octocode-data-masker
Version:
A TypeScript library for masking sensitive data in strings, including PII, tokens, API keys, and more
1,606 lines (1,584 loc) • 64.2 kB
JavaScript
const piiPatterns = [
{
name: 'emailAddress',
description: 'Email address (basic validation)',
regex: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b/g,
matchAccuracy: 'high'
},
{
name: 'socialSecurityNumberFormatted',
description: 'Social Security Number (with dashes)',
regex: /\b(?!000|666|9\d{2})\d{3}-(?!00)\d{2}-(?!0000)\d{4}\b/g,
matchAccuracy: 'high'
},
{
name: 'socialSecurityNumberSpaced',
description: 'Social Security Number (with spaces)',
regex: /\b(?!000|666|9\d{2})\d{3}\s(?!00)\d{2}\s(?!0000)\d{4}\b/g,
matchAccuracy: 'high'
},
{
name: 'phoneNumberE164',
description: 'Phone number (E.164 format)',
regex: /\+[1-9]\d{1,14}\b/g,
matchAccuracy: 'high'
},
{
name: 'phoneNumberUS',
description: 'US phone number (formatted)',
regex: /\b(?:\+?1[-.\s]?)?\(?[2-9][0-8][0-9]\)?[-.\s]?[2-9][0-9]{2}[-.\s]?[0-9]{4}\b/g,
matchAccuracy: 'high'
},
{
name: 'phoneNumberInternational',
description: 'International phone number with country code',
regex: /\+\d{1,3}[-.\s]?\d{1,4}[-.\s]?\d{1,4}[-.\s]?\d{1,9}\b/g,
matchAccuracy: 'medium'
},
{
name: 'driversLicenseNumber',
description: 'Drivers license number (US format)',
regex: /\b[A-Z]{1,2}\d{7,8}\b/g,
matchAccuracy: 'medium'
},
{
name: 'tinEin',
description: 'Tax Identification Number/Employer Identification Number',
regex: /\b\d{2}-\d{7}\b/g,
matchAccuracy: 'high'
},
{
name: 'medicalRecordNumber',
description: 'Medical record number (with context)',
regex: /\b(?:MRN|medical\s+record|patient\s+id)[:=\s]*[A-Z0-9-]+\b/gi,
matchAccuracy: 'medium'
},
{
name: 'canadianSinFormatted',
description: 'Canadian Social Insurance Number (formatted)',
regex: /\b\d{3}[-\s]\d{3}[-\s]\d{3}\b/g,
matchAccuracy: 'high'
},
{
name: 'ukNationalInsuranceNumber',
description: 'UK National Insurance Number',
regex: /\b[A-CEGHJ-PR-TW-Z]{2}[0-9]{6}[A-D]\b/g,
matchAccuracy: 'high'
}
];
const cryptographicPatterns = [
{
name: 'openVpnClientConfigPrivateKey',
description: 'OpenVPN client config private key',
regex: /<key>\s*-----BEGIN[^<]*-----END[^<]*<\/key>/g,
matchAccuracy: 'high'
},
{
name: 'firebaseServiceAccountPrivateKey',
description: 'Firebase service account private key (JSON embedded)',
regex: /"private_key":\s*"-----BEGIN PRIVATE KEY-----\\n[a-zA-Z0-9+/=\\n]+\\n-----END PRIVATE KEY-----"/g,
matchAccuracy: 'high'
},
{
name: 'rsaPrivateKey',
description: 'RSA private key',
regex: /-----BEGIN (?:RSA )?PRIVATE KEY-----\s*[\s\S]*?-----END (?:RSA )?PRIVATE KEY-----/g,
matchAccuracy: 'high'
},
{
name: 'sshPrivateKeyOpenSsh',
description: 'SSH private key (OpenSSH format)',
regex: /-----BEGIN OPENSSH PRIVATE KEY-----\s*[\s\S]*?-----END OPENSSH PRIVATE KEY-----/g,
matchAccuracy: 'high'
},
{
name: 'sshPrivateKeyEc',
description: 'SSH private key (Elliptic Curve format)',
regex: /-----BEGIN EC PRIVATE KEY-----\s*[\s\S]*?-----END EC PRIVATE KEY-----/g,
matchAccuracy: 'high'
},
{
name: 'pgpPrivateKeyBlock',
description: 'PGP private key block',
regex: /-----BEGIN PGP PRIVATE KEY BLOCK-----\s*[\s\S]*?-----END PGP PRIVATE KEY BLOCK-----/g,
matchAccuracy: 'high'
},
{
name: 'pkcs8PrivateKey',
description: 'PKCS#8 private key (encrypted or unencrypted)',
regex: /-----BEGIN ENCRYPTED PRIVATE KEY-----\s*[\s\S]*?-----END ENCRYPTED PRIVATE KEY-----|-----BEGIN PRIVATE KEY-----\s*[\s\S]*?-----END PRIVATE KEY-----/g,
matchAccuracy: 'high'
},
{
name: 'x509Certificate',
description: 'X.509 certificate (PEM format)',
regex: /-----BEGIN CERTIFICATE-----\s*[\s\S]*?-----END CERTIFICATE-----/g,
matchAccuracy: 'high'
},
{
name: 'sshPublicKey',
description: 'SSH public key (generic format)',
regex: /(?:ssh-rsa|ecdsa-sha2-nistp\d+|ssh-ed25519)\s+[A-Za-z0-9+/]{40,}={0,2}\s+[^\s]+/g,
matchAccuracy: 'medium'
},
{
name: 'dsaPrivateKey',
description: 'DSA private key',
regex: /-----BEGIN DSA PRIVATE KEY-----\s*[\s\S]*?-----END DSA PRIVATE KEY-----/g,
matchAccuracy: 'high'
},
{
name: 'puttyPrivateKey',
description: 'PuTTY private key file',
regex: /PuTTY-User-Key-File-[23]:\s*[\s\S]*?Private-MAC:/g,
matchAccuracy: 'high'
},
{
name: 'pkcs12Certificate',
description: 'PKCS#12 certificate store file pattern',
regex: /\.p12$|\.pfx$|\.pkcs12$/gi,
matchAccuracy: 'high',
fileContext: /\.(p12|pfx|pkcs12)$/i
},
{
name: 'javaKeystore',
description: 'Java KeyStore file pattern',
regex: /\.jks$|\.keystore$/gi,
matchAccuracy: 'high',
fileContext: /\.(jks|keystore)$/i
},
{
name: 'androidKeystore',
description: 'Android keystore file',
regex: /\.keystore$|debug\.keystore|release\.keystore/gi,
matchAccuracy: 'high',
fileContext: /\.keystore$/i
},
{
name: 'x509CertificateRequest',
description: 'X.509 Certificate Signing Request',
regex: /-----BEGIN (?:NEW )?CERTIFICATE REQUEST-----\s*[\s\S]*?-----END (?:NEW )?CERTIFICATE REQUEST-----/g,
matchAccuracy: 'high'
},
{
name: 'dhParameters',
description: 'Diffie-Hellman parameters',
regex: /-----BEGIN DH PARAMETERS-----\s*[\s\S]*?-----END DH PARAMETERS-----/g,
matchAccuracy: 'high'
},
{
name: 'sshHostKey',
description: 'SSH host key',
regex: /-----BEGIN SSH2 ENCRYPTED PRIVATE KEY-----[\s\S]*?-----END SSH2 ENCRYPTED PRIVATE KEY-----/g,
matchAccuracy: 'high'
},
{
name: 'ageSecretKey',
description: 'Age encryption tool secret key',
regex: /\bAGE-SECRET-KEY-1[QPZRY9X8GF2TVDW0S3JN54KHCE6MUA7L]+\b/g,
matchAccuracy: 'high'
},
{
name: 'vaultBatchToken',
description: 'HashiCorp Vault batch token',
regex: /\bhvb\.[\w-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'opensslRandomState',
description: 'OpenSSL random state file',
regex: /\.(rnd|dat)$/gi,
matchAccuracy: 'high',
fileContext: /\.(rnd|dat)$/i
}
];
const financialPatterns = [
{
name: 'stripePublishableKey',
description: 'Stripe publishable key',
regex: /\bpk_(?:test|live)_[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'stripeSecretKey',
description: 'Stripe secret key',
regex: /\bsk_(?:test|live)_[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'stripeRestrictedApiKey',
description: 'Stripe restricted API key',
regex: /\brk_(?:test|live)_[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'paypalAccessToken',
description: 'PayPal access token',
regex: /\bA21[a-zA-Z0-9._-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'squareAccessToken',
description: 'Square access token',
regex: /\bsq0[a-z]tp-[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'squareApplicationId',
description: 'Square application ID',
regex: /\bsq0ids-[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'stripeWebhookSecret',
description: 'Stripe webhook endpoint secret',
regex: /\bwhsec_[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'stripeSecretKey',
description: 'Stripe secret key (live or test environment)',
regex: /\bsk_(?:live|test)_[a-zA-Z0-9]{24}\b/g,
matchAccuracy: 'high'
},
{
name: 'stripePublishableKey',
description: 'Stripe publishable key (live or test environment)',
regex: /\bpk_(?:live|test)_[a-zA-Z0-9]{24}\b/g,
matchAccuracy: 'high'
},
{
name: 'stripeApiKey',
description: 'Stripe API Key',
regex: /sk_live_[0-9a-zA-Z]{24,}/g,
matchAccuracy: 'high'
},
{
name: 'stripePublishableKey',
description: 'Stripe Publishable Key',
regex: /pk_live_[0-9a-zA-Z]{24,}/g,
matchAccuracy: 'high'
},
{
name: 'stripeTestKey',
description: 'Stripe Test Key',
regex: /sk_test_[0-9a-zA-Z]{24,}/g,
matchAccuracy: 'high'
},
{
name: 'stripeRestrictedKey',
description: 'Stripe Restricted Key',
regex: /rk_live_[0-9a-zA-Z]{24,}/g,
matchAccuracy: 'high'
}
];
const aiProviderPatterns = [
{
name: 'anthropicApiKey',
description: 'Anthropic API key',
regex: /\bsk-ant-(?:admin01|api03)-[\w-]+AA\b/g,
matchAccuracy: 'high'
},
{
name: 'claudeApiKey',
description: 'Anthropic Claude API key (alternative format)',
regex: /\bsk-ant-api03-[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'cohereApiKeyAlternative',
description: 'Cohere API key (alternative format)',
regex: /\bco-[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'googleAiApiKey',
description: 'Google AI API key',
regex: /\bAIza[0-9A-Za-z_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'groqApiKey',
description: 'Groq API key',
regex: /\bgsk_[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'huggingFaceToken',
description: 'Hugging Face API key',
regex: /\bhf_[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'langfusePublicKey',
description: 'Langfuse public key',
regex: /\bpk-lf-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}\b/g,
matchAccuracy: 'high'
},
{
name: 'langfuseSecretKey',
description: 'Langfuse secret key',
regex: /\bsk-lf-[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}\b/g,
matchAccuracy: 'high'
},
{
name: 'openaiApiKey',
description: 'OpenAI API key (project format)',
regex: /\bsk-[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'perplexityAiApiKey',
description: 'Perplexity AI API key',
regex: /\bpplx-[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'replicateApiToken',
description: 'Replicate API token',
regex: /\br8_[a-zA-Z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'togetherAiApiKey',
description: 'Together AI API key',
regex: /\b[a-f0-9]{16,32}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}\b/g,
matchAccuracy: 'high'
}
];
const authPatterns = [
{
name: 'authorizationBearerToken',
description: 'Authorization Bearer Token',
regex: /Authorization:\s*Bearer\s+[a-zA-Z0-9\-._~+/]+/gi,
matchAccuracy: 'medium'
},
{
name: 'jwtToken',
description: 'JWT (JSON Web Token - 3-part)',
regex: /\beyJ[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+\.[a-zA-Z0-9\-_]+\b/g,
matchAccuracy: 'high'
},
{
name: 'basicAuthCredentials',
description: 'Basic Auth Credentials',
regex: /Authorization:\s*Basic\s+([a-zA-Z0-9+/]+={0,2})\b/gi,
matchAccuracy: 'medium'
},
{
name: 'sessionIds',
description: 'Session IDs / Cookies',
regex: /(?:JSESSIONID|PHPSESSID|ASP\.NET_SessionId|connect\.sid|session_id)=([a-zA-Z0-9%:._-]+)/gi,
matchAccuracy: 'high'
},
{
name: 'oauthClientCredentials',
description: 'OAuth Client ID/Secret (Generic)',
regex: /(?:client_id|client_secret)\s*[:=]\s*["']([a-zA-Z0-9_-]+)["']/gi,
matchAccuracy: 'medium'
},
{
name: 'googleOauthToken',
description: 'Google OAuth token',
regex: /\bya29\.[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'apiKeyInHeader',
description: 'API key in header',
regex: /(?:X-API-Key|Api-Key|Authorization-Key):\s*([a-zA-Z0-9_-]+)/gi,
matchAccuracy: 'medium'
},
{
name: 'onePasswordSecretKey',
description: '1Password secret key',
regex: /\bA3-[A-Z0-9]{6}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}-[A-Z0-9]{5}\b/g,
matchAccuracy: 'high'
},
{
name: 'onePasswordServiceAccountToken',
description: '1Password service account token',
regex: /\bops_eyJ[a-zA-Z0-9+/]+={0,2}\b/g,
matchAccuracy: 'high'
},
{
name: 'jsonWebTokenEnhanced',
description: 'JSON Web Token with enhanced detection',
regex: /\bey[a-zA-Z0-9]+\.ey[a-zA-Z0-9/_-]+\.(?:[a-zA-Z0-9/_-]+={0,2})?\b/g,
matchAccuracy: 'high'
},
{
name: 'authressServiceClientAccessKey',
description: 'Authress service client access key',
regex: /\b(?:sc|ext|scauth|authress)_[a-z0-9]+\.[a-z0-9]+\.acc[_-][a-z0-9-]+\.[a-z0-9+/_=-]+\b/gi,
matchAccuracy: 'high'
}
];
const cloudProviderPatterns = [
{
name: 'googleApiKey',
description: 'Google API key',
regex: /\bAIza[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'googleOAuth2ClientId',
description: 'Google OAuth2 client ID',
regex: /\b[0-9]+-[a-z0-9]+\.apps\.googleusercontent\.com\b/g,
matchAccuracy: 'high'
},
{
name: 'googleOauth',
description: 'Google OAuth Client Secret',
regex: /("client_secret":"[a-zA-Z0-9-_]{24}")/g,
matchAccuracy: 'high'
},
{
name: 'googleServiceAccount',
description: 'Google Service Account',
regex: /"type": "service_account"/g,
matchAccuracy: 'high'
},
{
name: 'azureStorageAccountKey',
description: 'Azure storage account key',
regex: /DefaultEndpointsProtocol=https?;AccountName=[a-z0-9]+;AccountKey=[a-zA-Z0-9+/]+={0,2};EndpointSuffix=core\.windows\.net/g,
matchAccuracy: 'high'
},
{
name: 'azureSubscriptionId',
description: 'Azure subscription ID',
regex: /\b[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\.onmicrosoft\.com\b/g,
matchAccuracy: 'high'
},
{
name: 'azureCosmosDbKey',
description: 'Azure Cosmos DB key',
regex: /AccountEndpoint=https:\/\/[a-z0-9-]+\.documents\.azure\.com:443\/;AccountKey=[a-zA-Z0-9+/]+={0,2}/g,
matchAccuracy: 'high'
},
{
name: 'azureServiceBusConnectionString',
description: 'Azure Service Bus connection string',
regex: /Endpoint=sb:\/\/[a-z0-9-]+\.servicebus\.windows\.net\/;SharedAccessKeyName=[a-zA-Z0-9]+;SharedAccessKey=[a-zA-Z0-9+/]+={0,2}/g,
matchAccuracy: 'high'
},
{
name: 'dropboxAccessToken',
description: 'Dropbox access token',
regex: /\bsl\.[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'dropboxAppKey',
description: 'Dropbox app key',
regex: /\b[a-z0-9]{15}\.(app|apps)\.dropbox\.com\b/g,
matchAccuracy: 'high'
},
{
name: 'planetScaleConnectionString',
description: 'PlanetScale connection string',
regex: /mysql:\/\/[a-zA-Z0-9_-]+:[a-zA-Z0-9_=-]+@[a-z0-9.-]+\.psdb\.cloud\/[a-zA-Z0-9_-]+\?sslaccept=strict/g,
matchAccuracy: 'high'
},
{
name: 'gcpServiceAccountEmail',
description: 'GCP service account email',
regex: /\b[a-z0-9-]+@[a-z0-9-]+\.iam\.gserviceaccount\.com\b/g,
matchAccuracy: 'high'
},
{
name: 'gcpProjectId',
description: 'GCP project ID',
regex: /"project_id":\s*"[a-z0-9-]+"/g,
matchAccuracy: 'high'
},
{
name: 'cloudinaryUrl',
description: 'Cloudinary URL',
regex: /cloudinary:\/\/.*/g,
matchAccuracy: 'high'
},
{
name: 'firebaseUrl',
description: 'Firebase URL',
regex: /.*firebaseio\.com/g,
matchAccuracy: 'high'
},
{
name: 'sendgridApiKeyV2',
description: 'SendGrid API Key (v2)',
regex: /\bSG\.[A-Za-z0-9_-]{22}\.[A-Za-z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'mailgunApiKey',
description: 'Mailgun API Key',
regex: /key-[0-9a-z]{32}/g,
matchAccuracy: 'high'
},
{
name: 'firebaseApiKey',
description: 'Firebase API Key',
regex: /AIza[0-9A-Za-z_-]{35}/g,
matchAccuracy: 'high'
},
{
name: 'discordBotToken',
description: 'Discord Bot Token',
regex: /[MN][A-Za-z\d]{23}\.[\w-]{6}\.[\w-]{27}/g,
matchAccuracy: 'high'
},
{
name: 'discordWebhook',
description: 'Discord Webhook',
regex: /https:\/\/discord\.com\/api\/webhooks\/[0-9]{18}\/[A-Za-z0-9_-]{68}/g,
matchAccuracy: 'high'
},
{
name: 'telegramBotToken',
description: 'Telegram Bot Token',
regex: /[0-9]{8,10}:[A-Za-z0-9_-]{35}/g,
matchAccuracy: 'high'
},
{
name: 'npmToken',
description: 'NPM Token',
regex: /npm_[a-zA-Z0-9]{36}/g,
matchAccuracy: 'high'
},
{
name: 'dockerHubToken',
description: 'Docker Hub Token',
regex: /dckr_pat_[a-zA-Z0-9_-]{36}/g,
matchAccuracy: 'high'
},
{
name: 'pypiApiToken',
description: 'PyPI API Token',
regex: /pypi-[a-zA-Z0-9_-]{84}/g,
matchAccuracy: 'high'
},
{
name: 'gitlabPersonalAccessToken',
description: 'GitLab Personal Access Token',
regex: /glpat-[a-zA-Z0-9_-]{20}/g,
matchAccuracy: 'high'
},
{
name: 'azureDevOpsToken',
description: 'Azure DevOps Personal Access Token',
regex: /[a-z0-9]{52}/g,
matchAccuracy: 'low'
},
{
name: 'basicAuthCredentials',
description: 'Basic Auth Credentials',
regex: /Basic [A-Za-z0-9+/]+=*/g,
matchAccuracy: 'medium'
},
{
name: 'sendgridApiKey',
description: 'SendGrid API key',
regex: /\bSG\.[0-9A-Za-z_-]{20,}\.[0-9A-Za-z_-]{40,}\b/g,
matchAccuracy: 'high'
},
{
name: 'mailchimpApiKey',
description: 'MailChimp API key',
regex: /\b[0-9a-f]{32}-us[0-9]{1,2}\b/g,
matchAccuracy: 'high'
},
{
name: 'twilioApiKeyTruffleHog',
description: 'Twilio API Key (TruffleHog pattern)',
regex: /SK[a-z0-9]{32}/g,
matchAccuracy: 'high'
},
{
name: 'twilioAccountSid',
description: 'Twilio Account SID',
regex: /\bAC[0-9a-fA-F]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'squareAccessToken',
description: 'Square access token',
regex: /\bsq0atp-[a-zA-Z0-9_-]{26}\b/g,
matchAccuracy: 'high'
},
{
name: 'squareOauthSecret',
description: 'Square OAuth secret',
regex: /\bsq0csp-[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'paypalBraintreeAccessToken',
description: 'PayPal/Braintree access token',
regex: /\baccess_token\$(?:sandbox|production)\$[0-9a-z]{16}\$[0-9a-f]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'airtablePersonalAccessToken',
description: 'Airtable Personal Access Token',
regex: /\bpat[a-zA-Z0-9]{14}\.[a-zA-Z0-9]{64}\b/g,
matchAccuracy: 'high'
},
{
name: 'typeformToken',
description: 'Typeform token',
regex: /\btfp_[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'figmaToken',
description: 'Figma token',
regex: /\bfigd_[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'planetScaleToken',
description: 'PlanetScale token',
regex: /\bpscale_tkn_[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'renderToken',
description: 'Render token',
regex: /\brnd_[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'intercomToken',
description: 'Intercom access token',
regex: /\bdG9rOi[a-zA-Z0-9+/]{46,48}={0,2}\b/g,
matchAccuracy: 'high'
},
{
name: 'shopifyPrivateAppPassword',
description: 'Shopify private app password',
regex: /\bshppa_[a-fA-F0-9]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'shopifyAccessToken',
description: 'Shopify access token',
regex: /\bshpat_[a-fA-F0-9]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'shopifyWebhookToken',
description: 'Shopify webhook token',
regex: /\bshpwh_[a-fA-F0-9]{32}\b/g,
matchAccuracy: 'high'
}
];
const awsPatterns = [
{
name: 'awsAccessKeyId',
description: 'AWS access key ID',
regex: /\b(?:AKIA|ABIA|ACCA|ASCA|ASIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ANWA)[0-9A-Z]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsAccountId',
description: 'AWS Account ID',
regex: /\b['"]?(AWS|aws|Aws)?_?(?:ACCOUNT|account|Account)_?(?:ID|id|Id)?['"]?\s*(?::|=>|=)\s*['"]?[0-9]{4}-?[0-9]{4}-?[0-9]{4}['"]?\b/g,
matchAccuracy: 'high'
},
{
name: 'awsAmiId',
description: 'AWS AMI ID',
regex: /\bami-[a-f0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsApiGatewayUrl',
description: 'AWS API Gateway endpoint URL',
regex: /\b[0-9a-z]+\.execute-api\.[0-9a-z._-]+\.amazonaws\.com\b/g,
matchAccuracy: 'high'
},
{
name: 'awsAppSyncGraphqlKey',
description: 'AWS AppSync GraphQL API key',
regex: /\bda2-[a-z0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsEc2InstanceId',
description: 'AWS EC2 instance ID',
regex: /\bi-[a-f0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsEbsSnapshotId',
description: 'AWS EBS snapshot ID',
regex: /\bsnap-[a-f0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsEbsVolumeId',
description: 'AWS EBS volume ID',
regex: /\bvol-[a-f0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsIamRoleArn',
description: 'AWS IAM role ARN',
regex: /\barn:aws:iam::[0-9]{12}:role\/[a-zA-Z0-9_+=,.@-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsLambdaFunctionArn',
description: 'AWS Lambda function ARN',
regex: /\barn:aws:lambda:[a-z0-9-]+:[0-9]{12}:function:[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsMwsToken',
description: 'AWS MWS token',
regex: /\bamzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\b/g,
matchAccuracy: 'high'
},
{
name: 'awsRdsEndpoint',
description: 'AWS RDS database endpoint',
regex: /\b[0-9a-z._-]+\.rds\.amazonaws\.com\b/g,
matchAccuracy: 'high'
},
{
name: 'awsRegion',
description: 'AWS Region configuration',
regex: /\b['"]?(AWS|aws|Aws)?_?(?:REGION|region|Region)['"]?\s*(?::|=>|=)\s*['"]?(us|eu|ap|sa|ca|me|af|cn|gov)[-]?(east|west|north|south|central|southeast|northeast)?[-]?[0-9]?['"]?\b/g,
matchAccuracy: 'high'
},
{
name: 'awsS3BucketArn',
description: 'AWS S3 bucket ARN',
regex: /\barn:aws:s3:::[a-zA-Z0-9._-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsS3BucketUrl',
description: 'AWS S3 bucket URL',
regex: /\bs3:\/\/[0-9a-z._/-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsSecretAccessKey',
description: 'AWS Secret Access Key',
regex: /\b['"]?(AWS|aws|Aws)?_?(?:SECRET|secret|Secret)_?(?:ACCESS|access|Access)_?(?:KEY|key|Key)['"]?\s*(?::|=>|=)\s*['"]?([A-Za-z0-9/+=]{40})['"]?\b/g,
matchAccuracy: 'high'
},
{
name: 'awsSecurityGroupId',
description: 'AWS security group ID',
regex: /\bsg-[a-f0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsSessionToken',
description: 'AWS Session Token',
regex: /\b['"]?(AWS|aws|Aws)?_?(?:SESSION|session|Session)_?(?:TOKEN|token|Token)['"]?\s*(?::|=>|=)\s*['"]?[A-Za-z0-9/+=]{100,}['"]?\b/g,
matchAccuracy: 'high'
},
{
name: 'awsSnsTopicArn',
description: 'AWS SNS topic ARN',
regex: /\barn:aws:sns:[a-z0-9-]+:[0-9]{12}:[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsSqsQueueUrl',
description: 'AWS SQS queue URL',
regex: /\bhttps:\/\/sqs\.[a-z0-9-]+\.amazonaws\.com\/[0-9]{12}\/[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsSubnetId',
description: 'AWS subnet ID',
regex: /\bsubnet-[a-f0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'awsVpcId',
description: 'AWS VPC ID',
regex: /\bvpc-[a-f0-9]+\b/g,
matchAccuracy: 'high'
}
];
const databasePatterns = [
{
name: 'postgresqlConnectionString',
description: 'PostgreSQL database connection string with credentials',
regex: /postgresql:\/\/[^:]+:[^@]+@[^/]+\/[^?\s]+/gi,
matchAccuracy: 'high'
},
{
name: 'databaseUrlWithCredentials',
description: 'Generic database URL with embedded credentials',
regex: /(?:postgres|mysql|mongodb|redis):\/\/[^:]+:[^@]+@[^\s/]+/gi,
matchAccuracy: 'medium'
},
{
name: 'databasePasswordInUrl',
description: 'Database password in connection string parameters',
regex: /(?:password|pwd)=([^&\s;]+)/gi,
matchAccuracy: 'medium'
},
{
name: 'databaseUserInUrl',
description: 'Database username in connection string parameters',
regex: /(?:user|username|uid)=([^&\s;]+)/gi,
matchAccuracy: 'low',
isGeneralId: true
},
{
name: 'elasticsearchAuthentication',
description: 'Elasticsearch username and password in connection strings',
regex: /https?:\/\/[^:]+:[^@]+@[^/]+:9200/gi,
matchAccuracy: 'high'
},
{
name: 'redisAuthPassword',
description: 'Redis AUTH password',
regex: /AUTH\s+([a-zA-Z0-9_-]{8,})/gi,
matchAccuracy: 'medium'
},
{
name: 'couchDbCredentials',
description: 'CouchDB credentials in URL',
regex: /http[s]?:\/\/[^:]+:[^@]+@[^/]+:5984/gi,
matchAccuracy: 'high'
},
{
name: 'influxDbToken',
description: 'InfluxDB token',
regex: /\btoken=[a-zA-Z0-9_-]{80,100}\b/g,
matchAccuracy: 'medium'
},
{
name: 'neo4jCredentials',
description: 'Neo4j database credentials in URL',
regex: /bolt[s]?:\/\/[^:]+:[^@]+@[^/]+:7687/gi,
matchAccuracy: 'high'
},
{
name: 'faunaDbKey',
description: 'FaunaDB key',
regex: /\bfn[a-zA-Z0-9]{40}\b/g,
matchAccuracy: 'high'
},
{
name: 'cassandraConnectionString',
description: 'Cassandra connection string with credentials',
regex: /cassandra:\/\/[^:]+:[^@]+@[^/]+:9042/gi,
matchAccuracy: 'high'
},
{
name: 'timescaleDbConnectionString',
description: 'TimescaleDB connection string with credentials',
regex: /timescaledb:\/\/[^:]+:[^@]+@[^/]+\/[^?\s]+/gi,
matchAccuracy: 'high'
},
{
name: 'clickhouseConnectionString',
description: 'ClickHouse connection string with credentials',
regex: /clickhouse:\/\/[^:]+:[^@]+@[^/]+:8123/gi,
matchAccuracy: 'high'
},
{
name: 'mongodbConnectionString',
description: 'MongoDB connection string with credentials',
regex: /\bmongodb:\/\/[a-zA-Z0-9._-]+:[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+:[0-9]+\/[a-zA-Z0-9._-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'redisConnectionString',
description: 'Redis connection string with credentials',
regex: /\bredis:\/\/[a-zA-Z0-9._-]+:[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+:[0-9]+\b/g,
matchAccuracy: 'high'
},
{
name: 'databricksApiToken',
description: 'Databricks API token',
regex: /\bdapi[a-f0-9]{32}(?:-\d)?\b/g,
matchAccuracy: 'high'
},
{
name: 'pineconeEnvironment',
description: 'Pinecone environment and API key',
regex: /pinecone[\s\w]*(?:api|key|env)[\s:=]*["']?([a-zA-Z0-9_-]{32})["']?/gi,
matchAccuracy: 'medium'
}
];
const developerToolsPatterns = [
{
name: 'gitlabPersonalAccessToken',
description: 'GitLab personal access token',
regex: /\bglpat-[A-Za-z0-9_-]{20,50}\b/g,
matchAccuracy: 'high'
},
{
name: 'gitlabDeployToken',
description: 'GitLab deploy token',
regex: /\bgldt-[A-Za-z0-9_-]{20,50}\b/g,
matchAccuracy: 'high'
},
{
name: 'gitlabRunnerToken',
description: 'GitLab runner token',
regex: /\bglrt-[A-Za-z0-9_-]{20,50}\b/g,
matchAccuracy: 'high'
},
{
name: 'gitlabCicdJobToken',
description: 'GitLab CI/CD Job Token',
regex: /\bglcbt-[0-9a-zA-Z]{1,5}_[0-9a-zA-Z_-]{20}\b/g,
matchAccuracy: 'high'
},
{
name: 'dockerHubAccessToken',
description: 'Docker Hub access token',
regex: /\bdckr_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{18}\b/g,
matchAccuracy: 'high'
},
{
name: 'artifactoryApiKey',
description: 'Artifactory API key',
regex: /\bAKCp[A-Za-z0-9]{69}\b/g,
matchAccuracy: 'high'
},
{
name: 'atlassianApiToken',
description: 'Atlassian API token for Jira/Confluence',
regex: /\bATATT3[A-Za-z0-9_\-=]{186}\b/g,
matchAccuracy: 'high'
},
{
name: 'npmAccessToken',
description: 'NPM access token',
regex: /\bnpm_[a-zA-Z0-9]{36}\b/g,
matchAccuracy: 'high'
},
{
name: 'pypiApiToken',
description: 'PyPI API token',
regex: /\bpypi-[A-Za-z0-9_-]{8,}\b/g,
matchAccuracy: 'high'
},
{
name: 'terraformCloudToken',
description: 'Terraform Cloud API token',
regex: /\b[a-zA-Z0-9]{14}\.[a-zA-Z0-9]{6}\.[a-zA-Z0-9]{16}\b/g,
matchAccuracy: 'high'
},
{
name: 'jetBrainsToken',
description: 'JetBrains access token',
regex: /\bperm:[a-zA-Z0-9_-]{10,}\b/g,
matchAccuracy: 'medium'
},
{
name: 'sourcegraphApiKey',
description: 'Sourcegraph API key',
regex: /\bsgp_[a-zA-Z0-9]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'nugetApiKey',
description: 'NuGet API key',
regex: /\boy2[a-z0-9]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'stackhawkApiKey',
description: 'StackHawk API key',
regex: /\bhawk\.[0-9A-Za-z\-_]{20}\.[0-9A-Za-z\-_]{20}\b/g,
matchAccuracy: 'high'
},
{
name: 'bitbucketAppPasswordSpecific',
description: 'Bitbucket app password (specific format)',
regex: /\bATBB[a-zA-Z0-9]{24}\b/g,
matchAccuracy: 'high'
},
{
name: 'openweatherApiKey',
description: 'OpenWeather API key',
regex: /\bappid=[0-9a-f]{32}\b/gi,
matchAccuracy: 'high'
},
{
name: 'herokuApiKey',
description: 'Heroku API Key',
regex: /[h|H][e|E][r|R][o|O][k|K][u|U].*[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}/g,
matchAccuracy: 'high'
},
{
name: 'linearPersonalApiKey',
description: 'Linear Personal API key',
regex: /\blin_pat_[a-zA-Z0-9_-]{40}\b/g,
matchAccuracy: 'high'
},
{
name: 'notionInternalIntegration',
description: 'Notion internal integration token',
regex: /\bntn_[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'pulumiAccessToken',
description: 'Pulumi access token',
regex: /\bpul-[a-f0-9]{40}\b/g,
matchAccuracy: 'high'
},
{
name: 'sentryAuthTokenSpecific',
description: 'Sentry auth token (with context)',
regex: /sentry[\s\w]*(?:auth|token)[\s:=]*["']?([a-f0-9]{64})["']?/gi,
matchAccuracy: 'medium'
},
{
name: 'bugsnagApiKeySpecific',
description: 'Bugsnag API key (with context)',
regex: /bugsnag[\s\w]*(?:api|key)[\s:=]*["']?([a-f0-9]{32})["']?/gi,
matchAccuracy: 'medium'
},
{
name: 'rollbarAccessTokenSpecific',
description: 'Rollbar access token (with context)',
regex: /rollbar[\s\w]*(?:access|token)[\s:=]*["']?([a-f0-9]{32})["']?/gi,
matchAccuracy: 'medium'
}
];
const networkLocationPatterns = [
{
name: 'macAddress',
description: 'MAC address',
regex: /\b([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})\b/g,
matchAccuracy: 'high'
},
{
name: 'ipv4Address',
description: 'IPv4 address',
regex: /\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b/g,
matchAccuracy: 'low'
},
{
name: 'ipv6Address',
description: 'IPv6 address',
regex: /\b(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}\b/g,
matchAccuracy: 'low'
},
{
name: 'privateNetworkRange',
description: 'Private network IP ranges',
regex: /\b(?:10\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|172\.(?:1[6-9]|2[0-9]|3[01])\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|192\.168\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))\b/g,
matchAccuracy: 'high'
},
{
name: 'sshHostFingerprint',
description: 'SSH host fingerprint',
regex: /\b[0-9a-f]{2}(:[0-9a-f]{2}){15}\b/g,
matchAccuracy: 'high'
},
{
name: 'wifiPassword',
description: 'WiFi password in config',
regex: /(?:password|psk)\s*[=:]\s*["']([^"']{8,})["']/gi,
matchAccuracy: 'medium'
}
];
const paymentProviderPatterns = [
{
name: 'squareAccessToken',
description: 'Square access token',
regex: /\bEAAAE[A-Za-z0-9_-]{100,}\b/g,
matchAccuracy: 'high'
},
{
name: 'adyenApiKey',
description: 'Adyen API key',
regex: /\bAQE[a-zA-Z0-9]{70,}\b/g,
matchAccuracy: 'high'
},
{
name: 'applePayMerchantId',
description: 'Apple Pay merchant ID',
regex: /\bmerchant\.[a-zA-Z0-9.-]+\b/g,
matchAccuracy: 'medium'
},
{
name: 'razorpayApiKey',
description: 'Razorpay API key',
regex: /\brzp_[a-zA-Z0-9]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'paypalAccessToken',
description: 'PayPal access token',
regex: /\bA21AA[a-zA-Z0-9_-]{50,}\b/g,
matchAccuracy: 'high'
},
{
name: 'paypalBraintreeAccessToken',
description: 'PayPal/Braintree access token',
regex: /\baccess_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'squareAccessTokenSpecific',
description: 'Square access token (specific format)',
regex: /\bsq0atp-[0-9A-Za-z\-_]{22}\b/g,
matchAccuracy: 'high'
},
{
name: 'squareOauthSecret',
description: 'Square OAuth secret',
regex: /\bsq0csp-[0-9A-Za-z\-_]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'squareApiKey',
description: 'Square API key',
regex: /\bsq0[a-z]{3}-[a-zA-Z0-9_-]{22,43}\b/g,
matchAccuracy: 'high'
},
{
name: 'finicityApiToken',
description: 'Finicity API token',
regex: /finicity.{0,50}[a-f0-9]{32}/gi,
isGeneralId: true,
matchAccuracy: 'medium'
},
{
name: 'finnhubAccessToken',
description: 'Finnhub access token',
regex: /finnhub.{0,50}[a-z0-9]{20}/gi,
isGeneralId: true,
matchAccuracy: 'medium'
},
{
name: 'flutterwavePublicKey',
description: 'Flutterwave public key',
regex: /\bFLWPUBK_TEST-[a-h0-9]{32}-X\b/g,
matchAccuracy: 'high'
},
{
name: 'flutterwaveSecretKey',
description: 'Flutterwave secret key',
regex: /\bFLWSECK_TEST-[a-h0-9]{32}-X\b/g,
matchAccuracy: 'high'
},
{
name: 'flutterwaveEncryptionKey',
description: 'Flutterwave encryption key',
regex: /\bFLWSECK_TEST-[a-h0-9]{12}\b/g,
matchAccuracy: 'high'
}
];
const urlPatterns = [
{
name: 'urlWithQueryParams',
description: 'URL with Query Parameters',
regex: /(https?:\/\/[^\s?]+)\?.*$/gi,
matchAccuracy: 'medium'
}
];
const codeConfigPatterns = [
{
name: 'hardcodedSecretsInJsonYaml',
description: 'Hardcoded Secrets in JSON / YAML',
regex: /(?:"(?:password|secret|api_key|private_key|token)"\s*:\s*"[^"]{8,}"|'(?:password|secret|api_key|private_key|token)'\s*:\s*'[^']{8,}')/gi,
matchAccuracy: 'medium'
},
{
name: 'environmentVariables',
description: 'Environment Variables',
regex: /(?:process\.env\.|ENV\[|getenv\(|os\.environ\[)['"]((?:API_KEY|SECRET|PASSWORD|TOKEN|PRIVATE_KEY|DB_PASS)[^'"]*)['"]/gi,
matchAccuracy: 'medium'
},
{
name: 'configFilePasswords',
description: 'Config File Passwords',
regex: /(?:password|passwd|pwd)\s*[:=]\s*['"]([^'"]{6,})['"]/gi,
matchAccuracy: 'medium'
},
{
name: 'databaseCredentialsInConfig',
description: 'Database Credentials in Config',
regex: /(?:db_password|database_password|db_pass)\s*[:=]\s*['"]([^'"]{4,})['"]/gi,
matchAccuracy: 'medium'
},
{
name: 'apiKeysInComments',
description: 'API Keys in Comments',
regex: /\/\/.*(?:api.key|token|secret)[:=\s]+([a-zA-Z0-9_-]{20,})/gi,
matchAccuracy: 'low'
},
{
name: 'hardcodedJwtSecrets',
description: 'Hardcoded JWT Secrets',
regex: /jwt[_-]?secret\s*[:=]\s*['"]([^'"]{16,})['"]/gi,
matchAccuracy: 'high'
},
{
name: 'privateKeysInConfig',
description: 'Private Keys in Config',
regex: /(?:private[_-]?key|rsa[_-]?key)\s*[:=]\s*['"]([^'"]{50,})['"]/gi,
matchAccuracy: 'medium'
},
{
name: 'encryptionKeys',
description: 'Encryption Keys',
regex: /(?:encryption[_-]?key|cipher[_-]?key|secret[_-]?key)\s*[:=]\s*['"]([^'"]{16,})['"]/gi,
matchAccuracy: 'medium'
},
{
name: 'sessionSecrets',
description: 'Session Secrets',
regex: /session[_-]?secret\s*[:=]\s*['"]([^'"]{16,})['"]/gi,
matchAccuracy: 'medium'
},
{
name: 'cookieSecrets',
description: 'Cookie Secrets',
regex: /cookie[_-]?secret\s*[:=]\s*['"]([^'"]{16,})['"]/gi,
matchAccuracy: 'medium'
},
{
name: 'kubernetesSecretYaml',
description: 'Kubernetes Secret in YAML format',
regex: /\bkind:\s*["']?secret["']?[\s\S]*?\bdata:\s*[\s\S]*?([a-zA-Z0-9_-]+:\s*[a-zA-Z0-9+/]{10,}={0,3})/gi,
matchAccuracy: 'high',
fileContext: /\.ya?ml$/i
}
];
const socialMediaPatterns = [
{
name: 'twitterBearerToken',
description: 'Twitter Bearer token',
regex: /\bAAAAAAAAAAAAAAAAAAAAA[a-zA-Z0-9%]{50,}\b/g,
matchAccuracy: 'high'
},
{
name: 'facebookAccessToken',
description: 'Facebook access token',
regex: /\bEAA[a-zA-Z0-9]{80,120}\b/g,
matchAccuracy: 'high'
},
{
name: 'facebookOauth',
description: 'Facebook OAuth Token',
regex: /[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|"][0-9a-f]{32}['|"]/g,
matchAccuracy: 'high'
},
{
name: 'twitterOauth',
description: 'Twitter OAuth Token',
regex: /[t|T][w|W][i|I][t|T][t|T][e|E][r|R].*['|"][0-9a-zA-Z]{35,44}['|"]/g,
matchAccuracy: 'high'
}
];
const fileStoragePatterns = [
{
name: 'dropboxAccessToken',
description: 'Dropbox access token',
regex: /\bsl\.[a-zA-Z0-9_-]{120,140}\b/g,
matchAccuracy: 'high'
}
];
const communicationServicePatterns = [
{
name: 'sendGridApiKey',
description: 'SendGrid API key',
regex: /\bSG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'mailgunApiKey',
description: 'Mailgun API key',
regex: /\bkey-[0-9a-zA-Z]{32}\b/g,
matchAccuracy: 'medium'
},
{
name: 'telegramBotToken',
description: 'Telegram bot token',
regex: /\b[0-9]{8,10}:[a-zA-Z0-9_-]{35}\b/g,
matchAccuracy: 'high'
}
];
const ecommerceContentPatterns = [
{
name: 'shopifyStorefrontApiAccessToken',
description: 'Shopify storefront API access token',
regex: /\bshpatf_[0-9a-f]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'hubSpotApiKey',
description: 'HubSpot API key',
regex: /\bpat-[a-zA-Z0-9-]{36}\b/g,
matchAccuracy: 'medium'
},
{
name: 'contentfulAccessToken',
description: 'Contentful access token',
regex: /\bCFPAT-[0-9a-zA-Z]{20}\b/g,
matchAccuracy: 'high'
},
{
name: 'sanityIoApiToken',
description: 'Sanity.io API token',
regex: /\bsk\.[a-zA-Z0-9]{60,}\b/g,
isGeneralId: true,
matchAccuracy: 'medium'
},
{
name: 'wooCommerceConsumerKey',
description: 'WooCommerce consumer key',
regex: /\bck_[a-f0-9]{40}\b/g,
matchAccuracy: 'high'
},
{
name: 'wooCommerceConsumerSecret',
description: 'WooCommerce consumer secret',
regex: /\bcs_[a-f0-9]{40}\b/g,
matchAccuracy: 'high'
},
{
name: 'mailchimpApiKeySpecific',
description: 'MailChimp API key (specific format)',
regex: /\b[0-9a-f]{32}-[a-z]{2,3}[0-9]{1,2}\b/g,
matchAccuracy: 'high'
}
];
const mappingMonitoringPatterns = [
{
name: 'mapboxAccessTokenPublic',
description: 'Mapbox public access token',
regex: /\bpk\.[a-zA-Z0-9]{60,}\b/g,
matchAccuracy: 'high'
}, {
name: 'grafanaCloudApiKey',
description: 'Grafana Cloud API key',
regex: /\bglc_[a-zA-Z0-9]{32}\b/g,
matchAccuracy: 'high'
},
{
name: 'mailchimpApiKey',
description: 'Mailchimp API key',
regex: /\b[0-9a-f]{32}-[a-z]{2}\b/g,
matchAccuracy: 'medium'
},
{
name: 'newRelicApiKey',
description: 'New Relic API key',
regex: /\bNRAK-[A-Z0-9]{27}\b/g,
matchAccuracy: 'high'
},
{
name: 'honeybadgerApiKey',
description: 'Honeybadger API key',
regex: /\b[a-f0-9]{32}\b/g,
matchAccuracy: 'medium'
}
];
const analyticsModernPatterns = [
{
name: 'posthogApiKey',
description: 'PostHog API key',
regex: /\bphc_[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'posthogPersonalApiKey',
description: 'PostHog personal API key',
regex: /\bphx_[a-zA-Z0-9_-]{43}\b/g,
matchAccuracy: 'high'
},
{
name: 'googleAnalytics4MeasurementId',
description: 'Google Analytics 4 Measurement ID',
regex: /\bG-[A-Z0-9]{10}\b/g,
matchAccuracy: 'high'
},
{
name: 'datadogApiKeySpecific',
description: 'Datadog API key (with context)',
regex: /datadog[\s\w]*api[\s\w]*key[\s:=]*["']?([a-f0-9]{32})["']?/gi,
matchAccuracy: 'medium'
},
{
name: 'datadogApplicationKeySpecific',
description: 'Datadog application key (with context)',
regex: /datadog[\s\w]*app[\s\w]*key[\s:=]*["']?([a-f0-9]{40})["']?/gi,
matchAccuracy: 'medium'
},
{
name: 'honeycombApiKey',
description: 'Honeycomb API key',
regex: /\bhcaik_[a-zA-Z0-9_-]{32}\b/g,
matchAccuracy: 'high'
}
];
const secretDetectionGenericPatterns = [
{
name: 'genericPassword',
description: 'Generic password pattern in keys',
regex: /passw(or)?d/ig,
matchAccuracy: 'medium'
},
{
name: 'genericPasswordShort',
description: 'Short password pattern',
regex: /^pw$/i,
matchAccuracy: 'medium'
},
{
name: 'genericPass',
description: 'Generic pass pattern',
regex: /^pass$/i,
matchAccuracy: 'medium'
},
{
name: 'genericSecret',
description: 'Generic secret pattern',
regex: /secret/i,
matchAccuracy: 'medium'
},
{
name: 'genericSecretPattern',
description: 'Generic Secret Pattern',
regex: /[s|S][e|E][c|C][r|R][e|E][t|T].*['|"][0-9a-zA-Z]{32,45}['|"]/g,
matchAccuracy: 'medium'
},
{
name: 'genericApiKeyPattern',
description: 'Generic API Key Pattern',
regex: /[a|A][p|P][i|I][_]?[k|K][e|E][y|Y].*['|"][0-9a-zA-Z]{32,45}['|"]/g,
matchAccuracy: 'medium'
},
{
name: 'passwordInUrl',
description: 'Password in URL',
regex: /[a-zA-Z]{3,10}:\/\/[^\\/\s:@]{3,20}:[^\\/\s:@]{3,20}@.{1,100}["'\s]/g,
matchAccuracy: 'high'
},
{
name: 'genericApiKey',
description: 'Generic API key pattern',
regex: /api[-._]?key/i,
matchAccuracy: 'medium'
},
{
name: 'genericSessionId',
description: 'Generic session ID pattern',
regex: /session[-._]?id/i,
matchAccuracy: 'medium'
},
{
name: 'connectSid',
description: 'Express session connect.sid',
regex: /^connect\.sid$/,
matchAccuracy: 'high'
},
{
name: 'creditCardNumber',
description: 'Credit card number pattern',
regex: /^\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}$/,
matchAccuracy: 'high'
}
];
const githubTokenPatterns = [
{
name: 'githubPersonalAccessToken',
description: 'GitHub Personal Access Token',
regex: /\bghp_[A-Za-z0-9_]{36}\b/g,
matchAccuracy: 'high'
},
{
name: 'githubOAuthAccessToken',
description: 'GitHub OAuth Access Token',
regex: /\bgho_[A-Za-z0-9_]{36}\b/g,
matchAccuracy: 'high'
},
{
name: 'githubServerToServerToken',
description: 'GitHub Server-to-server Token',
regex: /\bghs_[A-Za-z0-9_]{36}\b/g,
matchAccuracy: 'high'
},
{
name: 'githubRefreshToken',
description: 'GitHub Refresh Token',
regex: /\bghr_[A-Za-z0-9_]{36}\b/g,
matchAccuracy: 'high'
},
{
name: 'githubFineGrainedPersonalAccessToken',
description: 'GitHub Fine-grained Personal Access Token',
regex: /\bgithub_pat_[A-Za-z0-9_]{82}\b/g,
matchAccuracy: 'high'
},
{
name: 'githubPersonalAccessToken',
description: 'GitHub personal access token',
regex: /\bghp_[A-Za-z0-9_]+\b/g,
matchAccuracy: 'high'
},
{
name: 'githubFineGrainedToken',
description: 'GitHub fine-grained token',
regex: /\bgithub_pat_[0-9a-zA-Z]+_[0-9a-zA-Z]+\b/g,
matchAccuracy: 'high'
},
{
name: 'githubAppInstallationToken',
description: 'GitHub app installation token',
regex: /\bghs_[0-9a-zA-Z]+\b/g,
matchAccuracy: 'high'
},
{
name: 'githubRefreshToken',
description: 'GitHub refresh token',
regex: /\bghr_[A-Za-z0-9_]{76}\b/g,
matchAccuracy: 'high'
}
];
const slackEnhancedPatterns = [
{
name: 'slackAppLevelToken',
description: 'Slack app-level token',
regex: /\bxapp-[0-9]-[a-zA-Z0-9_-]+\b/g,
matchAccuracy: 'high'
},
{
name: 'slackGenericToken',
description: 'Slack Generic Token Pattern',
regex: /\b[s|S][l|L][a|A][c|C][k|K].*['|"][0-9a-zA-Z]{35,44}['|"]/g,
matchAccuracy: 'medium'
}, {
name: 'slackTokenGeneric',
description: 'Slack token (generic pattern)',
regex: /\bxox(?:a|b|p|o|s|r)-(?:\d+-)(?:\d+|\w+)(?:-\d+)?/gi,
matchAccuracy: 'high'
}
];
const privateKeyPatterns = [
{
name: 'privateKeyGeneric',
description: 'Generic Private Key Block',
regex: /-----BEGIN\s?((?:DSA|RSA|EC|PGP|OPENSSH|[A-Z]{2,16})?\s?PRIVATE KEY(\sBLOCK)?)-----[\s\S]{1,10000}?-----END\s?\1-----/gm,
matchAccuracy: 'high'
},
{
name: 'rsaPrivateKey',
description: 'RSA Private Key',
regex: /-----BEGIN RSA PRIVATE KEY-----/g,
matchAccuracy: 'high'
},
{
name: 'openssh