Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/l4yton/RegHex

A collection of regexes for every possbile use
https://github.com/l4yton/RegHex

bugbounty regex security

Last synced: about 2 months ago
JSON representation

A collection of regexes for every possbile use

Awesome Lists containing this project

README 

        
# RegHex



RegHex is a collection of regexes for every use. 


I have also made every regex ready to use with [gf](https://github.com/tomnomnom/gf), so that you can copy them into your `~/.gf` directory.


 


If you don't like the grep flags I use, you can simply replace the flags with `change_flags.sh`.

Therefore, go in your `.gf` directory with the `.json` files. Now simply run: `bash /path/to/change_flags.sh -MyFlags`.



## Table of Contents



- [Artifactory API Token](#artifactory-api-token)

- [Artifactory Password](#artifactory-password)

- [Authorization Basic](#authorization-basic)

- [Authorization Bearer](#authorization-bearer)

- [AWS Client ID](#aws-client-id)

- [AWS MWS Key](#aws-mws-key)

- [AWS Secret Key](#aws-secret-key)

- [Base32](#base32)

- [Base64](#base64)

- [Basic Auth Credentials](#basic-auth-credentials)

- [Cloudinary Basic Auth](#cloudinary-basic-auth)

- [Facebook Access Token](#facebook-access-token)

- [Facebook Client ID](#facebook-client-id)

- [Facebook Oauth](#facebook-oauth)

- [Facebook Secret Key](#facebook-secret-key)

- [Github](#github)

- [Google API Key](#google-api-key)

- [Google Cloud Platform API Key](#google-cloud-platfrom-api-key)

- [Google Drive API Key](#google-drive-api-key)

- [Google Drive Oauth](#google-drive-oauth)

- [Google Gmail API Key](#google-gmail-api-key)

- [Google Gmail Oauth](#google-gmail-oauth)

- [Google OAuth Access Token](#google-oauth-access-token)

- [Google Youtube API Key](#google-youtube-api-key)

- [Google Youtube Oauth](#google-youtube-oauth)

- [Heroku API Key](#heroku-api-key)

- [IPv4](#ipv4)

- [IPv6](#ipv6)

- [Javascript Variables](#javascript-variables)

- [LinkedIn Client ID](#linkedin-client-id)

- [LinkedIn Secret Key](#linkedin-secret-key)

- [Mailchamp API Key](#mailchamp-api-key)

- [Mailgun API Key](#mailgun-api-key)

- [MailTo:](#mailto)

- [MD5 Hash](#md5-hash)

- [Picatic API Key](#picatic-api-key)

- [Slack Token](#slack-token)

- [Slack Webhook](#slack-webhook)

- [Square Access Token](#square-access-token)

- [Square Oauth Secret](#square-ouath-secret)

- [Stripe API Key](#stripe-api-key)

- [Twilio API Key](#twilio-api-key)

- [Twitter Client ID](#twitter-client-id)

- [Twitter Oauth](#twitter-oauth)

- [Twitter Secret Key](#twitter-secret-key)

- [URL Parameter](#url-parameter)

- [URLs](#urls)

- [Vault Token](#Vault-Token)

- [Credits](#credits)



### Artifactory API Token

```

(?:\s|=|:|"|^)AKC[a-zA-Z0-9]{10,}

```



### Artifactory Password

```

(?:\s|=|:|"|^)AP[\dABCDEF][a-zA-Z0-9]{8,}

```



### Authorization Basic

```

basic [a-zA-Z0-9_\\-:\\.=]+

```



### Authorization Bearer

```

bearer [a-zA-Z0-9_\\-\\.=]+

```



### AWS Client ID

```

(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}

```



### AWS MWS Key

```

amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}

```



### AWS Secret Key

```

(?i)aws(.{0,20})?(?-i)['\"][0-9a-zA-Z\/+]{40}['\"]

```



### Base32

```

(?:[A-Z2-7]{8})*(?:[A-Z2-7]{2}={6}|[A-Z2-7]{4}={4}|[A-Z2-7]{5}={3}|[A-Z2-7]{7}=)?

```



### Base64

```

(eyJ|YTo|Tzo|PD[89]|aHR0cHM6L|aHR0cDo|rO0)[a-zA-Z0-9+/]+={0,2}

```



### Basic Auth Credentials

```

(?<=:\/\/)[a-zA-Z0-9]+:[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z]+

```



### Cloudinary Basic Auth

```

cloudinary:\/\/[0-9]{15}:[0-9A-Za-z]+@[a-z]+

```



### Facebook Access Token

```

EAACEdEose0cBA[0-9A-Za-z]+

```



### Facebook Client ID

```

(?i)(facebook|fb)(.{0,20})?['\"][0-9]{13,17}

```



### Facebook Oauth

```

[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].*['|\"][0-9a-f]{32}['|\"]

```



### Facebook Secret Key

```

(?i)(facebook|fb)(.{0,20})?(?-i)['\"][0-9a-f]{32}

```



### Github

```

(?i)github(.{0,20})?(?-i)['\"][0-9a-zA-Z]{35,40}

```



### Google API Key

```

AIza[0-9A-Za-z\\-_]{35}

```



### Google Cloud Platform API Key

```

(?i)(google|gcp|youtube|drive|yt)(.{0,20})?['\"][AIza[0-9a-z\\-_]{35}]['\"]

```



### Google Drive API Key

```

AIza[0-9A-Za-z\\-_]{35}

```

### Google Drive Oauth

```

[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com

```



### Google Gmail API Key

```

AIza[0-9A-Za-z\\-_]{35}

```



### Google Gmail Oauth

```

[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\.com

```



### Google Oauth Access Token

```

ya29\\.[0-9A-Za-z\\-_]+

```



### Google Youtube API Key

```

AIza[0-9A-Za-z\\-_]{35}

```



### Google Youtube Oauth

```

[0-9]+-[0-9A-Za-z_]{32}\.apps\.googleusercontent\\.com

```



### Heroku API Key

```

[h|H][e|E][r|R][o|O][k|K][u|U].{0,30}[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}

```



### IPv4

```

\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}\b

```



### IPv6

```

(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))

```



### Javascript Variables

```

(?:const|let|var)\s+\K(\w+?)(?=[;.=\s])

```



### LinkedIn Client ID

```

(?i)linkedin(.{0,20})?(?-i)['\"][0-9a-z]{12}['\"]

```



### LinkedIn Secret Key

```

(?i)linkedin(.{0,20})?['\"][0-9a-z]{16}['\"]

```



### Mailchamp API Key

```

[0-9a-f]{32}-us[0-9]{1,2}

```



### Mailgun API Key

```

key-[0-9a-zA-Z]{32}

```



### Mailto:

```

(?<=mailto:)[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9.-]+

```



### MD5 Hash

```

[a-f0-9]{32}

```



### Picatic API Key

```

sk_live_[0-9a-z]{32}

```



### Slack Token

```

xox[baprs]-([0-9a-zA-Z]{10,48})?

```



### Slack Webhook

```

https://hooks.slack.com/services/T[a-zA-Z0-9_]{10}/B[a-zA-Z0-9_]{10}/[a-zA-Z0-9_]{24}

```



### Stripe API Key

```

(pk|sk|rk)_(test|live)_[A-Za-z0-9]+

```



### Square Access Token

```

sqOatp-[0-9A-Za-z\\-_]{22}

```



### Square Oauth Secret

```

sq0csp-[ 0-9A-Za-z\\-_]{43}

```



### Twilio API Key

```

SK[0-9a-fA-F]{32}

```



### Twitter Client ID

```

(?i)twitter(.{0,20})?['\"][0-9a-z]{18,25}

```



### Twitter Oauth

```

[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]

```



### Twitter Secret Key

```

(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}

```



### Vault Token

```

[sb]\.[a-zA-Z0-9]{24}

```



### URL Parameter

```

(?<=\?|\&)[a-zA-Z0-9_]+(?=\=)

```



### URLs

With HTTP Protocol:

```

https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)

```

Without Protocol:

```

[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&//=]*)

```



# Credits

- [TomNomNom](https://github.com/tomnomnom) and his repo [gf](https://github.com/tomnomnom/gf)

- [gitleaks](https://github.com/zricethezav/gitleaks)

- [truffleHog](https://github.com/dxa4481/truffleHog)

- https://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses

- https://stackoverflow.com/questions/3809401/what-is-a-good-regular-expression-to-match-a-url

- https://stackoverflow.com/questions/44654809/regex-to-match-ip-addresses