^via\ \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3},\ \d{2}:\d{2}:\d{2}$

^AKIA[0-9A-Z]{16}$

^[0-9a-zA-Z/+=]{40}$

^((access[-_]?key[-_]?id)|(ACCESS[-_]?KEY[-_]?ID)|([Aa]ccessKeyId)|(access[_-]?id)).{0,20}AKIA[a-zA-Z0-9+/]{16}[^a-zA-Z0-9+/]$

^access_key_id|secret_access_key|AssetSync.configure$

^((secret[-_]?access[-_]?key)|(SECRET[-_]?ACCESS[-_]?KEY|(private[-_]?key))|([Ss]ecretAccessKey)).{0,20}[^a-zA-Z0-9+/][a-zA-Z0-9+/]{40}\b$

^(KEY|key|Key)*\s*(:|:=|=>|=)*\s*[A-F0-9]{32}$

^(?:121|026)00(?:0|9)(?:358|593)$

^321170538$

^https://app.box.com/[s|l]/\S+$

^[A-Z]{1}\d{7}$

^322271627$

^service\ timestamps\ [a-z]{3,5}\ datetime\ msec|boot-[a-z]{3,5}-marker|interface\ [A-Za-z0-9]{0,10}[E,e]thernet$

^32(?:11|22)71(?:18|72)4$

^CVE-\d{4}-\d{4,7}$

^https://www.dropbox.com/(?:s|l)/\S+$

^-----BEGIN DSA PRIVATE KEY-----(?:[a-zA-Z0-9\+\=\/"']|\s)+?-----END DSA PRIVATE KEY-----$

^-----BEGIN (?:EC|ECDSA) PRIVATE KEY-----(?:[a-zA-Z0-9\+\=\/"']|\s)+?-----END (?:EC|ECDSA) PRIVATE KEY-----$

^-----BEGIN EC PRIVATE KEY----- [\r\n]+(?:\w+:.+)*[\s]* (?:[0-9a-zA-Z+\/=]{64,76}[\r\n]+)+ [0-9a-zA-Z+\/=]+[\r\n]+ -----END EC PRIVATE KEY-----$

^-----BEGIN DSA PRIVATE KEY-----\s.*,ENCRYPTED(?:.|\s)+?-----END DSA PRIVATE KEY-----$

^-----BEGIN (?:EC|ECDSA) PRIVATE KEY-----\s.*,ENCRYPTED(?:.|\s)+?-----END (?:EC|ECDSA) PRIVATE KEY-----$

^-----BEGIN ENCRYPTED PRIVATE KEY-----(?:.|\s)+?-----END ENCRYPTED PRIVATE KEY-----$

^PuTTY-User-Key-File-2: ssh-dss\s*Encryption: aes(?:.|\s?)*?Private-MAC:$

^PuTTY-User-Key-File-2: ssh-rsa\s*Encryption: aes(?:.|\s?)*?Private-MAC:$

^-----BEGIN RSA PRIVATE KEY-----\s.*,ENCRYPTED(?:.|\s)+?-----END RSA PRIVATE KEY-----$

^EAACEdEose0cBA[0-9A-Za-z]+$

^(facebook_secret|FACEBOOK_SECRET|facebook_app_secret|FACEBOOK_APP_SECRET)[a-z_ =\s"'\:]{0,5}[^a-zA-Z0-9][a-f0-9]{32}[^a-zA-Z0-9]$

^-----BEGIN PRIVATE KEY----- [\r\n]+(?:\w+:.+)*[\s]* (?:[0-9a-zA-Z+\/=]{64,76}[\r\n]+)+ [0-9a-zA-Z+\/=]+[\r\n]+ -----END PRIVATE KEY-----$

^(GITHUB_SECRET|GITHUB_KEY|github_secret|github_key|github_token|GITHUB_TOKEN|github_api_key|GITHUB_API_KEY)[a-z_ =\s"'\:]{0,10}[^a-zA-Z0-9][a-zA-Z0-9]{40}[^a-zA-Z0-9]$

^[0-9]+-\w+.apps.googleusercontent.com$

^[0-9a-zA-Z]{45}$

^AIza[0-9A-Za-z\-_]{35}$

^[0-9a-zA-Z]{32}$

(see YouTube)

(see YouTube)

^AIza[0-9A-Za-z\-_]{35}$

^[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com$

^(?:BACKUP VERIFICATION CODES|SAVE YOUR BACKUP CODES)[\s\S]{0,300}@$

^(heroku_api_key|HEROKU_API_KEY|heroku_secret|HEROKU_SECRET)[a-z_ =\s"'\:]{0,10}[^a-zA-Z0-9-]\w{8}(?:-\w{4}){3}-\w{12}[^a-zA-Z0-9\-]$

^\d{4,5}-\d{3,4}-\d{1,2}$

^sysname\ HUAWEI|set\ authentication\ password\ simple\ huawei$

^9\d{2}(?:[ \-]?)[7,8]\d(?:[ \-]?)\d{4}$

^[J,j]ohn\ [T,t]he\ [R,r]ipper|john-[1-9].[1-9].[1-9]|Many\ salts:|Only\ one\ salt:|openwall.com/john/|List.External:[0-9a-zA-Z]*|Loaded\ [0-9]*\ password hash|guesses:\ \d*\ \ time:\ \d*:\d{2}:\d{2}:\d{2}|john\.pot$

^"Account","Login Name","Password","Web Site","Comments"$

^<pwlist>\s*?<pwentry>[\S\s]*?<password>[\S\s]*?<\/pwentry>\s*?<\/pwlist>$

^\d{3}-\d{3}-\d{4}|\(\d{3}\)\ ?\d{3}-?\d{4}$

^(\d{5}-\d{4}|\d{5})$

^(?:dn|cn|dc|sn):\s*[a-zA-Z0-9=, ]*$

^[0-9a-f]{32}-us[0-9]{1,2}$

^key-[0-9a-zA-Z]{32}$

^require\ 'msf/core'|class\ Metasploit|include\ Msf::Exploit::\w+::\w+$

^https://login.microsoftonline.com/common/oauth2/v2.0/token|https://login.windows.net/common/oauth2/token$

^DROP DATABASE IF EXISTS(?:.|\n){5,200}CREATE DATABASE(?:.|\n){5,200}DROP TABLE IF EXISTS(?:.|\n){5,200}CREATE TABLE$

^DROP\ TABLE\ IF\ EXISTS\ \[[a-zA-Z]*\];|CREATE\ TABLE\ \[[a-zA-Z]*\];$

^proxy\.pac|function\ FindProxyForURL\(\w+,\ \w+\)$

^Nmap\ scan\ report\ for\ [a-zA-Z0-9.]+$

^ya29\.[0-9A-Za-z\-_]+$

^4/[0-9A-Za-z\-_]+$

^1/[0-9A-Za-z\-_]{43}| 1/[0-9A-Za-z\-_]{64}$

^[0-9a-zA-Z\-_]{24}$

^[a-zA-Z0-9\-]+:[x|\*]:\d+:\d+:[a-zA-Z0-9/\- "]*:/[a-zA-Z0-9/\-]*:/[a-zA-Z0-9/\-]+$

^[a-zA-Z0-9\-]+:(?:(?:!!?)|(?:\*LOCK\*?)|\*|(?:\*LCK\*?)|(?:\$.*\$.*\$.*?)?):\d*:\d*:\d*:\d*:\d*:\d*:$

^access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}$

^-{5}(?:BEGIN|END)\ PGP\ MESSAGE-{5}$

^-----BEGIN PGP PRIVATE KEY BLOCK----- [\r\n]+(?:\w+:.+)*[\s]* (?:[0-9a-zA-Z+\/=]{64,76}[\r\n]+)+ [0-9a-zA-Z+\/=]+[\r\n]+= [0-9a-zA-Z+\/=]{4}[\r\n]+ -----END PGP PRIVATE KEY BLOCK-----$

^-----BEGIN PGP PRIVATE KEY BLOCK-----(?:.|\s)+?-----END PGP PRIVATE KEY BLOCK-----$

^(?:postgres|pgsql)\:\/\/$

^sk_live_[0-9a-z]{32}$

^(?:Signer|Recipient)Info(?:s)?\ ::=\ \w+|[D|d]igest(?:Encryption)?Algorithm|EncryptedKey\ ::= \w+$

^-----BEGIN PRIVATE KEY-----(?:.|\s)+?-----END PRIVATE KEY-----$

^-----BEGIN PUBLIC KEY-----(?:.|\s)+?-----END PUBLIC KEY-----$

^protocol="application/x-pkcs[0-9]{0,2}-signature"$

^PuTTY-User-Key-File-2: ssh-dss\s*Encryption: none(?:.|\s?)*?Private-MAC:$

^PuTTY-User-Key-File-2: ssh-rsa\s*Encryption: none(?:.|\s?)*?Private-MAC:$

^-----BEGIN RSA PRIVATE KEY----- [\r\n]+(?:\w+:.+)*[\s]* (?:[0-9a-zA-Z+\/=]{64,76}[\r\n]+)+ [0-9a-zA-Z+\/=]+[\r\n]+ -----END RSA PRIVATE KEY----$

^-----BEGIN RSA PRIVATE KEY-----(?:[a-zA-Z0-9\+\=\/"']|\s)+?-----END RSA PRIVATE KEY-----$

^[a-z]*:\d{3}:[0-9a-zA-Z]*:[0-9a-zA-Z]*:\[U\ \]:.*$

^(?:\d\.\d\.\d\.\d\.\d\.\d{3}\.\d\.\d\.\d\.\d\.\d\.\d\.\d\.\d\.\d{4}\.\d)|[a-zA-Z]+[)(0-9]+\.[a-zA-Z]+[)(0-9]+\.[a-zA-Z]+[)(0-9]+\.[a-zA-Z]+[)(0-9]+\.[a-zA-Z]+[)(0-9]+\.[a-zA-Z]+[)(0-9]+\.[a-zA-Z0-9)(]+\.[a-zA-Z0-9)(]+\.[a-zA-Z0-9)(]+\.[a-zA-Z0-9)(]+$

^Two-Factor\s*\S*Authentication\s*\S*Backup\s*\S*Codes(?:.|\n)*[Ss]lack(?:.|\n)*\d{9}$

^(slack_api_key|SLACK_API_KEY|slack_key|SLACK_KEY)[a-z_ =\s"'\:]{0,10}[^a-f0-9][a-f0-9]{32}[^a-f0-9]$

^(xox[pb](?:-[a-zA-Z0-9]+){4,})$

^sq0atp-[0-9A-Za-z\-_]{22}$

^sq0csp-[0-9A-Za-z\-_]{43}$

^ssh-dss [0-9A-Za-z+/]+[=]{2}$

^ssh-rsa AAAA[0-9A-Za-z+/]+[=]{0,3} [^@]+@[^@]+$

^-----BEGIN CERTIFICATE-----(?:.|\n)+?\s-----END CERTIFICATE-----$

^rk_live_[0-9a-zA-Z]{24}$

^sk_live_[0-9a-zA-Z]{24}$

^[A-Za-z]{4}(?:GB|US|DE|RU|CA|JP|CN)[0-9a-zA-Z]{2,5}$

^SK[0-9a-fA-F]{32}$

^[1-9][0-9]+-[0-9a-zA-Z]{40}$

^[A-Z]{5}\d{6}[A-Z]{2}\d{1}[A-Z]{2}$

^\d{10}GB[RP]\d{7}[UMF]{1}\d{9}$

^122243350$

^12(?:1122676|2235821)$

^121042882$