[FEATURE] Find API keys/secrets by matching regex

[sdushantha]

If you're requesting a new feature/enhancement, explain why you'd like it to be added and it's importance.

We currently have a feature which find possible hardcoded secrets. But there could be false positives. So I am suggesting a feature which will use regex to find API keys. I currently have a command line program called dora which does exactly this. But would of course be very nice if this was implemented into this program so we'd get exact matches to those API keys/secrets.

Is your feature request related to a problem? Please describe.
It is not a problem.

Describe the solution you'd like
Use a list of regex that match certain API keys/secrets so they will be found without any false positives. I am willing to provide the regex patterns if needed.

Describe alternatives you've considered
I currently use my program called dora but if MobSF had this inbuilt, it would be ease my workflow.

[github-actions]

👋 @sdushantha
Issues is only for reporting a bug/feature request. For limited support, questions, and discussions, please join MobSF Slack channel
Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.

[ajinabraham]

The reason why we didn't go with the regex approach is that it will miss a lot of possible secrets as the regexes are fairly specific.

[ajinabraham]

Closing this and tracking this separately.