wperron · November 4, 2024 14:20
diff --git a/secrets.awk b/secrets.awk
 # Credit to https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
 # For the different secret key patterns
 #
 # Usage: awk -f secrets.awk path/to/your/project/**/*.(js|ts)
 /(xox[pborsa]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})/                                       {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Slack Token
 /-----BEGIN RSA PRIVATE KEY-----/                                                                {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # RSA private key
 /-----BEGIN DSA PRIVATE KEY-----/                                                                {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # SSH (DSA) private key
 /-----BEGIN EC PRIVATE KEY-----/                                                                 {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # SSH (EC) private key
 /-----BEGIN PGP PRIVATE KEY BLOCK-----/                                                          {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # PGP private key block
 /amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/                      {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Amazon MWS Auth Token
 /AKIA[0-9A-Z]{16}/                                                                               {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # AWS API Key
 /da2-[a-z0-9]{26}/                                                                               {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # AWS AppSync GraphQL Token
 /EAACEdEose0cBA[0-9A-Za-z]+/                                                                     {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Facebook Auth Token
 /[fF][aA][cC][eE][bB][oO][oO][kK].*['|\"][0-9a-f]{32}['|\"]/                                     {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Facebook OAuth
 /[gG][iI][tT][hH][uU][bB].*['|\"][0-9a-zA-Z]{35,40}['|\"]/                                       {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # GitHub 
 /[aA][pP][iI]_?[kK][eE][yY].*['|\"][0-9a-zA-Z]{32,45}['|\"]/                                     {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Generic API Key
 /[sS][eE][cC][rR][eE][tT].*['|\"][0-9a-zA-Z]{32,45}['|\"]/                                       {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Generic Secret
 /AIza[0-9A-Za-z\\-_]{35}/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google API Key
 /AIza[0-9A-Za-z\\-_]{35}/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Cloud Platform API Key
 /[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/                                       {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Cloud Platform OAuth
 /AIza[0-9A-Za-z\\-_]{35}/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Drive API Key
 /[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/                                       {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Drive OAuth
 /\"type\": \"service_account\"/                                                                  {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google (GCP) service account
 /AIza[0-9A-Za-z\\-_]{35}/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Gmail API Key
 /[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/                                       {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Gmail OAuth
 /ya29\\.[0-9A-Za-z\\-_]+/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google OAuth Access Token
 /AIza[0-9A-Za-z\\-_]{35}/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google YouTube API Key
 /[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/                                       {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google YouTube OAuth
 /[hH][eE][rR][oO][kK][uU].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}/         {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Heroku API Key
 /[0-9a-f]{32}-us[0-9]{1,2}/                                                                      {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # MailChimp API Key
 /key-[0-9a-zA-Z]{32}/                                                                            {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Mailgun API Key
 /[a-zA-Z]{3,10}:\/\/[^\/\\s:@]{3,20}:[^\/\\s:@]{3,20}@.{1,100}[\"'\\s]/                          {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Password In URL
 /access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}/                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # PayPal Braintree Access Token
 /sk_live_[0-9a-z]{32}/                                                                           {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Picatic API Key
 /https:\/\/hooks\\.slack\\.com\/services\/T[a-zA-Z0-9_]{8}\/B[a-zA-Z0-9_]{8}\/[a-zA-Z0-9_]{24}"/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Slack Webhook
 /sk_live_[0-9a-zA-Z]{24}/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Stripe API Key
 /rk_live_[0-9a-zA-Z]{24}/                                                                        {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Stripe Restricted API Key
 /sq0atp-[0-9A-Za-z\\-_]{22}/                                                                     {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Square Access Token
 /sq0csp-[0-9A-Za-z\\-_]{43}/                                                                     {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Square Oauth Secret
 /[0-9]+:AA[0-9A-Za-z\\-_]{33}/                                                                   {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Telegram Bot API Key
 /SK[0-9a-fA-F]{32}/                                                                              {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Twilio API Key
 /[tT][wW][iI][tT][tT][eE][rR].*[1-9][0-9]+-[0-9a-zA-Z]{40}/                                      {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Twitter Access Token
 /[tT][wW][iI][tT][tT][eE][rR].*['|\"][0-9a-zA-Z]{35,44}['|\"]/                                   {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Twitter Oauth
	# Credit to https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json
	# For the different secret key patterns
	#
	# Usage: awk -f secrets.awk path/to/your/project/*/.(js\|ts)
	/(xox[pborsa]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Slack Token
	/-----BEGIN RSA PRIVATE KEY-----/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # RSA private key
	/-----BEGIN DSA PRIVATE KEY-----/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # SSH (DSA) private key
	/-----BEGIN EC PRIVATE KEY-----/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # SSH (EC) private key
	/-----BEGIN PGP PRIVATE KEY BLOCK-----/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # PGP private key block
	/amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Amazon MWS Auth Token
	/AKIA[0-9A-Z]{16}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # AWS API Key
	/da2-[a-z0-9]{26}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # AWS AppSync GraphQL Token
	/EAACEdEose0cBA[0-9A-Za-z]+/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Facebook Auth Token
	/[fF][aA][cC][eE][bB][oO][oO][kK].*['\|\"][0-9a-f]{32}['\|\"]/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Facebook OAuth
	/[gG][iI][tT][hH][uU][bB].*['\|\"][0-9a-zA-Z]{35,40}['\|\"]/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # GitHub
	/[aA][pP][iI]_?[kK][eE][yY].*['\|\"][0-9a-zA-Z]{32,45}['\|\"]/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Generic API Key
	/[sS][eE][cC][rR][eE][tT].*['\|\"][0-9a-zA-Z]{32,45}['\|\"]/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Generic Secret
	/AIza[0-9A-Za-z\\-_]{35}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google API Key
	/AIza[0-9A-Za-z\\-_]{35}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Cloud Platform API Key
	/[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Cloud Platform OAuth
	/AIza[0-9A-Za-z\\-_]{35}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Drive API Key
	/[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Drive OAuth
	/\"type\": \"service_account\"/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google (GCP) service account
	/AIza[0-9A-Za-z\\-_]{35}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Gmail API Key
	/[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google Gmail OAuth
	/ya29\\.[0-9A-Za-z\\-_]+/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google OAuth Access Token
	/AIza[0-9A-Za-z\\-_]{35}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google YouTube API Key
	/[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Google YouTube OAuth
	/[hH][eE][rR][oO][kK][uU].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Heroku API Key
	/[0-9a-f]{32}-us[0-9]{1,2}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # MailChimp API Key
	/key-[0-9a-zA-Z]{32}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Mailgun API Key
	/[a-zA-Z]{3,10}:\/\/[^\/\\s:@]{3,20}:[^\/\\s:@]{3,20}@.{1,100}[\"'\\s]/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Password In URL
	/access_token\\$production\\$[0-9a-z]{16}\\$[0-9a-f]{32}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # PayPal Braintree Access Token
	/sk_live_[0-9a-z]{32}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Picatic API Key
	/https:\/\/hooks\\.slack\\.com\/services\/T[a-zA-Z0-9_]{8}\/B[a-zA-Z0-9_]{8}\/[a-zA-Z0-9_]{24}"/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Slack Webhook
	/sk_live_[0-9a-zA-Z]{24}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Stripe API Key
	/rk_live_[0-9a-zA-Z]{24}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Stripe Restricted API Key
	/sq0atp-[0-9A-Za-z\\-_]{22}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Square Access Token
	/sq0csp-[0-9A-Za-z\\-_]{43}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Square Oauth Secret
	/[0-9]+:AA[0-9A-Za-z\\-_]{33}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Telegram Bot API Key
	/SK[0-9a-fA-F]{32}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Twilio API Key
	/[tT][wW][iI][tT][tT][eE][rR].*[1-9][0-9]+-[0-9a-zA-Z]{40}/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Twitter Access Token
	/[tT][wW][iI][tT][tT][eE][rR].*['\|\"][0-9a-zA-Z]{35,44}['\|\"]/ {printf "%s:%s %s", FILENAME, NR, $0; nextfile} # Twitter Oauth