Skip to content

advanced-security/secret-scanning-custom-patterns

Repository files navigation

custom-pattern-secrets

Custom Secret Scanning Patterns repository.

Patterns

  • Common Passwords Shortlist
  • Hardcoded Database Passwords

  • Hardcoded Spring SQL passwords

  • Django Secret Key

  • GitHub Actions SHA Checker

  • .NET Configuration file

  • .NET MachineKey

  • Database Connection String (full string)

  • Database Connection String (1)

  • Database Connection String (2)

  • Database Connection String (3)

  • TSQL CREATE LOGIN/USER

  • SQLAlchemy Database Connection String

  • MongoDB connection string

  • JDBC Database Connection String

  • Generic Passwords (fewer FPs)

  • Generic Password with hex encoded secrets

  • Generic Password with Base64 encoded secrets

  • Generic Password with URI-safe Base64 encoded secrets

  • UUIDs

  • Bearer Tokens

  • OAuth client secret and ID pair

  • JWT
  • Arc
  • Credit Cards

  • Credit Cards - Visa

  • Credit Cards - MasterCard

  • Credit Cards - American Express

  • Credit Cards - Discover

  • IBAN

  • Norwegian national identity number/D number

  • Generic RSA keys

  • SSH Private Keys

  • GPG Private Key

  • Hardcoded Internal Emails

  • Hardcoded Internal URLs

  • Hardcoded URI Passwords

  • Routable IPv4 Addresses

  • GitHub Container Registry typos

  • Azure SQL Connection String

  • Grafana API token

  • SendGrid (deprecated)

  • Sentry Auth Token

  • Sentry API Key

  • Sentry DSN secret

  • Sentry webpack plugin token

  • Sentry Terraform provider token

  • Okta token

  • Okta API key (precise)

  • DataDog API key

  • DataDog APP key

  • Microsoft Teams incoming webhook

  • LaunchDarkly API key

  • PagerDuty API/Service key

  • Flickr OAuth token

  • Flickr API key

  • BrowserStack access key

  • BrowserStack access key (imprecise)

  • BrowserStack token (URL)

  • Vercel Access Token (imprecise)

  • Vercel Access Token

  • Vercel CLI token

  • Vercel OAuth client secrets

  • UUIDv4 Bearer token (maybe Heroku)

  • Azure client secret

  • Google private key id (or older API key)

  • OpenStack password/API key

  • AlienVault OTX API key

  • Apollo.io API key

  • ClickUp API key

  • Amazon MWS Auth Token

  • Jenkins API token

  • AWS S3 presigned URL

  • Azure Access Key (legacy format)

  • Azure Shared Access Signature (SAS) Token

  • CircleCI API token