github.com/DelineaXPM/dsv-cli@v1.40.6/.gitleaks.toml (about) 1 # Templates: https://github.com/zricethezav/gitleaks/tree/master/examples 2 title = "gitleaks config" 3 4 [[rules]] 5 description = "AWS Access Key" 6 regex = '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}''' 7 tags = ["key", "AWS"] 8 9 [[rules]] 10 description = "AWS cred file info" 11 regex = '''(?i)(aws_access_key_id|aws_secret_access_key)(.{0,20})?=.[0-9a-zA-Z\/+]{20,40}''' 12 tags = ["AWS"] 13 14 [[rules]] 15 description = "AWS Secret Key" 16 regex = '''(?i)aws(.{0,20})?(?-i)['\"][0-9a-zA-Z\/+]{40}['\"]''' 17 tags = ["key", "AWS"] 18 19 [[rules]] 20 description = "AWS MWS key" 21 regex = '''amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}''' 22 tags = ["key", "AWS", "MWS"] 23 24 [[rules]] 25 description = "Facebook Secret Key" 26 regex = '''(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}['\"]''' 27 tags = ["key", "Facebook"] 28 29 [[rules]] 30 description = "Facebook Client ID" 31 regex = '''(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}['\"]''' 32 tags = ["key", "Facebook"] 33 34 [[rules]] 35 description = "Twitter Secret Key" 36 regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}['\"]''' 37 tags = ["key", "Twitter"] 38 39 [[rules]] 40 description = "Twitter Client ID" 41 regex = '''(?i)twitter(.{0,20})?['\"][0-9a-z]{18,25}['\"]''' 42 tags = ["client", "Twitter"] 43 44 [[rules]] 45 description = "Github" 46 regex = '''(?i)github(.{0,20})?(?-i)['\"][0-9a-zA-Z]{35,40}['\"]''' 47 tags = ["key", "Github"] 48 49 [[rules]] 50 description = "LinkedIn Client ID" 51 regex = '''(?i)linkedin(.{0,20})?(?-i)['\"][0-9a-z]{12}['\"]''' 52 tags = ["client", "LinkedIn"] 53 54 [[rules]] 55 description = "LinkedIn Secret Key" 56 regex = '''(?i)linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]''' 57 tags = ["secret", "LinkedIn"] 58 59 [[rules]] 60 description = "Slack" 61 regex = '''xox[baprs]-([0-9a-zA-Z]{10,48})?''' 62 tags = ["key", "Slack"] 63 64 [[rules]] 65 description = "EC" 66 regex = '''-----BEGIN EC PRIVATE KEY-----''' 67 tags = ["key", "EC"] 68 69 70 [[rules]] 71 description = "Google API key" 72 regex = '''AIza[0-9A-Za-z\\-_]{35}''' 73 tags = ["key", "Google"] 74 75 76 [[rules]] 77 description = "Heroku API key" 78 regex = '''(?i)heroku(.{0,20})?['"][0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}['"]''' 79 tags = ["key", "Heroku"] 80 81 [[rules]] 82 description = "MailChimp API key" 83 regex = '''(?i)(mailchimp|mc)(.{0,20})?['"][0-9a-f]{32}-us[0-9]{1,2}['"]''' 84 tags = ["key", "Mailchimp"] 85 86 [[rules]] 87 description = "Mailgun API key" 88 regex = '''(?i)(mailgun|mg)(.{0,20})?['"][0-9a-z]{32}['"]''' 89 tags = ["key", "Mailgun"] 90 91 [[rules]] 92 description = "PayPal Braintree access token" 93 regex = '''access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}''' 94 tags = ["key", "Paypal"] 95 96 [[rules]] 97 description = "Picatic API key" 98 regex = '''sk_live_[0-9a-z]{32}''' 99 tags = ["key", "Picatic"] 100 101 [[rules]] 102 description = "Slack Webhook" 103 regex = '''https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}''' 104 tags = ["key", "slack"] 105 106 [[rules]] 107 description = "Stripe API key" 108 regex = '''(?i)stripe(.{0,20})?['\"][sk|rk]_live_[0-9a-zA-Z]{24}''' 109 tags = ["key", "Stripe"] 110 111 [[rules]] 112 description = "Square access token" 113 regex = '''sq0atp-[0-9A-Za-z\-_]{22}''' 114 tags = ["key", "square"] 115 116 [[rules]] 117 description = "Square OAuth secret" 118 regex = '''sq0csp-[0-9A-Za-z\\-_]{43}''' 119 tags = ["key", "square"] 120 121 [[rules]] 122 description = "Twilio API key" 123 regex = '''(?i)twilio(.{0,20})?['\"][0-9a-f]{32}['\"]''' 124 tags = ["key", "twilio"] 125 126 [[rules]] 127 description = "Env Var" 128 regex = '''(?i)(apikey|secret|key|api|password|pass|pw|host)=[0-9a-zA-Z-_.{}]{4,120}''' 129 130 [[rules]] 131 description = "Port" 132 regex = '''(?i)port(.{0,4})?[0-9]{1,10}''' 133 [rules.allowlist] 134 regexes = ['''(?i)port '''] 135 description = "ignore export " 136 137 138 [[rules]] 139 description = "Email" 140 regex = '''[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}''' 141 tags = ["email"] 142 [rules.allowlist] 143 files = ['''(?i)bashrc'''] 144 regexes = ['''(semverbot@github.com)'''] 145 description = "ignore bashrc emails" 146 147 148 [[rules]] 149 description = "Generic Credential" 150 regex = '''(?i)(dbpasswd|dbuser|dbname|dbhost|api_key|apikey|secret|key|api|password|user|guid|hostname|pw|auth)(.{0,20})?['|"]([0-9a-zA-Z-_\/+!{}/=]{4,120})['|"]''' 151 tags = ["key", "API", "generic"] 152 # ignore leaks with specific identifiers like slack and aws 153 [rules.allowlist] 154 description = "ignore slack, mailchimp, aws" 155 regexes = [ 156 '''xox[baprs]-([0-9a-zA-Z]{10,48})''', 157 '''(?i)(.{0,20})?['"][0-9a-f]{32}-us[0-9]{1,2}['"]''', 158 '''(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}''', 159 ] 160 161 # [[rules]] 162 # description = "High Entropy" 163 # regex = '''[0-9a-zA-Z-_!{}/=]{4,120}''' 164 # file = '''(?i)(dump.sql|high-entropy-misc.txt)$''' 165 # tags = ["entropy"] 166 # [[rules.Entropies]] 167 # Min = "4.3" 168 # Max = "7.0" 169 # [rules.allowlist] 170 # description = "ignore ssh key and pems" 171 # files = ['''(pem|ppk|env)$'''] 172 # paths = ['''(.*)?ssh'''] 173 174 # [[rules]] 175 # description = "Potential bash var" 176 # regex='''(?i)(=)([0-9a-zA-Z-_!{}=]{4,120})''' 177 # tags = ["key", "bash", "API", "generic"] 178 # [[rules.Entropies]] 179 # Min = "3.5" 180 # Max = "4.5" 181 # Group = "1" 182 183 [[rules]] 184 description = "WP-Config" 185 regex = '''define(.{0,20})?(DB_CHARSET|NONCE_SALT|LOGGED_IN_SALT|AUTH_SALT|NONCE_KEY|DB_HOST|DB_PASSWORD|AUTH_KEY|SECURE_AUTH_KEY|LOGGED_IN_KEY|DB_NAME|DB_USER)(.{0,20})?['|"].{10,120}['|"]''' 186 tags = ["key", "API", "generic"] 187 188 # [[rules]] 189 # description = "Files with keys and credentials" 190 # files = '''(?i)(id_rsa|passwd|id_rsa.pub|pgpass|pem|key|shadow)''' 191 192 [allowlist] 193 description = "global allow lists" 194 paths = [ 195 '''gitleaks.toml''', 196 '''(.*?)(jpg|gif|doc|docx|zip|xls|pdf|bin|svg|socket)$''', 197 '''(go.mod|go.sum)$''', 198 '''node_modules''', 199 '''vendor''', 200 ]