Adding more regex to find sensitive data

[narayan8291]

Consider adding these regular expressions which are not part of the list,

1. .([a-zA-Z0-9]-[a-zA-Z0-9]){3,10}. => To find salts, nonce used in code.
2. ([-]+(BEGIN\sRSA\sPRIVATE\sKEY)[-]+[A-Za-z\s0-9+/.=]{400}) => RSA Private keys
3. (?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]) => AWS Secret Keys
4. [0-9a-f]{32} => FB Secret Keys
5. ((xoxp)-[0-9]+-[A-Za-z0-9]+) => Slack Tokens

This list can also be extended to Twitter Keys, Tumblr keys.

[vincentcox]

Thanks for the regex's, I will try to add them as soon as possible. I need to perform some tests on them first.

[vincentcox]

1. About the salts, I think they can be longer than 10 characters?
2. Regex seems to work: https://regex101.com/r/xXPGNa/2
3. Reges seems to work: https://regex101.com/r/CD4fbR/1 (ToDo: Test on APK's before deploying because it can trigger false positives)*
4. (ToDo: Test on APK's before deploying because it can trigger false positives)*
5. (ToDo: Test on APK's before deploying because it can trigger false positives)*

*: I will do this asap