Thanks to visit codestin.com
Credit goes to github.com

Skip to content

enhance and linting secrets regexes #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 4, 2025
Merged

enhance and linting secrets regexes #5

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 51 additions & 39 deletions regex/secrets.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,39 +1,51 @@
AWS Access Key: `(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}`
AWS Secret Key: `(?i)aws(.{0,20})?(?-i)['\"][0-9a-zA-Z\/+]{40}['\"]`
AWS MWS Key: `amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}`
Amazon SNS topic: `arn:aws:sns:[a-z0-9\-]+:[0-9]+:[A-Za-z0-9\-_]+`
Facebook Secret Key: `(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]`
Facebook Client ID: `(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]`
Cloudinary Basic Auth: `cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+`
Firebase Database: `([a-z0-9.-]+\.firebaseio\.com|[a-z0-9.-]+\.firebaseapp\.com)`
Twitter Secret Key: `(?i)twitter(.{0,20})?[0-9a-z]{35,44}`
Twitter Client ID: `(?i)twitter(.{0,20})?[0-9a-z]{18,25}`
Github Personal Access Token: `ghp_[0-9a-zA-Z]{36}`
Github OAuth Access Token: `gho_[0-9a-zA-Z]{36}`
Github App Token: `(ghu|ghs)_[0-9a-zA-Z]{36}`
Github Refresh Token: `ghr_[0-9a-zA-Z]{76}`
LinkedIn Client ID: `(?i)linkedin(.{0,20})?(?-i)[0-9a-z]{12}`
LinkedIn Secret Key: `(?i)linkedin(.{0,20})?[0-9a-z]{16}`
Slack: `xox[baprs]-([0-9a-zA-Z]{10,48})?`
Asymmetric Private Key: `-----BEGIN ((EC|PGP|DSA|RSA|OPENSSH) )?PRIVATE KEY( BLOCK)?-----`
Google API key: `AIza[0-9A-Za-z\\-_]{35}`
Google (GCP) Service Account: `"type": "service_account"`
Heroku API key: `(?i)heroku(.{0,20})?[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}`
MailChimp API key: `[0-9a-f]{32}-us[0-9]{1,2}`
Mailgun API key: `key\-[0-9a-zA-Z]{32}`
Picatic API Key: `sk\_live\_[0-9a-z]{32}`
PayPal Braintree access token: `access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}`
SendGrid API Key: `SG\.[\w_]{16,32}\.[\w_]{16,64}`
Slack Webhook: `https\:\/\/hooks\.slack\.com\/services\/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8,12}/[a-zA-Z0-9_]{24}`
Stripe API key: `(?i)stripe(.{0,20})?[sr]k_live_[0-9a-zA-Z]{24}`
Square access token: `sq0atp\-[0-9A-Za-z\-_]{22}`
Square OAuth secret: `sq0csp\-[0-9A-Za-z\\-_]{43}`
Twilio API key: `(?i)twilio(.{0,20})?SK[0-9a-f]{32}`
Dynatrace token: `dt0[a-zA-Z]{1}[0-9]{2}\.[A-Z0-9]{24}\.[A-Z0-9]{64}`
Shopify shared secret: `shpss\_[a-fA-F0-9]{32}`
Shopify access token: `shpat\_[a-fA-F0-9]{32}`
Shopify custom app access token: `shpca\_[a-fA-F0-9]{32}`
Shopify private app access token: `shppa\_[a-fA-F0-9]{32}`
PyPI upload token: `pypi\-AgEIcHlwaS5vcmc[A-Za-z0-9-_]{50,1000}`
Bugsnag API Key: `(?i)(bs|bugsnag)(.{0,20})?[0-9a-f]{32}`
AWS cognito pool: `(us-east-1|us-east-2|us-west-1|us-west-2|sa-east-1):[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}`
# Secrets

- AWS Access Key: `(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}`
- AWS Secret Key: `(?i)aws(.{0,20})?(?-i)['\"][0-9a-zA-Z\/+]{40}['\"]`
- AWS MWS Key: `amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}`
- Amazon SNS topic: `arn:aws:sns:[a-z0-9\-]+:[0-9]+:[A-Za-z0-9\-_]+`
- Facebook Secret Key: `(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]`
- Facebook Client ID: `(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]`
- Cloudinary Basic Auth: `cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+`
- Firebase Database: `([a-z0-9.-]+\.firebaseio\.com|[a-z0-9.-]+\.firebaseapp\.com)`
- Twitter Secret Key: `(?i)twitter(.{0,20})?[0-9a-z]{35,44}`
- Twitter Client ID: `(?i)twitter(.{0,20})?[0-9a-z]{18,25}`
- Github Personal Access Token: `ghp_[0-9a-zA-Z]{36}`
- Github OAuth Access Token: `gho_[0-9a-zA-Z]{36}`
- Github App Token: `(ghu|ghs)_[0-9a-zA-Z]{36}`
- Github Refresh Token: `ghr_[0-9a-zA-Z]{76}`
- LinkedIn Client ID: `(?i)linkedin(.{0,20})?(?-i)[0-9a-z]{12}`
- LinkedIn Secret Key: `(?i)linkedin(.{0,20})?[0-9a-z]{16}`
- Slack: `xox[baprs]-([0-9a-zA-Z]{10,48})?`
- Asymmetric Private Key: `-----BEGIN ((EC|PGP|DSA|RSA|OPENSSH) )?PRIVATE KEY( BLOCK)?-----`
- Google API key: `AIza[0-9A-Za-z\\-_]{35}`
- Google (GCP) Service Account: `"type": "service_account"`
- Heroku API key: `(?i)heroku(.{0,20})?[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}`
- MailChimp API key: `[0-9a-f]{32}-us[0-9]{1,2}`
- Mailgun API key: `key\-[0-9a-zA-Z]{32}`
- Picatic API Key: `sk\_live\_[0-9a-z]{32}`
- PayPal Braintree access token: `access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}`
- SendGrid API Key: `SG\.[\w_]{16,32}\.[\w_]{16,64}`
- Slack Webhook: `https\:\/\/hooks\.slack\.com\/services\/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8,12}/[a-zA-Z0-9_]{24}`
- Stripe API key: `(?i)stripe(.{0,20})?[sr]k_live_[0-9a-zA-Z]{24}`
- Square access token: `sq0atp\-[0-9A-Za-z\-_]{22}`
- Square OAuth secret: `sq0csp\-[0-9A-Za-z\\-_]{43}`
- Twilio API key: `(?i)twilio(.{0,20})?SK[0-9a-f]{32}`
- Dynatrace token: `dt0[a-zA-Z]{1}[0-9]{2}\.[A-Z0-9]{24}\.[A-Z0-9]{64}`
- Shopify shared secret: `shpss\_[a-fA-F0-9]{32}`
- Shopify access token: `shpat\_[a-fA-F0-9]{32}`
- Shopify custom app access token: `shpca\_[a-fA-F0-9]{32}`
- Shopify private app access token: `shppa\_[a-fA-F0-9]{32}`
- PyPI upload token: `pypi\-AgEIcHlwaS5vcmc[A-Za-z0-9-_]{50,1000}`
- Bugsnag API Key: `(?i)(bs|bugsnag)(.{0,20})?[0-9a-f]{32}`
- AWS cognito pool: `(us-east-1|us-east-2|us-west-1|us-west-2|sa-east-1):[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}`
- DigitalOcean Personal Access Token: `dop_v1_[0-9a-f]{64}`
- Gitlab Personal Access Token: `glpat-[0-9a-zA-Z-_]{20}`
- Gitlab Runner Token: `GR1348941[a-zA-Z0-9\-=_]{20,40}`
- Netlify Token: `(?i)netlify(.{0,20})?['\"][0-9a-zA-Z]{40}['\"]`
- Okta Token: `00[0-9a-zA-Z]{20}\$[0-9a-zA-Z]{6,}`
- Sentry Auth Token: `sentry_auth_token_[0-9a-zA-Z]{70}`
- Telegram Bot Token: `[0-9]{8,10}:AA[0-9A-Za-z_-]{35}`
- Zoom JWT Token: `(?i)zoom(.{0,20})?['\"][0-9a-zA-Z-_\.]{36,160}['\"]`
- Adobe Client Credentials: `(?i)adobe(.{0,20})?['\"][a-zA-Z0-9]{32,56}['\"]`
- Firebase Web API Key: `AIza[0-9A-Za-z\\-_]{35}`