ref-patterns-sensitive-data.txt

# Keys and Tokens

## AWS Config formatted aws access key id
aws_access_key_id\s*[:=]\s*[A-Z0-9]{20}
aws_access_key_id\s*[:=]\s*['"][A-Z0-9]{20}['"]

## AWS Config formatted aws_secret_access_key
aws_secret_access_key\s*[:=]\s*[A-Za-z0-9/+]{40}
aws_secret_access_key\s*[:=]\s*['"][A-Za-z0-9/+]{40}['"]

## Terraform-formatted AWS API keys
access_key\s*=\s*['"][A-Z0-9]{20}['"]
secret_key\s*=\s*['"][A-Za-z0-9/+]{40}['"]

##################################################
## Generic secret patterns modified from DC.gov ##
##################################################

# Credit Cards
# Credit Cards: Mastercard
[:=]\s*5[0-9]{3}[ -]?[0-9]{4}[ -]?[0-9]{4}[ -]?[0-9]{4}
# Credit Cards:Discover
[:=]\s*6011[ -]?[0-9]{4}[ -]?[0-9]{4}[ -]?[0-9]{4}
# Credit Cards:VISA
[:=]\s*4[0-9]{3}[ -]?[0-9]{4}[ -]?[0-9]{4}[ -]?[0-9]{4}
# Credit Cards:AMEX
[:=]\s*3[47][0-9]{2}[ -]?[0-9]{6}[ -]?[0-9]{5}

# U.S. Passport
.*passport.*[:=]\s*[A-Za-z0-9-]{6,9}

# U.S. Passport Card
.*passport.*[:=]\s*C0[0-9]{7}

# U.S. SSN, Note: may produce false-positives, refer to README for more details.
.*(ssn).*[:=]\s*[0-9-]{9,11}
.*(soc).*[:=]\s*[0-9-]{9,11}