# regexes-based rules
#
- id: private.pgp-key
  message: PGP Private Key Block
  pattern: "-----BEGIN PGP PRIVATE KEY BLOCK-----"
  severity: HIGH
- id: private.key
  message: Private Key
  pattern: "-----BEGIN (RSA|DSA|EC|OPENSSH) PRIVATE KEY-----"
  severity: HIGH

- id: amazon.aws-api-key
  message: AWS API Key
  pattern: "AKIA[0-9A-Z]{16}"
  severity: HIGH

# TODO add new github token formats
- id: github.token
  message: GitHub Token
  pattern: '[g|G][i|I][t|T][h|H][u|U][b|B].*[''|"][0-9a-zA-Z]{35,40}[''|"]'
  severity: HIGH

- id: google.access-token
  message: Google Access Token
  pattern: "ya29\\.[0-9A-Za-z\\-_]+"
  severity: LOW
- id: google.api-key
  message: Google API Key
  pattern: "AIza[0-9A-Za-z\\-_]{35}"
  severity: LOW
- id: google.oauth-token
  message: Google OAuth
  pattern: "[0-9]+-[0-9A-Za-z_]{32}\\.apps\\.googleusercontent\\.com"
  severity: LOW
- id: google.gcp-service-account
  message: Google Cloud Platform Service Account
  pattern: '"type": "service_account"'
  severity: LOW

- id: slack.token
  message: Slack Token
  pattern: "xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32}"
  severity: MEDIUM
- id: slack.bot-token
  message: Slack Bot Token
  pattern: "xox[p|b|o|a]-[0-9]{12}-[0-9]{13}-[a-zA-Z0-9]{24}"
  severity: MEDIUM
- id: slack.webhook
  message: Slack Webhook
  pattern: "https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}"
  severity: MEDIUM

- id: newrelic.rest-key
  message: newrelic rest key
  pattern: 'NRAK-[0-9A-Z]{27}'
  severity: MEDIUM
- id: newrelic.license-key
  message: newrelic license key
  pattern: '[a-z0-9]{36}NRAL'
  severity: MEDIUM

- id: eoa.pattern
  message: EOA Key
  pattern: '0x[a-fA-F0-9]{40}'
  severity: LOW
 
- id: github.personal-access-token
  message: github personal access token
  pattern: 'ghp_[a-zA-Z0-9]{33}'
  severity: HIGH