Skip to content

Instantly share code, notes, and snippets.

@aliosmanyuksel
Forked from h4x0r-dz/Generic keys
Created April 2, 2023 00:02
Show Gist options
  • Save aliosmanyuksel/8dd62c43d2671790405b676903f5d43f to your computer and use it in GitHub Desktop.
Save aliosmanyuksel/8dd62c43d2671790405b676903f5d43f to your computer and use it in GitHub Desktop.
(?i)(?:(?:access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_key|cloudinary_api_secret|cloudinary_name|codecov_token|config|conn.login|connectionstring|consumer_key|consumer_secret|credentials|cypress_record_key|database_password|database_schema_test|datadog_api_key|datadog_app_key|db_password|db_server|db_username|dbpasswd|dbpassword|dbuser|deploy_password|digitalocean_ssh_key_body|digitalocean_ssh_key_ids|docker_hub_password|docker_key|docker_pass|docker_passwd|docker_password|dockerhub_password|dockerhubpassword|dot-files|dotfiles|droplet_travis_password|dynamoaccesskeyid|dynamosecretaccesskey|elastica_host|elastica_port|elasticsearch_password|encryption_key|encryption_password|env.heroku_api_key|env.sonatype_password|eureka.awssecretkey)[a-z0-9_.\-,]{0,25})[:<>=|]{1,2}.{0,5}['"]([0-9a-zA-Z\-_=]{8,64})['"]
@aliosmanyuksel
Copy link
Author

  1. Use non-capturing groups: Since you don't need the matched content from the groups for any specific purpose, you can use non-capturing groups by adding ?: after the opening parentheses, which can improve performance.
  2. Use character class for the separator part: Instead of using multiple characters with alternation (e.g., =|>|:=|...), you can combine them into a character class.
  3. Remove unnecessary escapes: You can remove unnecessary escape characters in the character class.

This optimized regex should provide better performance while maintaining the original intent of matching leaked keys and secrets. However, keep in mind that this regex is not foolproof and may still produce false positives or negatives.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment