What types of secrets does BluBracket search for?
BluBracket uses a variety of technologies, including pattern matching and AI/ML to detect hundreds of different types of secrets in code, including tokens, keys, IDs, credentials and passwords. BluBracket also allows developers to specify additional alert triggers using regular expressions.
BluBracket searches inside all text formatted files—regardless of language—to find secrets. → See more about secrets in files
And, BluBracket identifies files that are generally considered unsafe in a repo, regardless of their contents. → See more about sensitive files
Sensitive files
A number of files are considered sensitive regardless of their contents.
cryptographic_key_bundle .p12
Potential cryptographic key bundle
some-bundle.p12
cryptographic_key_bundle .pfx
Potential cryptographic key bundle
secrets/some-bundle.pfx
cryptographic_key_bundle .asc
Potential cryptographic key bundle
some-bundle.asc
openvpn_client_configuration_file .ovpn
Potential OpenVPN client configuration file
~/secret.ovpn
remote_desktop_connection_file .rdp
Potential Remote Desktop connection file
~/secret.rdp
microsoft_sql_database_file .mdf
Potential Microsoft SQL database file
~/msql-db.mdf
microsoft_sql_server_compact_database_file .sdf
Potential Microsoft SQL server compact database file
~/.sdf
sqlite_database_file .sqlite
Potential SQLite database file
/local/usr/db/.sqlite
microsoft_bitlocker_recovery_key_file .bek
Potential Microsoft BitLocker recovery key file
some_file.bek
microsoft_bitlocker_trusted_platform_module_password_file .tpm
Potential Microsoft BitLocker Trusted Platform Module password file
secrets.tpm
windows_bitLocker_full_volume_encrypted_data_file .fve
Potential Windows BitLocker full volume encrypted data file
some-dir/test.fve
java_keystore_file .jks
Potential Java KeyStore file
java-keystore.jks
password_safe_database_file .psafe3
Potential Password Safe database file
file.psafe3
1password_password_manager_database_file .agilekeychain
Potential 1Password password manager database file
../complicated-path/../.project/test.agilekeychain
apple_keychain_database_file .keychain
Potential Apple Keychain database file
/../complicated-path/../.project/test.keychain
network_traffic_capture_file .pcap
Potential network traffic capture file
traffic.pcap
tunnelblick_vpn_configuration_file .tblk
Potential Tunnelblick VPN configuration file
test.tblk
postgresql_password_file .pgpass
Potential PostgreSQL password file
postgres/pgpass
aws_cli_credentials_file .aws/credentials
Potential AWS CLI credentials file
/~deploy/.aws/credentials
/prod/aws/credentials
apache_htpasswd_file .htpasswd
Potential Apache htpasswd file
~apache/.htpasswd
~httpd/htpasswd
rubygems_credentials_file .gem/credentials
Potential Rubygems credentials file
~/.gem/credentials
git_credential_store_helper_credentials_file .git-credentials
Potential git-credential-store helper credentials file
.git-credentials
environment_configuration_file .env
Potential environment configuration file
project/prod.env
mysql_client_command_history_file .mysql_history
Potential MySQL client command history file
db/mysql_history
~mysql/.mysql_history
postgresql_client_command_history_file .psql_history
Potential PostgreSQL client command history file
.psql_history
~db/psql_history
linux_shadow_file etc/shadow
Potential Linux shadow file
/etc/shadow
linux_passwd_file etc/passwd
Potential Linux passwd file
/etc/passwd
ruby_master_key_file master.key
Potential Ruby master.key file
master.key
docker_configuration_file .dockercfg | .docker/config.json
Potential Docker configuration file
docker-compose/.dockercfg
docker/config.json
gnome_keyring_database_file .key(store|ring)
Potential GNOME Keyring database file
~/.local/share/keyrings/login.keyring
~/.local/share/keyrings/login.keystore
sftp_connection_configuration_file sftp-config.json
Potential SFTP connection configuration file
sftp-config.json
sftp-config
terraform_state_file .tfstate
Potential Terraform State File
deploy/default.tfstate
deploy/default.tfstate.backup
Negative example:
test.tfstates
shell_command_history_file
Potential shell command history file
.bash_history
.sh_history
.history
history
.zsh_history
.z_history
Kerberos keytab
Potential kerberos keytab file
somefile.keytab
Secrets in files
A sample of secrets BluBracket commonly detects in files includes:
password_assignment
Potential password assignment
'PaSswOrd' = '13579'
secret_assignment
Potential secret assignment
"test_token_123" = "my_secret_token"
credential_assignment
Potential credential assignment
AWS_creDentiAl: 'some-string'
google_api_key
Potential Google API key
AIzaSyA-k3UmEeCD6KpySp3cSAlGJwXTNV_oybM
google_api_key_base64
Potential Google API key (base64)
QUl6YVN5QS1rM1VtRWVDRDZLcHlTcDNjU0FsR0p3WFROVl9veWJN
google_oauth
Potential Google OAuth
3572-b3w78sfasfcvs87fasdf6hbvefs21nb3.apps.googleusercontent.com
google_oauth_access_token
Potential Google OAuth access token
ya29.sd8keCms2swx2sJNW8kWxqzj3
google_oauth_access_token_base64
Potential Google OAuth access token (base64)
eWEyOS5zZDhrZUNtczJzd3gyc0pOVzhrV3hxemoz
aws_access_key_id
Potential AWS access key ID
AKIA2E0A8F3B244C9986
aws_access_key_id_base64
Potential AWS access key ID (base64)
QUtJQTJFMEE4RjNCMjQ0Qzk5ODY non-token
aws_secret_key
Potential AWS Secret key
awS_secret="7CE556A3BC234CC1FF9E8A5C324C0BB70AA21B6D"
aws_account_id
Potential AWS account ID
"aWs_account": "3238-1074-6278"
aws_mws_key
Potential AWS MWS key
amzn.mws.a8fc03d7-7eb3-c92f-b3aa-ae93cbff7acd
aws_mws_key_base64
Potential AWS MWS key (base64)
YW16bi5td3MuYThmYzAzZDctN2ViMy1jOTJmLWIzYWEtYWU5M2NiZmY3YWNk
github_token
Potential GitHub token
'githUb_token': '9qjxsjq6HWBXKAOP87IJHmhsW8038d73Dm9eDu'
github_access_token
Potential GitHub access token or OAuth client secret
gIthub-access_token = '2b30cc694989f335a4298067c4753a6c09ccfe5e'
github_oauth_client_secret
Potential GitHub OAuth client secret
gIthub-oAuth_token = '2b30cc694989f335a4298067c4753a6c09ccfe5e'
github_token_base64
github_access_token_base64
github_oauth_client_secret_base64
Potential GitHub Personal Access Token or OAuth Client Secret (base64)
'githUb_token': 'OXFqeHNqcTZIV0JYS0FPUDg3SUpIbWhzVzgwMzhkNzNEbTllRHU'
github_personal_access_token
Potential GitHub personal access token
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
github_oauth_client_id
Potential GitHub OAuth Client ID
github_client-id : 'c7444c71c75965b07cdb'
github_user_to_server_token
Potential GitHub user-to-server token
ghu_16C7e42F292c6912E7710c838347Ae178B4a
github_server_to_server_token
Potential GitHub server-to-server token
ghs_16C7e42F292c6912E7710c838347Ae178B4a
github_refresh_token
Potential GitHub refresh token
ghr_1B4a2e77838347a7E420ce178F2E7c6912E169246c34E1ccbF66C46812d16D5B1A9Dc86A1498
gitlab_oauth_application_id_base64
gitlab_oauth_secret_base64
Potential Base64 Encoded GitLab OAuth application id or secret
gitLab: "Yzc0ZjNjZmQ0NDk0OWM3MGY3ZjM1NjEyOTViNjdlNjgyZDdlNGZmNjY5OTViNjdkNGUxNTRmZTMxMjU0ODFhOA=="
gitlab_access_token
Potential GitLab Access Token
gitLab= "y-WttoALkwHn_vWJ72DB"
gitlab_oauth_application_id
gitlab_oauth_secret
Potential GitLab OAuth Applicaiton ID or GitLab OAuth Secret
gitLab: "c74f3cfd44949c70f7f3561295b67e682d7e4ff66995b67d4e154fe3125481a8"
bitbucket_app_password
Potential Bitbucket App Password
bitbucKet-app_pwd := "YpHdUSPAB9aDNuwVq8uK"
bitbucket_app_password_base64
Potential Bitbucket App Password (base64)
bitbucKet-app_token := "WXBIZFVTUEFCOWFETnV3VnE4dUs="
bitbucket_oauth_key
Potential Bitbucket OAuth Key
bitbUCket_key= "NCnnHSXbMVmJZr8D8q"
bitbucket_oauth_key_base64
Potential Bitbucket OAuth Key (base64)
bitbUCket_key= TkNubkhTWGJNVm1KWnI4RDhx
bitbucket_oauth_secret
Potential Bitbucket OAuth Secret
"bitbuckeT_secret": "CMJ2bKZUPAzXezTwNGXyWDsegT8ZW3Yd"
bitbucket_oauth_secret_base64
Potential Bitbucket OAuth Secret (base64)
"bitbuckeT_secret": "Q01KMmJLWlVQQXpYZXpUd05HWHlXRHNlZ1Q4WlczWWQ"
azure_active_directory_client_id
Potential Azure Active Directory Client ID
azuRE_ad_client_id="7076aa77-81ef-46ea-ae22-d768babeed21"
azure_active_directory_client_secret
Potential Azure Active Directory Client Secret
aZure_client_secret="y5=KAF/PbpoMmum31/t]S88dDu5d:?S*"
azure_active_directory_client_secret_base64
Potential Azure Active Directory Client Secret (base64)
aZure_client_secret="SVt3Si1dRExyTFduYzBlRi11cEFtdVhlY0lMZVM2MzA="
azure_access_token
Potential Azure Access Token
'azUre_token'= "r5nt64ikuzhohfm7r4rmdk2gd5unb4tb7eberlombqazshrfdr3q"
azure_access_token_base64
Potential Azure Access Token (base64)
'azUre_token'= "cjVudDY0aWt1emhvaGZtN3I0cm1kazJnZDV1bmI0dGI3ZWJlcmxvbWJxYXpzaHJmZHIzcQ=="
microsoft_id_token
Potential Microsoft Identity Platform ID Token
micRosoft_id_token="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjdfWnVmMXR2a3dMeFlhSFMzcTZsVWpVWUlHdyIsImtpZCI6IjdfWnVmMXR2a3dMeFlhSFMzcTZsVWpVWUlHdyJ9.eyJhdWQiOiJiMTRhNzUwNS05NmU5LTQ5MjctOTFlOC0wNjAxZDBmYzljYWEiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mYTE1ZDY5Mi1lOWM3LTQ0NjAtYTc0My0yOWYyOTU2ZmQ0MjkvIiwiaWF0IjoxNTM2Mjc1MTI0LCJuYmYiOjE1MzYyNzUxMjQsImV4cCI6MTUzNjI3OTAyNCwiYWlvIjoiQVhRQWkvOElBQUFBcXhzdUIrUjREMnJGUXFPRVRPNFlkWGJMRDlrWjh4ZlhhZGVBTTBRMk5rTlQ1aXpmZzN1d2JXU1hodVNTajZVVDVoeTJENldxQXBCNWpLQTZaZ1o5ay9TVTI3dVY5Y2V0WGZMT3RwTnR0Z2s1RGNCdGsrTExzdHovSmcrZ1lSbXY5YlVVNFhscGhUYzZDODZKbWoxRkN3PT0iLCJhbXIiOlsicnNhIl0sImVtYWlsIjoiYWJlbGlAbWljcm9zb2Z0LmNvbSIsImZhbWlseV9uYW1lIjoiTGluY29sbiIsImdpdmVuX25hbWUiOiJBYmUiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC83MmY5ODhiZi04NmYxLTQxYWYtOTFhYi0yZDdjZDAxMWRiNDcvIiwiaXBhZGRyIjoiMTMxLjEwNy4yMjIuMjIiLCJuYW1lIjoiYWJlbGkiLCJub25jZSI6IjEyMzUyMyIsIm9pZCI6IjA1ODMzYjZiLWFhMWQtNDJkNC05ZWMwLTFiMmJiOTE5NDQzOCIsInJoIjoiSSIsInN1YiI6IjVfSjlyU3NzOC1qdnRfSWN1NnVlUk5MOHhYYjhMRjRGc2dfS29vQzJSSlEiLCJ0aWQiOiJmYTE1ZDY5Mi1lOWM3LTQ0NjAtYTc0My0yOWYyOTU2ZmQ0MjkiLCJ1bmlxdWVfbmFtZSI6IkFiZUxpQG1pY3Jvc29mdC5jb20iLCJ1dGkiOiJMeGVfNDZHcVRrT3BHU2ZUbG40RUFBIiwidmVyIjoiMS4wIn0=.UJQrCA6qn2bXq57qzGX_-D3HcPHqBMOKDPx4su1yKRLNErVD8xkxJLNLVRdASHqEcpyDctbdHccu6DPpkq5f0ibcaQFhejQNcABidJCTz0Bb2AbdUCTqAzdt9pdgQvMBnVH1xk3SCM6d4BbT4BkLLj10ZLasX7vRknaSjE_C5DI7Fg4WrZPwOhII1dB0HEZ_qpNaYXEiy-o94UJ94zCr07GgrqMsfYQqFR7kn-mn68AjvLcgwSfZvyR_yIK75S_K37vC3QryQ7cNoafDe9upql_6pB2ybMVlgWPs_DmbJ8g0om-sPlwyn74Cc1tW3ze-Xptw_2uVdPgWyqfuWAfq6Q"
atlassian_api_token
Potential Atlassian API Token
my_jira_token="xbE0Z4lPlrsxCsbQljSD7AFF"
atlassian_api_token_base64
Potential Atlassian API Token (base64)
my_jira_token="eGJFMFo0bFBscnN4Q3NiUWxqU0Q3QUZG"
dropbox_app_key_secret
Potential Dropbox App Key or App Secret
DROPBOX_APP_KEY: "4fyyzx73aeeouuy"
dropbox_app_key_secret_base64
Potential Dropbox App Key or App Secret (base64)
DROPBOX_APP_KEY: "NGZ5eXp4NzNhZWVvdXV5"
dropbox_app_access_refresh_token
Potential Dropbox App Access Token
dropbox_app_access_token: 'sTaeXjPl-kAAAAAAAAAAE4PSHCac-raR31ueSeFZUSHBJ5tlMGvyO8MeXRaRQOrU'
dropbox_app_access_refresh_token_base64
Potential Dropbox App Access Token (base64)
dropbox_app_access_token: 'c1RhZVhqUGwta0FBQUFBQUFBQUFFNFBTSENhYy1yYVIzMXVlU2VGWlVTSEJKNXRsTUd2eU84TWVYUmFSUU9yVQ=='
box_client_id_secret
Potential Box client id or client secret
box_client_id: "2zljm7yivjhfz9in4dkr566vk4xpje5y"
box_client_id_secret_base64
Potential Box client id or client secret (base64)
box_client_id: "Mnpsam03eWl2amhmejlpbjRka3I1NjZ2azR4cGplNXkK"
box_refresh_token
Potential Box refresh token
box_refresh_token: "Q8j0kTwbhQXHO95FAKg5zTfKhDwGWOUQyRue8i7njJoqWAwdRKfAPw4oK6zF3dPv"
box_refresh_token_base64
Potential Box refresh token (base64)
box_refresh_token: "UThqMGtUd2JoUVhITzk1RkFLZzV6VGZLaER3R1dPVVF5UnVlOGk3bmpKb3FXQXdkUktmQVB3NG9LNnpGM2RQdgo="
discord_client_id
Potential Discord Client ID
DiScORd: "618962312686075969"
discord_client_secret
Potential Discord Client Secret
disCORD_secret= "4cs2-cYx2KiKIRuOTKworwnM0_A4uJyy"
slack_legacy_token
Potential Slack Legacy Token
xoxp-559859041733-629723654435-752364182007-9ead8994051da71a0774db965b16a60b"
slack_legacy_token_base64
Potential Slack Legacy Token (base64)
eG94cC01NTk4NTkwNDE3MzMtNjI5NzIzNjU0NDM1LTc1MjM2NDE4MjAwNy05ZWFkODk5NDA1MWRhNzFhMDc3NGRiOTY1YjE2YTYwYg==
slack_app_client_id
Potential Slack App Client ID
slack_client_id='559859041733.752727218102'
slack_app_client_secret
slack_app_signing_secret
Potential Slack App Client Secret or Slack App Signing Secret
slack_secret="004c7fb45aeb0b795890128d763877ec"
slack_app_verification_token
Potential Slack App Verification Token
slack_token: "Bk1D7BxSbGRttZYpyngNZBSR"
slack_app_verification_token_base64
Potential Slack App Verification Token (base64)
slack_token: "QmsxRDdCeFNiR1J0dFpZcHluZ05aQlNS"
slack_bot_user_token
Potential Slack Bot User Token
slack_token: "xoxb-559859041733-629723654435-752364182007-9ead8994051da71a0774db965b16a60b"
slack_bot_user_token_base64
Potential Slack Bot User Token (base64)
eG94Yi01NTk4NTkwNDE3MzMtNjI5NzIzNjU0NDM1LTc1MjM2NDE4MjAwNy05ZWFkODk5NDA1MWRhNzFhMDc3NGRiOTY1YjE2YTYwYg==
slack_workspace_token
Potential Slack Workspace Token
slack_token: "xoxa-259859041733-629723654435-752364182007-9ead8994051da71a0774db965b16a60b"
slack_workspace_token_base64
Potential Slack Workspace Token (base64)
eG94YS0yNTk4NTkwNDE3MzMtNjI5NzIzNjU0NDM1LTc1MjM2NDE4MjAwNy05ZWFkODk5NDA1MWRhNzFhMDc3NGRiOTY1YjE2YTYwYg==
slack_webhook
Potential Slack Webhook
https://hooks.slack.com/services/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
stripe_test_secret_key
Potential Stripe Test Secret Key
sk_test_MfRuaFA9sgl5e1AUYzjwiNNt00UG6t6fvY
stripe_test_secret_key_base64
Potential Stripe Test Secret Key (base64)
c2tfdGVzdF9NZlJ1YUZBOXNnbDVlMUFVWXpqd2lOTnQwMFVHNnQ2ZnZZ
stripe_live_secret_key
Potential Stripe live secret key
sk_live_MfRuaFA9sgl5e1AUYzjwiNNt00UG6t6fvY
stripe_live_secret_key_base64
Potential Stripe live secret key (base64)
c2tfbGl2ZV9NZlJ1YUZBOXNnbDVlMUFVWXpqd2lOTnQwMFVHNnQ2ZnZZ
stripe_test_restricted_key
Potential Stripe Test Restricted Key
rk_test_Zu9Vz12eIYFNdGoFKe8aYiQn00gcclUvS0
stripe_test_restricted_key_base64
Potential Stripe Test Restricted Key (base64)
cmtfdGVzdF9adTlWejEyZUlZRk5kR29GS2U4YVlpUW4wMGdjY2xVdlMw
stripe_live_restricted_key
Potential Stripe live restricted key
rk_live_Zu9Vz12eIYFNdGoFKe8aYiQn00gcclUvS0
stripe_live_restricted_key_base64
Potential Stripe live restricted key (base64)
cmtfbGl2ZV9adTlWejEyZUlZRk5kR29GS2U4YVlpUW4wMGdjY2xVdlMw
mailgun_private_api_key
Potential Mailgun Private API Key
"mailgUn_key": 'key-b11b487224a7c184fed93795bf01adc9'
mailgun_private_api_key_base64
Potential Mailgun Private API Key (base64)
"mailgUn_key": 'a2V5LWIxMWI0ODcyMjRhN2MxODRmZWQ5Mzc5NWJmMDFhZGM5'
mailgun_public_validation_key
Potential Mailgun Public Validation Key
pubkey-14b4474da0d0a6551a9c711ee11aa996
mailgun_public_validation_key_base64
Potential Mailgun Public Validation Key (base64)
cHVia2V5LTE0YjQ0NzRkYTBkMGE2NTUxYTljNzExZWUxMWFhOTk2
mailgun_webhook_signing_key
Potential Mailgun Webhook Signing Key
mailgun_key='15304a8a0558637d8187630ddf11df1a'
mailgun_webhook_signing_key_base64
Potential Mailgun Webhook Signing Key (base64)
mailgun_key='MTUzMDRhOGEwNTU4NjM3ZDgxODc2MzBkZGYxMWRmMWE='
sendgrid_api_key
Potential Sendgrid API Key
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
sendgrid_api_key_base64
Potential Sendgrid API Key (base64)
U0cucFcyWFhnNi1UY2E4YkNCVEMwRWlZUS5ZNXBDOFNqZmJ3WWxNTURSaVQ5TTZxN0VmOWIzX0RDSGtQNS0zaXNYM3dN
twilio_auth_token
twilio_api_key
Potential Twilio Auth Token or API Key
twilio_token="692e03bfddd09d85946e1319dd5e7c61"
twilio_auth_token_base64
Potential Twilio Auth Token or API Key (base64)
twilio_token="NjkyZTAzYmZkZGQwOWQ4NTk0NmUxMzE5ZGQ1ZTdjNjE="
npm_access_token
Potential NPM Access Token
"npm : `f74fb6c7-15d7-46e7-85b4-02ca4988bd3c`"
npm_access_token_base64
Potential NPM Access Token (base64)
`npm : `Zjc0ZmI2YzctMTVkNy00NmU3LTg1YjQtMDJjYTQ5ODhiZDNj``
npmrc_auth
Potential .npmrc Auth
_auth = YWRtaW46YWRtaW4=
npmrc_auth_token
Potential .npmrc Auth token
_authToken=26dfe8d8-889b-4380-92ff-9c3c6ea5d930
pulumi_access_token
Potential Pulumi Access Token
pul-b521eabebc4b312eb2335beb7a911f9eb7f078c2
pulumi_access_token_base64
Potential Pulumi Access Token (base64)
cHVsLWI1MjFlYWJlYmM0YjMxMmViMjMzNWJlYjdhOTExZjllYjdmMDc4YzI=
alibaba_access_key_secret
Potential Alibaba Cloud Access Key Secret
alibaba_access_key ='3ihvGlklDPSXr22dnunrHTpZO4aKmS'
alibaba_access_key_secret_base64
Potential Alibaba Cloud Access Key Secret (base64)
alibaba_access_key ='M2lodkdsa2xEUFNYcjIyZG51bnJIVHBaTzRhS21T'
codeship_aes_key
Potential Cloudbees Codeship AES Key Secret
"codeship_token='/BaC5gedAC8hACwe5tZje+YVdOCTUxH+b+zkgKSKTkA='"
postman_api_key
Potential Postman API Key
"postman-api-key='PMAK-5e1c6889073b8400310886e0-40895969cc5bb51944fce153e94c33f3b9'"
postman_api_key_base64
Potential Postman API Key (base64)
postman-api-key='UE1BSy01ZTFjNjg4OTA3M2I4NDAwMzEwODg2ZTAtNDA4OTU5NjljYzViYjUxOTQ0ZmNlMTUzZTk0YzMzZjNiOQ=='
terraform_access_token
Potential Terraform Access Token
"QnbSxjjhVMHJgw.atlasv1.gxZnWIjI5j752DGqdwEUVLOFf0mtyaQ00H9bA1j90qWb254lEkQyOdfqqcq9zZL7Sm0"
gocardless_access_token
Potential Gocardless Cloud Access Token
gocardless_access_token = 'live_TKWImhFpoTRpzOIbpRhDS3-ezGa--nt4O9KU1Hd1'
gocardless_access_token_base64
Potential Gocardless Cloud Access Token (base64)
goCardLessToken = bGl2ZV9US1dJbWhGcG9UUnB6T0licFJoRFMzLWV6R2EtLW50NE85S1UxSGQx
password_in_xml
Potential password in XML
<PaSswOrd>UnitTest1234!</PaSswOrd>
secret_in_xml
Potential secret in XML
<Token>0123456789abcdef</Token>
password_function
Potential password in function
setPassword("$uperStrong1");
secret_function
Potential secret in function
setApiKey ( 'api_key' )
password_in_url
Potential password in URL
https://user:password@github.com/blubracket/rocks
password_in_url_params
Potential password in params
https://user:password@github.com/blubracket/rocks?passwd=1234
secret_in_url_params
Potential secret in params
https://github.com/blubracket/rocks?secret=1234
private_key
Potential Private Key
-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: DES-EDE3-L1D9CN2WmfoLeIBBJdQ2YngfSz……..</p><p>==\n-----END RSA PRIVATE KEY-----
pgp_private_key
Potential PGP Private Key
-----BEGIN PGP PRIVATE KEY BLOCK-----
blubracket_api_key
Potential BluBracket API key
api_key="BLU-72de3a5f-b1ff-5a7f-a5ae-1a9cf5a98b27"
blubracket_api_key_base64
Potential BluBracket API key (base64)
api_key="QkxVLTcyZGUzYTVmLWIxZmYtNWE3Zi1hNWFlLTFhOWNmNWE5OGIyNw=="
basic_auth_header
Potential Basic Auth Header
sh "set -e | curl -i -H 'Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l' -T BackEnd/build/libs/example_api-0.1.0.jar
jwt_token
Potential Generic JWT token
jwt_access_token = "eyJhbGciOiJSUzI1NiIsImlzc3VlciI6InVybjpibHUiLCJyb2xlIjozLCJzZXJ2aWNlX2tleV9wYXRoIjoiL2FwaS9hbmFseXplci9wdWJsaWNfa2V5IiwidHlwIjoiSldUIn0.eyJleHAiOjE2MDUzMTI0MTksImlhdCI6MTYwNTMxMjM1OSwiaWQiOiJ0b2tlbl9pZCIsIm5idCI6MTYwNTMxMjM1OX0.l-MjVG33Ca76gtuiFLI-_AasHEsoMA3WcC36YvW0IHyQp-160z2Idc-sMdaJD8AwMsFto45vqnusDFkS1UYO7mZhU6sufv6pIMH86Ll7NwYvPzirqkWys40pvoXZdxxb3X5IBFTB8p9EuvLGOPUPFbEkA_if5jmExXjKUY98q0s"