unauthorized user + impersonation and data access within Slack workspaces.","xox[pe](?:-[0-9]{10,13}){3}-[a-zA-Z0-9-]{28,34}","['""xoxp-""', '""xoxe-""']" +https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX,1,Slack Webhook,Other,"Discovered a Slack Webhook, which could lead to unauthorized message + posting and data leakage in Slack channels.","(https?:\/\/)?hooks.slack.com\/(services|workflows)\/[A-Za-z0-9+\/]{43,46}","['""hooks.slack.com""']" +snowflakeabc123://username:password@account.snowflakecomputing.com/database_name,1,Snowflake Credentials,Other,"Detected Snowflake credentials in a connection URI, which may expose + database login information and pose security risks.","snowflake[a-z0-9.+-]{0,8}:\/\/([a-zA-Z0-9._%+-]+):([a-zA-Z0-9.!@%*&+-]+)@([a-z0-9.-]+)(\.snowflakecomputing\.com)?\/([a-zA-Z0-9_-]+)","['""connection""', '""snowflake""', '""uri""']" +"snyk_token = ""123e4567-e89b-12d3-a456-426614174000""",1,Snyk API token,API Keys,"Uncovered a Snyk API token, potentially compromising software + vulnerability scanning and code security.","(?i)(?:snyk_token|snyk_key|snyk_api_token|snyk_api_key|snyk_oauth_token)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""snyk_token""', '""snyk_key""', + '""snyk_api_token""', '""snyk_api_key""', + '""snyk_oauth_token""']" +mysql://user:password@localhost,1,SQL Password,Other,Found an SQL password.,"(?i)(?:mysql|oracle|odbc|jdbc|postgresql|mongodb|mongo|couchbase):\/\/\w{3,}:(\w{3,})(?:@[^\/]{3,})","['""sql""', '""db""', '""oracle""', + '""mongo""', '""couchbase""', '""database""']" +"square_access_token = ""EAAA1234abcdEFghIJKLmnopqRstUvWxYz12345""",1,Square Access Token,Access Tokens,"Detected a Square Access Token, risking unauthorized payment processing + and financial transaction exposure.","(?i)\b((EAAA|sq0atp-)[0-9A-Za-z\-_]{22,60})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sq0atp-""', '""eaaa""']" +"squarespace = ""123e4567-e89b-12d3-a456-426614174000""",1,Squarespace Access Token,Access Tokens,"Identified a Squarespace Access Token, which may compromise website + management and content control on Squarespace.","(?i)(?:squarespace)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""squarespace""']" +123-45-6789,1,Social Security Number,Other,Found a Social Security Number.,\b([0-9]{3})[- .]([0-9]{2})[- .]([0-9]{4})\b,"['""social""', '""security""', '""ssn""', + '""ssns""', '""ssn#""', '""ss#""', + '""ssid""']" +sk_test_abcdef1234567890abcdef12345678,1,Stripe Access Token,Access Tokens,"Found a Stripe Access Token, posing a risk to payment processing services + and sensitive financial data.","(?i)\b((sk|rk)_(test|live|prod)_[0-9a-z]{10,99})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sk_test""', '""sk_live""', '""sk_prod""', + '""rk_test""', '""rk_live""', '""rk_prod""']" +sumo-abcdef1234567890abcdef1234567890,1,SumoLogic Access ID,Client Credentials,"Discovered a SumoLogic Access ID, potentially compromising log management + services and data analytics integrity.",[,"['""sumo""']" +"sumo_api_key = ""abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890""",1,SumoLogic Access Token,Access Tokens,"Uncovered a SumoLogic Access Token, which could lead to unauthorized + access to log data and analytics insights.","(?i)(?:sumo)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""sumo""']" +"telegram_bot_token = ""123456:Aabcdef1234567890abcdef1234567890ab""",1,Telegram Bot API Token,API Keys,"Detected a Telegram Bot API Token, risking unauthorized bot operations + and message interception on Telegram.","(?i:telegr(?:[0-9a-z\(-_\t + .\\]{0,40})(?:[\s|']|[\s|""]){0,3})(?:=|\|\|:|<=|=>|:|\?=|\()(?:'|\""|\s|=|\x60){0,5}([0-9]{5,16}:A[a-z0-9_\-]{34})(?:['|\""|\n|\r|\s|\x60|;|\\]|$)","['""telegr""']" +travis:zaxw4eag0ntur1m1dbjj5e,1,Travis CI Access Token,Access Tokens,"Identified a Travis CI Access Token, potentially compromising continuous + integration services and codebase security.","(?i)(?:travis)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{22})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""travis""']" +SK76e7de05FB2c61D2e76Ccf6E6F074ECa,1,Twilio API Key,API Keys,"Found a Twilio API Key, posing a risk to communication services and + sensitive customer interaction data.",SK[0-9a-fA-F]{32},"['""twilio""']" +twitch:g2obtnwovxh8blwns6reab2wzxdt5o,1,Twitch API token,API Keys,"Discovered a Twitch API token, which could compromise streaming services + and account integrations.","(?i)(?:twitch)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""twitch""']" +"twitter_access_sec = ""abcdefghijklmnopqrstuvwxyz1234567890abcde""",1,Twitter Access Secret,Access Tokens,"Uncovered a Twitter Access Secret, potentially risking unauthorized + Twitter integrations and data breaches.","(?i)(?:twitter)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{45})(?:['|\""|\n|\r|\s|\x60|;]|$)|(?i)(twitter.{0,55}['""'""'""][a-zA-Z0-9]{35,44}['""'""'""])","['""twitter""']" +"twitter_token = ""123456789012345-abCdEFgHIjKLMNOPQRST1234567890""",1,Twitter Access Token,Access Tokens,"Detected a Twitter Access Token, posing a risk of unauthorized account + operations and social media data exposure.","(?i)(?:twitter)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([0-9]{15,25}-[a-zA-Z0-9]{20,40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""twitter""']" +"twitter_key = ""abcdefghij1234567890klmno""",1,Twitter API Key,API Keys,"Identified a Twitter API Key, which may compromise Twitter application + integrations and user data security.","(?i)(?:twitter)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""twitter""']" +"twitter_api_secret = ""abcdefghijklmnopqrstuvwxyz1234567890abcdefghi""",1,Twitter API Secret,Client Credentials,"Found a Twitter API Secret, risking the security of Twitter app + integrations and sensitive data access.","(?i)(?:twitter)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{50})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""twitter""']" +twitter:AAAAAAAAAAAAAAAAAAAAAAIT17ezQWCpCr0RJEanA0tmyTA6dq6jomSQ99TC5MyLOIydiJG8Q671%gjEsbyYTH3k1VyN5n9WS29ZLZa05oGXdLS9K%1k,1,Twitter Bearer Token,Access Tokens,"Discovered a Twitter Bearer Token, potentially compromising API access + and data retrieval from Twitter.","(?i)(?:twitter)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(A{22}[a-zA-Z0-9%]{80,100})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""twitter""']" +typeform:tfp_gwtxb1zqj_jhalzlk2tdw913u-yp40ek6xdh7alyyqgxr2e.1ayxt-vfv_c,1,Typeform API token,API Keys,"Uncovered a Typeform API token, which could lead to unauthorized survey + management and data collection.","(?i)(?:typeform)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(tfp_[a-z0-9\-_\.=]{59})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""tfp_""']" +4111 1111 1111 1111,1,Credit Card Number,Other,Found a possible credit card number.,\b((1\d{3})|(2((20[1-5])|(22[1-9])|(2[3-9]\d{1})|([3-6]\d{2})|(7[01]\d{1})|(720)))|(3\d{3})|(4\d{3})|(5[0-8]\d{2})|(6\d{3})|(8[12]\d{2}))[-,"['""credit""', '""visa""', '""mastercard""', + '""amex""', '""discover""', '""jcb""', + '""diners""', '""maestro""', '""instapayment""', + '""payment""']" +hvb.testtesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttest,1,Vault Batch Token,Access Tokens,"Detected a Vault Batch Token, risking unauthorized access to secret + management services and sensitive data.","(?i)\b(hvb\.[a-z0-9_-]{138,212})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""hvb""']" +s.vmczkj78h8pz1z0pblk7uowo,1,Vault Service Token,Access Tokens,"Identified a Vault Service Token, potentially compromising infrastructure + security and access to sensitive credentials.","\b((?:hvs\.[\w-]{90,120}|s\.(?i:[a-z0-9]{24})))(?:['|\""|\n|\r|\s|\x60|;]|$)","['""hvs""']" +yandex:t1.ES1EHBQIoV-_zIkfoP6tpH2WbleZ7SfCQ5sEG-fuqAeRsjVWzZkI6GggxiWdHGcE55RNd5X-qbr=.pGPTmKO7YYTKWKfgkwFrMVsojgJ6O7EDWRrt7y6D2ido8sarLi0CxA07y3HjjjoXGqsHQUIWS0grqwIw8xCB7E==,1,Yandex Access Token,Access Tokens,"Found a Yandex Access Token, posing a risk to Yandex service integrations + and user data privacy.","(?i)(?:yandex)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""yandex""']" +"yandex_api_key = ""AQVNabcdefghijABCDEFGHIJ1234567890_wXYZ""",1,Yandex API Key,API Keys,"Discovered a Yandex API Key, which could lead to unauthorized access to + Yandex services and data manipulation.","(?i)(?:yandex)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(AQVN[A-Za-z0-9_\-]{35,38})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""yandex""']" +yandex:YCQU2Hi6fezv1c1-_BcMApJQ6CM4KVASBxlHIEJz,1,Yandex AWS Access Token,Access Tokens,"Uncovered a Yandex AWS Access Token, potentially compromising cloud + resource access and data security on Yandex Cloud.","(?i)(?:yandex)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}(YC[a-zA-Z0-9_\-]{38})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""yandex""']" +"zendesk_token = ""abcdefghijklmnopqrstuvwxyz1234567890abcd""",1,Zendesk Secret Key,Client Credentials,"Detected a Zendesk Secret Key, risking unauthorized access to customer + support services and sensitive ticketing data.","(?i)(?:zendesk)(?:[0-9a-z\-_\t + .]{0,20})(?:[\s|']|[\s|""]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)(?:'|\""|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\""|\n|\r|\s|\x60|;]|$)","['""zendesk""']" \ No newline at end of file diff --git a/prompt-security-test-scripter/prompt-security-test-scripter.py b/prompt-security-test-scripter/prompt-security-test-scripter.py index e120078..5194042 100644 --- a/prompt-security-test-scripter/prompt-security-test-scripter.py +++ b/prompt-security-test-scripter/prompt-security-test-scripter.py @@ -50,7 +50,7 @@ def main(): with open(outputfile, 'w') as output_file: csvwriter = csv.writer(output_file, delimiter=",", quotechar='"', quoting=csv.QUOTE_MINIMAL) - csvwriter.writerow(['Expected Result','Expected Result (text)','Action','User Prompt','Modified Prompt','Violations','Sensitive Data Object']) + csvwriter.writerow(['Expected Result','Expected Result (text)','Action','User Prompt','Modified Prompt','Violations','Sensitive Data Object','Secret Detection Type']) if filename.lower().endswith('.csv'): with open(filename, "r", newline='') as infile: reader = csv.reader(infile) @@ -103,18 +103,21 @@ def convert_expected_result(expected_result): expected_result_text = "fail" else: expected_result_text = "pass" - return expected_result_text + return expected_result_text def process_prompt_results(appid, csvwriter, user_prompt, system_prompt, expected_result, expected_result_text, true_positive, true_negative, false_negative, false_positive): - ps_ret = ps_protect_api_async(appid, user_prompt, system_prompt, None, 'user@domain.com') + ps_ret = ps_protect_api_async(appid, user_prompt, system_prompt, None, 'test-script@prompt-security.com') print("user_prompt= " + user_prompt + "; action = " + ps_ret["result"]["prompt"]["action"] ) sensitive_data = "" modified_text = "" + secrets_category = "" if "Sensitive Data" in ps_ret["result"]["prompt"]["findings"]: sensitive_data = ps_ret["result"]["prompt"]["findings"]["Sensitive Data"] if "modified_text" in ps_ret["result"]["prompt"]: modified_text = ps_ret["result"]["prompt"]["modified_text"] - csvwriter.writerow([expected_result,expected_result_text,ps_ret['result']['prompt']['action'],user_prompt,modified_text,json.dumps(ps_ret['result']['prompt']['violations']),json.dumps(sensitive_data)]) + if "Secrets" in ps_ret["result"]["prompt"]["findings"]: + secrets_category = ps_ret["result"]["prompt"]["findings"].get("Secrets", [{}])[0].get("entity_type", None) + csvwriter.writerow([expected_result,expected_result_text,ps_ret['result']['prompt']['action'],user_prompt,modified_text,json.dumps(ps_ret['result']['prompt']['violations']),json.dumps(sensitive_data),secrets_category]) if ps_ret["result"]["prompt"]["action"] == "log": if expected_result_text == "pass": true_negative += 1 From d53235ea9e7df4023920219fa4b91bd0c21f6dc2 Mon Sep 17 00:00:00 2001 From: joshfalgout Date: Mon, 31 Mar 2025 15:09:11 -0500 Subject: [PATCH 2/3] add secret skipping --- .github/secret_scanning.yml | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .github/secret_scanning.yml diff --git a/.github/secret_scanning.yml b/.github/secret_scanning.yml new file mode 100644 index 0000000..3cf9cf4 --- /dev/null +++ b/.github/secret_scanning.yml @@ -0,0 +1,2 @@ +paths-ignore: + - "prompt-security-test-scripter/prompt-library/*" \ No newline at end of file From ce8a55a6adbf7d1dcb366c90b051a4b81db41dfb Mon Sep 17 00:00:00 2001 From: joshfalgout Date: Mon, 31 Mar 2025 15:11:19 -0500 Subject: [PATCH 3/3] edits --- .github/secret_scanning.yml | 2 +- prompt-security-test-scripter/Dockerfile | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 prompt-security-test-scripter/Dockerfile diff --git a/.github/secret_scanning.yml b/.github/secret_scanning.yml index 3cf9cf4..4b90433 100644 --- a/.github/secret_scanning.yml +++ b/.github/secret_scanning.yml @@ -1,2 +1,2 @@ paths-ignore: - - "prompt-security-test-scripter/prompt-library/*" \ No newline at end of file + - "prompt-security-test-scripter/prompt-library/**" \ No newline at end of file diff --git a/prompt-security-test-scripter/Dockerfile b/prompt-security-test-scripter/Dockerfile new file mode 100644 index 0000000..73530fb --- /dev/null +++ b/prompt-security-test-scripter/Dockerfile @@ -0,0 +1,6 @@ +FROM python:latest +RUN mkdir /req +ADD requirements.txt /req +WORKDIR /req +RUN pip install -r requirements.txt +WORKDIR /py