Custom Secret Scanning Patterns repository created and maintained by the GitHub Field Services.
This repository extends the list of supported Vendors out of the box with GitHub's Advanced Security Secret Scanning.
⚠️ This repository does not guarantee the quality or precision of the patterns which might result in False Positives
- Common Passwords Shortlist
- Hardcoded Database Passwords
- Hardcoded Spring SQL passwords
- Django Secret Key
- GitHub Actions SHA Checker
- .NET Configuration file
- .NET MachineKey
- Database Connection String (1)
- Database Connection String (2)
- Database Connection String (3)
- TSQL CREATE LOGIN/USER
- Generic Passwords
- UUIDs
- Bearer Tokens
- JWT
- Arc
- Credit Cards
- Credit Cards - Visa
- Credit Cards - MasterCard
- Credit Cards - American Express
- Credit Cards - Discover
- IBAN
- Generic RSA keys
- SSH Private Keys
- GPG Private Key
- Hardcoded Internal Emails
- Hardcoded Internal URLs
- Hardcoded URI Passwords
- Routable IPv4 Addresses
- GitHub Container Registry typos
- Azure SQL Connection String
- Grafana API token
- SendGrid (deprecated)
- Sentry Auth Token
- Sentry API Key
- Sentry DSN secret
- Sentry webpack plugin token
- Sentry Terraform provider token
- Okta token
- DataDog API key
- DataDog APP key