Skip to content

Latest commit

 

History

History

vendors

Folders and files

NameName
Last commit message
Last commit date

parent directory

..

__snapshots__

__snapshots__

 
 

.sentryclirc

.sentryclirc

 
 

README.md

README.md

 
 

azure.js

azure.js

 
 

datadog.txt

datadog.txt

 
 

dotenv

dotenv

 
 

grafana.txt

grafana.txt

 
 

not_okta.txt

not_okta.txt

 
 

okta.txt

okta.txt

 
 

patterns.yml

patterns.yml

 
 

sendgrid.py

sendgrid.py

 
 

sentry.properties

sentry.properties

 
 

sentry.sh

sentry.sh

 
 

sentry_dsn.txt

sentry_dsn.txt

 
 

terraform.tf

terraform.tf

 
 

webpack_sentry.js

webpack_sentry.js

 
 

README.md

Vendors

Azure SQL Connection String

version: v0.1

Comments / Notes:

Pattern Format 
(?i)[a-z][a-z0-9-]+\.database(?:\.secure)?\.(?:(?:windows|usgovcloudapi)\.net|chinacloudapi\.cn|cloudapi\.de)

Grafana API token

version: v0.1

Pattern Format 
eyJrIjoi[A-Za-z0-9_=-]{42}

SendGrid (deprecated)

version: v0.1

Comments / Notes:

  • Deprecated (supported by Secret Scanning)
Pattern Format 
SG\.[a-zA-Z0-9-]{5,}\.[a-zA-Z0-9-]{5,}
End Pattern 
\z|[^a-zA-Z0-9-]

Sentry Auth Token

version: v0.1

Pattern Format 
[a-fA-F0-9]{64}
Start Pattern 
(?:\A|[\r\n])(?:\[auth\][^[]*\ntoken\s*=|(?:export )?SENTRY_AUTH_TOKEN\s*=|sentry-cli [^\r\n]*--auth-token |auth\.token\s*=)\s*['"`]?
End Pattern 
\z|\s|['"`]
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Match:

    \d\D|\D\d

Sentry API Key

version: v0.1

Pattern Format 
[a-fA-F0-9]{32}
Start Pattern 
(?:\A|[\r\n])(?:\[auth\][^[]*\napi_key\s*=|(?:export )?SENTRY_API_KEY\s*=|sentry-cli [^\r\n]*--api-key |auth\.api_key\s*=)\s*['"`]?
End Pattern 
\z|\s|['"`]
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Match:

    \d\D|\D\d

Sentry DSN secret

version: v0.1

Comments / Notes:

Pattern Format 
[a-fA-F0-9]{32}
Start Pattern 
https://[a-fA-F0-9]{32}:
End Pattern 
@([a-z0-9-.]+\.)?sentry\.io(?:/[^?#]*)?/\d+
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Match:

    \d\D|\D\d

Sentry webpack plugin token

version: v0.1

Pattern Format 
(?:[a-fA-F0-9]{32}|[a-fA-F0-9]{64})
Start Pattern 
new SentryPlugin\(\s*\{[^}]*[,\n \t]apiKey:\s*['"]
End Pattern 
['"]
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Match:

    \d\D|\D\d

Sentry Terraform provider token

version: v0.1

Pattern Format 
[a-fA-F0-9]{64}
Start Pattern 
(?:\A|[\r\n])provider "sentry" {[^}]*[\n \t]token\s*=\s*['"]
End Pattern 
['"]
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Match:

    \d\D|\D\d

Okta token

version: v0.1

Comments / Notes:

  • Okta token, starting with 00 and 40 random alphanumeric with _ and -
Pattern Format 
(0{2}[0-9A-Za-z_-]{40})
Start Pattern 
(\A|[^0-9A-Za-z_+/-])
End Pattern 
(\z|[^0-9A-Za-z_+/=-])
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Not Match:

    [0-9A-Fa-f-]{30}

  • Not Match:

    [a-zA-Z_-]{30}

  • Not Match:

    ^\d+(\.\d+)?e[+-]?\d+$

  • Not Match:

    [\d_]{30}

DataDog API key

version: v0.1

Comments / Notes:

  • Looks for surrounding context to confirm this is a DataDog API key, not some other 32-byte hex string
Pattern Format 
[a-f0-9]{32}
Start Pattern 
(\A|\b)(((?i)(DD|DATADOG)_API_KEY)['"]?\s*(value)?[=:,]\s*['"]?|new DataDogWinston\({[^}]*apiKey:\s*'|terraformer import datadog [^\n]*--api-key=|provider "datadog" {[^}]*api_key\s*=\s*")
End Pattern 
\z|\b
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Not Match:

    ^0+$

  • Not Match:

    ^1+$

  • Not Match:

    ^ef8d5de700e7989468166c40fc8a0ccd$

  • Not Match:

    ^(a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5|1234567890abcdef1234567890abcdef)$

DataDog APP key

version: v0.1

Comments / Notes:

  • Looks for surrounding context to confirm this is a DataDog App key, not some other 40-byte hex string
Pattern Format 
[a-f0-9]{40}
Start Pattern 
(\A|\b)(((?i)(DD|DATADOG)_APP(LICATION)?_KEY)['"]?\s*(value)?[=:,]\s*['"]?|new DataDogWinston\({[^}]*apiKey:\s*'|terraformer import datadog [^\n]*--api-key=|provider "datadog" {[^}]*api_key\s*=\s*")
End Pattern 
\z|\b
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Not Match:

    ^0+$

  • Not Match:

    ^1+$

  • Not Match:

    a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9

Microsoft Teams incoming webhook

version: v0.1

Pattern Format 
https://[a-z-]+\.webhook\.office\.com/webhookb2/[a-fA-F0-9]{8}-([a-fA-F0-9]{4}-){3}[a-fA-F0-9]{12}@[a-fA-F0-9]{8}-([a-fA-F0-9]{4}-){3}[a-fA-F0-9]{12}/[^/]+/[a-fA-F0-9]{32}/[a-fA-F0-9]{8}-([a-fA-F0-9]{4}-){3}[a-fA-F0-9]{12}
Start Pattern 
\A|\b
End Pattern 
\z|\b
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Not Match:

    ^https://contoso\.

LaunchDarkly API key

version: v0.1

Pattern Format 
api-[a-f0-9-]{8}-[a-f0-9-]{4}-[a-f0-9-]{4}-[a-f0-9-]{4}-[a-f0-9-]{12}
Start Pattern 
\A|\b
End Pattern 
\z|\b

PagerDuty API/Service key

version: v0.1

Pattern Format 
[A-Za-z0-9_-]{20}
Start Pattern 
(\A|\b)(?i)pd_(service|api)_key['"`]?\s*([:=]|[?:]=|[=-]>|,)\s*['"`]?
End Pattern 
\z|\b

Flickr OAuth token

version: v0.1

Pattern Format 
[0-9]{17}-[0-9a-f]{16}
Start Pattern 
(\A|\b)oauth_token=
End Pattern 
\z|\b

Flickr API key

version: v0.1

Pattern Format 
[0-9a-f]{32}
Start Pattern 
https:\/\/api\.flickr\.com\/services\/rest\/?([^ ]+&)?api_key=
End Pattern 
\z|\b

BrowserStack access key

version: v0.1

Pattern Format 
[0-9a-zA-Z]{20}
Start Pattern 
(\A|\b)(?i)_?(browserstack|bs|automate)_?\.?((Access|Auth)_?Key|Password)['"`]?\s*([:=]|[?:]=|[=-]>|,)\s*['"`]?
End Pattern 
\z|[^a-zA-Z0-9/+_-]

BrowserStack access key (imprecise)

version: v0.1

Pattern Format 
[0-9a-zA-Z]{20}
Start Pattern 
(\A|\b)(?i)_?(Access|Auth)_?Key['"`]?\s*([:=]|[?:]=|[=-]>|,)\s*['"`]?
End Pattern 
\z|[^a-zA-Z0-9/+_-]

BrowserStack token (URL)

version: v0.1

Pattern Format 
[^:]+:[0-9a-zA-Z]{20}
Start Pattern 
https?://
End Pattern 
@hub-cloud\.browserstack\.com/

Vercel Access Token (imprecise)

version: v0.1

Pattern Format 
[A-Za-z0-9]{24}
Start Pattern 
(\A|\b|[_.-])(?i)vercel[_.-]?((access|api)[_.-]?)?token\s*[=:]\s*['"]?
End Pattern 
\z|\s|['"]

Vercel Access Token

version: v0.1

Pattern Format 
[A-Za-z0-9]{24}
Start Pattern 
(\A|\b)(?i)vercel[_.-]?((access|api)[_.-]?)?token\s*[=:]\s*['"]?
End Pattern 
\z|\s|['"]

Vercel CLI token

version: v0.1

Pattern Format 
[A-Za-z0-9]{24}
Start Pattern 
(\A|\b)vercel [^\r\n]*--token=
End Pattern 
\z|\s

Vercel OAuth client secrets

version: v0.1

Pattern Format 
[A-Za-z0-9]{24}
Start Pattern 
(?i)client[._]?Id[:=]\s*['"]?oac_[A-Za-z0-9]{24}['"]?[^\n]*\n[^\n]*client[._]?Secret\s*[:=]\s*['"]?
End Pattern 
\z|[^A-Za-z.+/=_-]

MongoDB connection string

version: v0.1

Pattern Format 
mongodb\+srv://[^'"<>/:@\s\x00-\x08]+:[^'"<>/@\s\x00-\x08]+@[^/\s\x00-\x08]+\S*
Start Pattern 
\A|\b
End Pattern 
\z|\s|['"`]
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Not Match:

    ^mongodb\+srv://(test-)?user:(test-)?pass(word)?@

  • Not Match:

    ^mongodb\+srv://%s:%s@

  • Not Match:

    ^mongodb\+srv://auser:apass@

  • Not Match:

    ^mongodb\+srv://b\*b%40f3tt%3D:%244to%40L8%3DMC@test3.test.build.10gen.cc/mydb%3F\?replicaSet=repl0

UUIDv4 Bearer token (maybe Heroku)

version: v0.1

Pattern Format 
[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89ab][a-f0-9]{3}-[a-f0-9]{12}
Start Pattern 
(\b|\A)(?i)Bearer[ ]
End Pattern 
\b|\z

Azure client secret

version: v0.1

Pattern Format 
[a-zA-Z0-9~_.-]{34}
Start Pattern 
(?i)(client|azure[a-z_.-]{0,10})(key|secret|password|pwd|token)[a-z_.-]{0,9}\b['"`]?(\s{0,5}[\]\)])?\s{0,3}([:,=]|[=-]>|to|[!=]={1,2}|<>)?\s{0,5}([[{])?['"`]?
End Pattern 
\z|["'`]|\s
Additional Matches

Add these additional matches to the Secret Scanning Custom Pattern.

  • Match:

    [A-Z][a-z]|[A-Z][a-z]

  • Match:

    [0-9][A-Za-z]|[A-Za-z][0-9]

  • Match:

    [.~_-][A-Za-z0-9]|[A-Za-z0-9][.~_-]