PyPI - credsweeper - Versions diffs - 1.11.2__py3-none-any.whl → 1.11.4__py3-none-any.whl - Mend

credsweeper 1.11.2py3-none-any.whl → 1.11.4py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of credsweeper might be problematic. Click here for more details.

Files changed (73) hide show

credsweeper/__init__.py +1 -1
credsweeper/__main__.py +7 -5
credsweeper/app.py +28 -47
credsweeper/common/constants.py +2 -5
credsweeper/common/keyword_pattern.py +15 -9
credsweeper/common/morpheme_checklist.txt +4 -2
credsweeper/credentials/candidate_key.py +1 -1
credsweeper/credentials/credential_manager.py +4 -3
credsweeper/credentials/line_data.py +16 -15
credsweeper/deep_scanner/abstract_scanner.py +10 -1
credsweeper/deep_scanner/deb_scanner.py +48 -0
credsweeper/deep_scanner/deep_scanner.py +65 -43
credsweeper/deep_scanner/docx_scanner.py +1 -1
credsweeper/deep_scanner/encoder_scanner.py +2 -2
credsweeper/deep_scanner/gzip_scanner.py +1 -1
credsweeper/deep_scanner/html_scanner.py +3 -3
credsweeper/deep_scanner/jks_scanner.py +2 -4
credsweeper/deep_scanner/lang_scanner.py +2 -2
credsweeper/deep_scanner/lzma_scanner.py +40 -0
credsweeper/deep_scanner/pkcs12_scanner.py +3 -5
credsweeper/deep_scanner/xml_scanner.py +2 -2
credsweeper/file_handler/byte_content_provider.py +2 -2
credsweeper/file_handler/content_provider.py +1 -1
credsweeper/file_handler/data_content_provider.py +23 -14
credsweeper/file_handler/diff_content_provider.py +2 -2
credsweeper/file_handler/file_path_extractor.py +1 -1
credsweeper/file_handler/files_provider.py +2 -4
credsweeper/file_handler/patches_provider.py +1 -1
credsweeper/file_handler/string_content_provider.py +2 -2
credsweeper/file_handler/struct_content_provider.py +1 -1
credsweeper/file_handler/text_content_provider.py +2 -2
credsweeper/filters/value_array_dictionary_check.py +3 -1
credsweeper/filters/value_azure_token_check.py +1 -2
credsweeper/filters/value_base64_encoded_pem_check.py +1 -1
credsweeper/filters/value_base64_part_check.py +30 -21
credsweeper/filters/value_discord_bot_check.py +1 -2
credsweeper/filters/value_entropy_base32_check.py +11 -31
credsweeper/filters/value_entropy_base36_check.py +11 -34
credsweeper/filters/value_entropy_base64_check.py +15 -48
credsweeper/filters/value_entropy_base_check.py +37 -0
credsweeper/filters/value_file_path_check.py +1 -1
credsweeper/filters/value_hex_number_check.py +3 -3
credsweeper/filters/value_json_web_token_check.py +4 -5
credsweeper/filters/value_pattern_check.py +64 -16
credsweeper/filters/value_string_type_check.py +11 -3
credsweeper/filters/value_token_base32_check.py +0 -4
credsweeper/filters/value_token_base36_check.py +0 -4
credsweeper/filters/value_token_base64_check.py +0 -4
credsweeper/filters/value_token_check.py +1 -1
credsweeper/ml_model/features/file_extension.py +2 -2
credsweeper/ml_model/features/morpheme_dense.py +0 -4
credsweeper/ml_model/features/rule_name.py +1 -1
credsweeper/ml_model/features/word_in_path.py +0 -9
credsweeper/ml_model/features/word_in_postamble.py +0 -11
credsweeper/ml_model/features/word_in_preamble.py +0 -11
credsweeper/ml_model/features/word_in_transition.py +0 -11
credsweeper/ml_model/features/word_in_value.py +0 -11
credsweeper/ml_model/features/word_in_variable.py +0 -11
credsweeper/ml_model/ml_validator.py +45 -22
credsweeper/rules/config.yaml +238 -208
credsweeper/rules/rule.py +3 -3
credsweeper/scanner/scan_type/scan_type.py +2 -3
credsweeper/scanner/scanner.py +7 -1
credsweeper/secret/config.json +16 -5
credsweeper/utils/hop_stat.py +3 -3
credsweeper/utils/pem_key_detector.py +8 -7
credsweeper/utils/util.py +76 -146
{credsweeper-1.11.2.dist-info → credsweeper-1.11.4.dist-info}/METADATA +1 -1
{credsweeper-1.11.2.dist-info → credsweeper-1.11.4.dist-info}/RECORD +72 -70
credsweeper/utils/entropy_validator.py +0 -72
{credsweeper-1.11.2.dist-info → credsweeper-1.11.4.dist-info}/WHEEL +0 -0
{credsweeper-1.11.2.dist-info → credsweeper-1.11.4.dist-info}/entry_points.txt +0 -0
{credsweeper-1.11.2.dist-info → credsweeper-1.11.4.dist-info}/licenses/LICENSE +0 -0

credsweeper/rules/config.yaml CHANGED Viewed

@@ -1,9 +1,40 @@
+- name: DOC_GET
+  severity: medium
+  confidence: weak
+  type: pattern
+  values:
+    - (?P<variable>(\w*(?i:비밀번호|비번|패스워드|키|암호화?|토큰|(?<!by)pass(?!ed|ing|ion|es|age)|\bpwd?\b|token|secret|key|cred)\w*)\s*(설정은|[=:!]{1,3}))?\s*([._0-9A-Za-z\[\]]*get(env)?\s*\(\s*(?(variable)[^,]+)|[\"'\\]*(\\*(['\"]|&(quot|apos);)){0,4}(\w*(?i:(?<!by)pass(?!ed|ing|ion|es|age|\s+[a-z]{3,80})|\bpwd?\b|token|secret|key|cred)\w*)(\\*(['\"]|&(quot|apos);)){0,4})\s*,\s*(default\s*=\s*)?([brufl@]{1,2}(?=\\*['\"&]))?(?P<lq>(\\*(['\"]|&(quot|apos);)){1,4})(?P<value>(.(?!(?P=lq))){4,80}.?)
+  filter_type:
+    - ValueAllowlistCheck
+    - LineGitBinaryCheck
+    - LineUUEPartCheck
+    - ValueFilePathCheck
+    - ValuePatternCheck(5)
+    - ValueDictionaryValueLengthCheck(4,80)
+  min_line_len: 8
+  required_substrings:
+    - pass
+    - pw
+    - token
+    - secret
+    - key
+    - cred
+    - 비밀번호
+    - 비번
+    - 패스워드
+    - 암호
+    - 키
+    - 토큰
+  target:
+    - doc
+  use_ml: true
 - name: DOC_CREDENTIALS
   severity: medium
   confidence: weak
   type: pattern
   values:
-    - (?P<wrap>[`'\"(])?\s*(?P<variable>(\w*(?i:passw?o?r?d?s?|pwd?\b|\bp/w\b|token|secret|key)\w*|비밀번호|비번|패스워드|암호|키|암호|암호화|토큰))[`'\"]*(\s+(?i:is|are|was|were)(\s*[:-])?\s+|\s*(설정은|[=:]{1,3})\s*)(?P<quote>[`'\"]{1,6})?(?P<value>(?(quote)(?(wrap)[^`'\")]{4,80}|[^`'\"]{4,80})|(?(wrap)[^`'\")]{4,80}|\S{4,80})))
+    - (?P<wrap>[`'\"(])?\s*(?P<variable>(\w*(?i:(?<!by)passw?o?r?d?s?(?!ed|ing|ion|es|age)|pwd?\b|\bp/w\b|token|secret|key|credential)\w*|비밀번호|비번|패스워드|키|암호화?|토큰))[`'\"]*(\s+(?i:is|are|was|were)(\s*[:-])?\s+|\s*(설정은|[=:!]{1,3})\s*)(?P<quote>[`'\"]{1,6})?(?P<value>(?(quote)(?(wrap)[^`'\")]{4,80}|[^`'\"]{4,80})|(?(wrap)[^`'\")]{4,80}|\S{4,80})))
   filter_type:
     - ValueAllowlistCheck
     - LineGitBinaryCheck
@@ -25,8 +56,8 @@
     - token
     - secret
     - key
+    - credential
     - 키
-    - 암호화
     - 토큰
   target:
     - doc
@@ -37,7 +68,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?P<variable>[`'\"]?(?i:token|secret|key|키|암호|암호화|토큰)[`'\"]?)((\s)*[=:](\s)*)(?P<quote>[`'\"(])?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){8,80}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)[)`'\"])
+    - (?P<variable>[`'\"]?(?i:token|secret|key|키|암호화?|토큰)[`'\"]?)((\s)*[=:](\s)*)(?P<quote>[`'\"(])?(?P<value>(?-i:(?P<a>[A-Z])|(?P<b>[a-z])|(?P<c>[0-9/_+=~!@#$%^&*;:?-])){8,80}(?(a)(?(b)(?(c)(\S|$)|(?!x)x)|(?!x)x)|(?!x)x))(?(quote)[)`'\"])
   filter_type:
     - ValueAllowlistCheck
     - ValuePatternCheck
@@ -50,7 +81,6 @@
     - key
     - 키
     - 암호
-    - 암호화
     - 토큰
   target:
     - doc
@@ -162,26 +192,12 @@
     - code
   use_ml: true
-- name: API
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - api(?!tal)
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 11
-  required_substrings:
-    - api
-  target:
-    - code
 - name: UUID
   severity: info
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Fa-f]{8}(-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12})(?![0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Fa-f]{8}(-[0-9A-Fa-f]{4}){3}-[0-9A-Fa-f]{12})(?![0-9A-Za-z_+-])
   min_line_len: 36
   required_substrings:
     - "-"
@@ -198,7 +214,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>(ABIA|ACCA|AGPA|AIDA|AIPA|AKIA|ANPA|ANVA|AROA|APKA|ASCA|ASIA)[0-9A-Z]{16,17})(?![0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>(ABIA|ACCA|AGPA|AIDA|AIPA|AKIA|ANPA|ANVA|AROA|APKA|ASCA|ASIA)[0-9A-Z]{16,17})(?![0-9A-Za-z_+-])
   filter_type: GeneralPattern
   required_substrings:
     - A
@@ -213,11 +229,12 @@
   confidence: moderate
   type: multi
   values:
-    - (?:(?<![0-9A-Za-z_+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>(ABIA|ACCA|AGPA|AIDA|AIPA|AKIA|ANPA|ANVA|AROA|APKA|ASCA|ASIA)[0-9A-Z]{16,17})(?![0-9A-Za-z_+-])
-    - (?:(?<![0-9A-Za-z_/+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z/+]{35,80})
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>(ABIA|ACCA|AGPA|AIDA|AIPA|AKIA|ANPA|ANVA|AROA|APKA|ASCA|ASIA)[0-9A-Z]{16,17})(?![0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z/+]{35,80})
   filter_type:
     - LineSpecificKeyCheck
     - ValuePatternCheck
+    - ValueBase64PartCheck
     - ValueCoupleKeywordCheck(3)
   required_substrings:
     - A
@@ -232,35 +249,21 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>amzn\.mws\.[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})(?![0-9A-Za-z_-])
+    - (?P<value>amzn\.mws\.[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
-    - amzn
+    - amzn.mws.
   min_line_len: 30
   target:
     - code
     - doc
-- name: Credential
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - credential
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 18
-  required_substrings:
-    - credential
-  target:
-    - code
 - name: Dynatrace API Token
   severity: high
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>dt0[A-Za-z]{1}[0-9]{2}\.[0-9A-Z]{24}\.[0-9A-Z]{64})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>dt0[A-Za-z]{1}[0-9]{2}\.[0-9A-Z]{24}\.[0-9A-Z]{64})(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - dt0
@@ -274,7 +277,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>EAA[0-9A-Za-z]{80,800})
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>EAA[0-9A-Za-z]{80,800})
   filter_type:
     - ValuePatternCheck
     - ValueBase64PartCheck
@@ -290,7 +293,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9]{12,18}\|[0-9A-Za-z_-]{24,28})(?![0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9]{12,18}\|[0-9A-Za-z_-]{24,28})(?![0-9A-Za-z_+-])
   filter_type: GeneralPattern
   required_substrings:
     - "|"
@@ -320,7 +323,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>AIza[0-9A-Za-z_-]{35})
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>AIza[0-9A-Za-z_-]{35})
   filter_type: GeneralPattern
   required_substrings:
     - AIza
@@ -349,7 +352,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>GOCSPX-[0-9A-Za-z_-]{28})(?![0-9A-Za-z_-])
+    - (?P<value>GOCSPX-[0-9A-Za-z_-]{28})(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - GOCSPX-
@@ -363,7 +366,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>ya29\.[0-9A-Za-z_-]{22,8000})
+    - (?P<value>ya29\.[0-9A-Za-z_-]{22,8000})
   filter_type: GeneralPattern
   required_substrings:
     - ya29.
@@ -391,7 +394,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>IGQVJ[=0-9A-Za-z_-]{100,8000})(?![=0-9A-Za-z_-])
+    - (?P<value>IGQVJ[=0-9A-Za-z_-]{100,8000})(?![=0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - IGQVJ
@@ -405,7 +408,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>eyJ[=0-9A-Za-z_+/-]{15,8000}(\.[=0-9A-Za-z_+/-]{0,8000}){2,16})(?![=0-9A-Za-z_-])
+    - (?P<value>eyJ[=0-9A-Za-z_+/-]{15,8000}(\.[=0-9A-Za-z_+/-]{0,8000}){2,16})(?![=0-9A-Za-z_-])
   filter_type:
     - ValueJsonWebTokenCheck
   required_substrings:
@@ -420,7 +423,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_-]{32}-us[0-9]{1,2})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_-]{32}-us[0-9]{1,2})(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - -us
@@ -434,7 +437,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>key-[0-9A-Za-z_-]{32})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>key-[0-9A-Za-z_-]{32})(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - key-
@@ -443,21 +446,6 @@
     - code
     - doc
-- name: Password
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - (?<!by)pass(?!ed|ing|es|age|\s+[a-z]{3,80})|pw(d|\b)
-  filter_type: PasswordKeyword
-  use_ml: true
-  min_line_len: 10
-  required_substrings:
-    - pass
-    - pw
-  target:
-    - code
 - name: PayPal Braintree Access Token
   severity: high
   confidence: strong
@@ -505,7 +493,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>MII[A-Za-f][0-9A-Za-z/+]{8}(?s:[^!#$&()*\-.:;<=>?@\[\]^_{|}~]{8,8000}))
+    - (?P<value>MII[A-Za-f][0-9A-Za-z/+]{8}(?s:[^!#$&()*\-.:;<=>?@\[\]^_{|}~]{8,8000}))
   filter_type:
     - ValueBase64KeyCheck
   min_line_len: 160
@@ -529,26 +517,12 @@
     - code
     - doc
-- name: Secret
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - secret
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 14
-  required_substrings:
-    - secret
-  target:
-    - code
 - name: SendGrid API Key
   severity: high
   confidence: moderate
   type: pattern
   values:
-    - (?P<value>SG\.[0-9A-Za-z_-]{16,32}\.[0-9A-Za-z_-]{16,64})
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>SG\.[0-9A-Za-z_-]{16,32}\.[0-9A-Za-z_-]{16,64})
   filter_type: GeneralPattern
   required_substrings:
     - SG.
@@ -576,7 +550,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>xox[a-z]\-[0-9A-Za-z-]{10,250})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>xox[a-z]\-[0-9A-Za-z-]{10,250})(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - xox
@@ -620,7 +594,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>EAAA[0-9A-Za-z_-]{60})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>EAAA[0-9A-Za-z_-]{60})(?![0-9A-Za-z_-])
   filter_type:
     - ValuePatternCheck
     - ValueBase64PartCheck
@@ -636,7 +610,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>sq0[a-z]{3}-[0-9A-Za-z_-]{22}([0-9A-Za-z_-]{21})?)(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>sq0[a-z]{3}-[0-9A-Za-z_-]{22}([0-9A-Za-z_-]{21})?)(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - sq0
@@ -645,26 +619,12 @@
     - code
     - doc
-- name: Token
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - token(?!ize)
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 13
-  required_substrings:
-    - token
-  target:
-    - code
 - name: Twilio Credentials
   severity: high
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>(AC|AD|AL|CA|CF|CL|CN|CR|FW|IP|KS|MM|NO|PK|PN|QU|RE|SC|SD|SK|SM|TR|UT|XE|XR)[0-9A-Fa-f]{32})(?![0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>(AC|AD|AL|CA|CF|CL|CN|CR|FW|IP|KS|MM|NO|PK|PN|QU|RE|SC|SD|SK|SM|TR|UT|XE|XR)[0-9A-Fa-f]{32})(?![0-9A-Za-z_+-])
   filter_type: TokenPattern
   required_substrings:
     - AC
@@ -716,7 +676,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (^|\W|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:pass(in|out|word|phrase)))\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,80})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
+    - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:pass(in|out|word|phrase)))\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,80})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
   filter_type: GeneralKeyword
   use_ml: true
   required_substrings:
@@ -730,7 +690,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (^|\W|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:token))\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
+    - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:token))\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
   filter_type: GeneralKeyword
   use_ml: true
   required_substrings:
@@ -744,7 +704,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (^|\W|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:secret)[A-Za-z_-]*)\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
+    - (^|\W|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<variable>-[A-Za-z_-]*(?i:secret)[A-Za-z_-]*)\s\s*(?!-)(?P<value_leftquote>(\\?[\"']){1,3})?(pass:)?(?!file:|env:|fd:)(?P<value>(?(value_leftquote)[^\"'\\]|[^\s\"'\\]){4,4000})(?(value_leftquote)(?P<value_rightquote>(\\?[\"']){1,3}))
   filter_type: GeneralKeyword
   use_ml: true
   required_substrings:
@@ -767,40 +727,12 @@
   target:
     - code
-- name: Auth
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - auth(?!ors?(?!i[tz]))
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 12
-  required_substrings:
-    - auth
-  target:
-    - code
-- name: Key
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - key(?!word|board|pad|name)
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 11
-  required_substrings:
-    - key
-  target:
-    - code
 - name: Telegram Bot API Token
   severity: high
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9]{8,10}:[0-9A-Za-z_-]{35})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9]{8,10}:[0-9A-Za-z_-]{35})(?![0-9A-Za-z_-])
   filter_type: GeneralPattern
   required_substrings:
     - :AA
@@ -814,7 +746,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>pypi-[0-9A-Za-z_-]{150,255})
+    - (?P<value>pypi-[0-9A-Za-z_-]{150,255})
   filter_type: GeneralPattern
   required_substrings:
     - pypi-
@@ -828,7 +760,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>gh[pousr]_[0-9A-Za-z_-]{36,255})
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>gh[pousr]_[0-9A-Za-z_-]{36,255})
   filter_type:
     - ValueGitHubCheck
   required_substrings:
@@ -847,7 +779,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>github_pat_[0-9A-Za-z_]{80,255})
+    - (?P<value>github_pat_[0-9A-Za-z_]{80,255})
   filter_type: GeneralPattern
   required_substrings:
     - github_pat_
@@ -861,7 +793,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9.-]{1,80}\.firebaseio\.com|[a-z0-9.-]{1,80}\.firebaseapp\.com)
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9.-]{1,80}\.firebaseio\.com|[a-z0-9.-]{1,80}\.firebaseapp\.com)
   filter_type: GeneralPattern
   required_substrings:
     - .firebase
@@ -875,7 +807,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9.-]{3,63}\.s3\.amazonaws\.com|[a-z0-9.-]{3,63}\.s3-website[.-](eu|ap|us|ca|sa|cn))
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9.-]{3,63}\.s3\.amazonaws\.com|[a-z0-9.-]{3,63}\.s3-website[.-](eu|ap|us|ca|sa|cn))
   filter_type: GeneralPattern
   required_substrings:
     - .s3-website
@@ -885,54 +817,12 @@
     - code
     - doc
-- name: Nonce
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - (?<!\\)nonce
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 13
-  required_substrings:
-    - nonce
-  target:
-    - code
-- name: Salt
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - salt
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 12
-  required_substrings:
-    - salt
-  target:
-    - code
-- name: Certificate
-  severity: medium
-  confidence: moderate
-  type: keyword
-  values:
-    - cert
-  filter_type: GeneralKeyword
-  use_ml: true
-  min_line_len: 12
-  required_substrings:
-    - cert
-  target:
-    - code
 - name: Jfrog Token
   severity: high
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>(cmVmdGtuO[0-9A-Za-z_-]{55}|AKCp[0-9A-Za-z_-]{69}))(?![0-9A-Za-z_-])
+    - (?P<value>(cmVmdGtuO[0-9A-Za-z_-]{55}|AKCp[0-9A-Za-z_-]{69}))(?![0-9A-Za-z_-])
   filter_type:
     - ValueJfrogTokenCheck
   required_substrings:
@@ -948,7 +838,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>eyJ[=0-9A-Za-z_-]{50,500}\.eyJ[=0-9A-Za-z_-]{8,8000}\.[=0-9A-Za-z_-]{18,800})
+    - (?P<value>eyJ[=0-9A-Za-z_-]{50,500}\.eyJ[=0-9A-Za-z_-]{8,8000}\.[=0-9A-Za-z_-]{18,800})
   filter_type:
     - ValueAzureTokenCheck
   required_substrings:
@@ -963,7 +853,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_~.-]{3}8Q~[0-9A-Za-z_~.-]{34})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_~.-]{3}8Q~[0-9A-Za-z_~.-]{34})(?![0-9A-Za-z_-])
   filter_type: TokenPattern
   min_line_len: 40
   required_substrings:
@@ -977,7 +867,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_/+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z]{52}JQQJ9[9DH][0-9A-Za-z]{26}([0-9A-Za-z=]{4})?)(?![0-9A-Za-z_/+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z]{52}JQQJ9[9DH][0-9A-Za-z]{26}([0-9A-Za-z=]{4})?)(?![0-9A-Za-z_/+-])
   min_line_len: 80
   filter_type:
     - ValuePatternCheck(17)
@@ -994,7 +884,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>ATBB[0-9A-Za-z]{24}[A-F0-9]{8})(?![0-9A-Za-z_])
+    - (?P<value>ATBB[0-9A-Za-z]{24}[A-F0-9]{8})(?![0-9A-Za-z_])
   filter_type:
     - ValueAtlassianTokenCheck
   min_line_len: 28
@@ -1039,7 +929,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z]{18}([0-9A-Za-z]{14})?)(?![=0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z]{18}([0-9A-Za-z]{14})?)(?![=0-9A-Za-z_+-])
   filter_type: WeirdBase64Token
   min_line_len: 18
   required_regex: "[0-9A-Za-z_/+-]{15}"
@@ -1052,7 +942,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>([0-9A-Za-z_-]{32}){1,2})(?![=0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>([0-9A-Za-z_-]{32}){1,2})(?![=0-9A-Za-z_+-])
   filter_type: WeirdBase64Token
   min_line_len: 32
   required_regex: "[0-9A-Za-z_/+-]{15}"
@@ -1065,7 +955,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[MNO][ADQTgjwz][AEIMQUYcgk][012345wxyz][0-9A-Za-z_-]{40})(?![0-9A-Za-z_-])
+    - (?<!BBDC-)(?P<value>[MNO][ADQTgjwz][AEIMQUYcgk][012345wxyz][0-9A-Za-z_-]{40})(?![0-9A-Za-z_-])
   filter_type:
     - ValueAtlassianTokenCheck
   min_line_len: 44
@@ -1083,7 +973,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![.0-9A-Za-z_/+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z]{24})(?![=.0-9A-Za-z_/+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z]{24})(?![=.0-9A-Za-z_/+-])
   filter_type: WeirdBase64Token
   min_line_len: 24
   required_regex: "[0-9A-Za-z_/+-]{15}"
@@ -1111,7 +1001,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>do[op]_v1_[a-f0-9]{64})(?![0-9A-Za-z_-])
+    - (?P<value>do[op]_v1_[a-f0-9]{64})(?![0-9A-Za-z_-])
   filter_type: TokenPattern
   min_line_len: 71
   required_substrings:
@@ -1126,7 +1016,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>sl.[0-9A-Za-z_-]{135})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>sl.[0-9A-Za-z_-]{135})(?![0-9A-Za-z_-])
   filter_type: TokenPattern
   min_line_len: 138
   required_substrings:
@@ -1140,7 +1030,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>oy2[a-z0-9]{43})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>oy2[a-z0-9]{43})(?![0-9A-Za-z_-])
   filter_type: TokenPattern
   min_line_len: 46
   required_substrings:
@@ -1154,7 +1044,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>(_gitlab_session=|GR1348941|gl(agent|soat|ffct|p[at]t|oas|cbt|imt|[dfr]t)-)[0-9A-Za-z_-]{20,64})(?![0-9A-Za-z_-])
+    - (?P<value>(_gitlab_session=|GR1348941|gl(agent|soat|ffct|p[at]t|oas|cbt|imt|[dfr]t)-)[0-9A-Za-z_-]{20,64})(?![0-9A-Za-z_-])
   filter_type:
     - ValuePatternCheck
   min_line_len: 25
@@ -1181,7 +1071,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>eyJ[=0-9A-Za-z_-]{64,360})(?![=0-9A-Za-z_-])
+    - (?P<value>eyJ[=0-9A-Za-z_-]{64,360})(?![=0-9A-Za-z_-])
   filter_type:
     - ValueGrafanaCheck
   min_line_len: 67
@@ -1196,7 +1086,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>glc_eyJ[0-9A-Za-z_-]{80,360})(?![0-9A-Za-z_-])
+    - (?P<value>glc_eyJ[0-9A-Za-z_-]{80,360})(?![0-9A-Za-z_-])
   filter_type:
     - ValueGrafanaCheck
   min_line_len: 87
@@ -1211,7 +1101,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>glsa_[0-9A-Za-z_-]{32}_[0-9A-Fa-f]{8})
+    - (?P<value>glsa_[0-9A-Za-z_-]{32}_[0-9A-Fa-f]{8})
   min_line_len: 46
   filter_type:
     - ValueGrafanaServiceCheck
@@ -1226,7 +1116,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_/+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?=[0-9A-Za-z]{64})(?P<value>[0-9A-Za-z]{10,12}[B-Za-z0-9]A{10,12}[B-Za-z0-9][0-9A-Za-z]{40,44})(?![=0-9A-Za-z_/+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?=[0-9A-Za-z]{64})(?P<value>[0-9A-Za-z]{10,12}[B-Za-z0-9]A{10,12}[B-Za-z0-9][0-9A-Za-z]{40,44})(?![=0-9A-Za-z_/+-])
   filter_type: [ ]
   min_line_len: 43
   required_substrings:
@@ -1240,7 +1130,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![.0-9A-Za-z_/+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9]{15})(?![=0-9A-Za-z_/+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9]{15})(?![=0-9A-Za-z_/+-])
   filter_type: WeirdBase36Token
   min_line_len: 15
   required_regex: "[0-9A-Za-z_/+-]{15}"
@@ -1253,7 +1143,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![.0-9A-Za-z_/+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9]{24,25})(?![=0-9A-Za-z_/+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[a-z0-9]{24,25})(?![=0-9A-Za-z_/+-])
   filter_type: WeirdBase36Token
   min_line_len: 24
   required_regex: "[0-9A-Za-z_/+-]{15}"
@@ -1266,7 +1156,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![.0-9A-Za-z_/+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_-]{20})(?![=0-9A-Za-z_/+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_-]{20})(?![=0-9A-Za-z_/+-])
   filter_type: WeirdBase64Token
   min_line_len: 20
   required_regex: "[0-9A-Za-z_/+-]{15}"
@@ -1279,7 +1169,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>hv[brs]\.[0-9A-Za-z_-]{80,160})
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>hv[brs]\.[0-9A-Za-z_-]{80,160})
   filter_type:
     - ValuePatternCheck
     - ValueEntropyBase64Check
@@ -1297,7 +1187,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[0-9A-Za-z_-]{14}\.atlasv1\.[0-9A-Za-z_-]{67})(?![0-9A-Za-z_-])
+    - (?P<value>[0-9A-Za-z_-]{14}\.atlasv1\.[0-9A-Za-z_-]{67})(?![0-9A-Za-z_-])
   filter_type:
     - ValuePatternCheck
     - ValueEntropyBase64Check
@@ -1313,7 +1203,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_+-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[A-Z2-7]{16})(?![=0-9A-Za-z_+-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>[A-Z2-7]{16})(?![=0-9A-Za-z_+-])
   filter_type:
     - ValueCoupleKeywordCheck
     - ValuePatternCheck
@@ -1364,7 +1254,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>gsk_[0-9A-Za-z_-]{52})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>gsk_[0-9A-Za-z_-]{52})(?![0-9A-Za-z_-])
   min_line_len: 56
   filter_type:
     - ValuePatternCheck
@@ -1380,7 +1270,7 @@
   confidence: moderate
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>hf_[0-9A-Za-z_-]{34})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>hf_[0-9A-Za-z_-]{34})(?![0-9A-Za-z_-])
   min_line_len: 37
   filter_type:
     - ValuePatternCheck
@@ -1396,7 +1286,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>tvly-[0-9A-Za-z_-]{32,40})(?![0-9A-Za-z_-])
+    - (?P<value>tvly-[0-9A-Za-z_-]{32,40})(?![0-9A-Za-z_-])
   min_line_len: 37
   filter_type:
     - ValuePatternCheck(5)
@@ -1412,11 +1302,10 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>sntrys_eyJ[0-9A-Za-z_-]{80,8000}=*([0-9A-Za-z_-]{32,256})?)(?![0-9A-Za-z_-])
+    - (?P<value>sntrys_eyJ[0-9A-Za-z_-]{80,8000}=*([0-9A-Za-z_-]{32,256})?)(?![0-9A-Za-z_-])
   min_line_len: 37
   filter_type:
     - ValuePatternCheck(5)
-    - ValueEntropyBase64Check
   required_substrings:
     - sntrys_eyJ
   target:
@@ -1428,7 +1317,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>sntryu_[0-9a-f]{64})(?![0-9A-Za-z_-])
+    - (?P<value>sntryu_[0-9a-f]{64})(?![0-9A-Za-z_-])
   min_line_len: 37
   filter_type:
     - ValuePatternCheck(5)
@@ -1443,7 +1332,7 @@
   confidence: strong
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>[MNO][ADQTgjwz][AEIMQUYcgk][012345wxyz][0-9A-Za-z_-]{20,24}\.[0-9A-Za-z_-]{6}\.[0-9A-Za-z_-]{30,40})(?![0-9A-Za-z_-])
+    - (?P<value>[MNO][ADQTgjwz][AEIMQUYcgk][012345wxyz][0-9A-Za-z_-]{20,24}\.[0-9A-Za-z_-]{6}\.[0-9A-Za-z_-]{30,40})(?![0-9A-Za-z_-])
   min_line_len: 62
   filter_type:
     - ValueDiscordBotCheck
@@ -1477,7 +1366,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>wx[0-9a-f]{16})(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>wx[0-9a-f]{16})(?![0-9A-Za-z_-])
   min_line_len: 18
   filter_type: TokenPattern
   required_substrings:
@@ -1491,7 +1380,7 @@
   confidence: weak
   type: pattern
   values:
-    - (?:(?<![0-9A-Za-z_-])|\\[0abfnrtv]|(%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu]([0-9A-Fa-f]{4}){1,2}|\x1B\[[0-9;]{0,80}m)(?P<value>00D[0-9A-Za-z]{9,15}(![.0-9A-Za-z_-]{24,200})?)(?![0-9A-Za-z_-])
+    - (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>00D[0-9A-Za-z]{9,15}(![.0-9A-Za-z_-]{24,200})?)(?![0-9A-Za-z_-])
   min_line_len: 12
   filter_type:
     - ValuePatternCheck(9)
@@ -1502,3 +1391,144 @@
   target:
     - code
     - doc
+- name: API
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - api(?!tal)
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 11
+  required_substrings:
+    - api
+  target:
+    - code
+- name: Auth
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - auth(?!ors?(?!i[tz]))
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 12
+  required_substrings:
+    - auth
+  target:
+    - code
+- name: Certificate
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - cert
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 12
+  required_substrings:
+    - cert
+  target:
+    - code
+- name: Credential
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - credential
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 18
+  required_substrings:
+    - credential
+  target:
+    - code
+- name: Key
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - key(?!word|board|pad|name)
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 11
+  required_substrings:
+    - key
+  target:
+    - code
+- name: Nonce
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - (?<!\\)nonce
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 13
+  required_substrings:
+    - nonce
+  target:
+    - code
+- name: Password
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - (?<!by)pass(?!ed|ing|ion|es|age|\s+[a-z]{3,80})|pw(d|\b)
+  filter_type: PasswordKeyword
+  use_ml: true
+  min_line_len: 10
+  required_substrings:
+    - pass
+    - pw
+  target:
+    - code
+- name: Salt
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - salt
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 12
+  required_substrings:
+    - salt
+  target:
+    - code
+- name: Secret
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - secret
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 14
+  required_substrings:
+    - secret
+  target:
+    - code
+- name: Token
+  severity: medium
+  confidence: moderate
+  type: keyword
+  values:
+    - token(?!ize)
+  filter_type: GeneralKeyword
+  use_ml: true
+  min_line_len: 13
+  required_substrings:
+    - token
+  target:
+    - code

credsweeper 1.11.2__py3-none-any.whl → 1.11.4__py3-none-any.whl

Potentially problematic release.

credsweeper 1.11.2py3-none-any.whl → 1.11.4py3-none-any.whl