This function will create list of precompiled regex object to find secret (high entropy strings) within the content. Returns -------- list a list of precompiled regex objects.
()
| 394 | |
| 395 | |
| 396 | def PreCompiledRegexSecret(): |
| 397 | """ |
| 398 | |
| 399 | This function will create list of precompiled regex object to find secret (high entropy strings) within the content. |
| 400 | |
| 401 | Returns |
| 402 | -------- |
| 403 | list |
| 404 | a list of precompiled regex objects. |
| 405 | """ |
| 406 | seclst = ['secret', 'secret_key', 'token', 'secret_token', 'auth_token', 'access_token', 'username', 'password', |
| 407 | 'aws_access_key_id', 'aws_secret_access_key', 'secretkey', 'authtoken', 'accesstoken', 'access-token', |
| 408 | 'authkey', 'client_secret', 'key', 'email', 'HEROKU_API_KEY', 'SF_USERNAME', 'PT_TOKEN', |
| 409 | 'id_dsa', |
| 410 | 'clientsecret', 'client-secret', 'encryption-key', 'pass', 'encryption_key', 'encryptionkey', 'secretkey', |
| 411 | 'secret-key', 'bearer', 'JEKYLL_GITHUB_TOKEN', 'HOMEBREW_GITHUB_API_TOKEN', |
| 412 | 'api_key', 'api_secret_key', 'api-key', 'private_key', 'client_key', 'client_id', 'sshkey', 'ssh_key', |
| 413 | 'ssh-key', 'privatekey', 'DB_USERNAME', 'oauth_token', 'irc_pass', 'dbpasswd', 'xoxa-2', 'xoxr' |
| 414 | 'private-key', |
| 415 | 'private_key', 'consumer_key', 'consumer_secret', 'access_token_secret', 'SLACK_BOT_TOKEN', |
| 416 | 'slack_api_token', 'api_token', 'ConsumerKey', 'ConsumerSecret', 'SESSION_TOKEN', 'session_key', |
| 417 | 'session_secret', 'slack_token', 'slack_secret_token', 'bot_access_token'] |
| 418 | equal = ['=', ':', '=>', '=:'] |
| 419 | |
| 420 | return re.compile(r'(["\']?[\\w\-]*(?:' + '|'.join(seclst) + ')[\\w\\-]*[\\s]*["\']?[\\s]*(?:' + '|'.join( |
| 421 | equal) + ')[\\s]*["\']?([\\w\\-/~!@#$%^*+.]+=*)["\']?)', |
| 422 | re.MULTILINE | re.IGNORECASE) |
| 423 | |
| 424 | |
| 425 | def PreCompiledRegexCloud(): |