Adding a bunch of new rules, update allowlist to include node_modules… (#896)

* Adding a bunch of new rules, update allowlist to include node_modules and vendor folders, extend helper config functions

* use func instead of function in stopwords

cmd/generate/config/main.go

@@ -29,40 +29,55 @@ func main() {
 	configRules = append(configRules, rules.BitBucketClientID())
 	configRules = append(configRules, rules.BitBucketClientSecret())
 	configRules = append(configRules, rules.Beamer())
+	configRules = append(configRules, rules.CoinbaseAccessToken())
 	configRules = append(configRules, rules.Clojars())
+	configRules = append(configRules, rules.ConfluentAccessToken())
+	configRules = append(configRules, rules.ConfluentSecretKey())
 	configRules = append(configRules, rules.Contentful())
 	configRules = append(configRules, rules.Databricks())
+	configRules = append(configRules, rules.DatadogtokenAccessToken())
 	configRules = append(configRules, rules.DiscordAPIToken())
 	configRules = append(configRules, rules.DiscordClientID())
 	configRules = append(configRules, rules.DiscordClientSecret())
+	configRules = append(configRules, rules.Doppler())
 	configRules = append(configRules, rules.DropBoxAPISecret())
 	configRules = append(configRules, rules.DropBoxLongLivedAPIToken())
 	configRules = append(configRules, rules.DropBoxShortLivedAPIToken())
-	configRules = append(configRules, rules.Doppler())
+	configRules = append(configRules, rules.DroneciAccessToken())
 	configRules = append(configRules, rules.Duffel())
 	configRules = append(configRules, rules.Dynatrace())
 	configRules = append(configRules, rules.EasyPost())
 	configRules = append(configRules, rules.EasyPostTestAPI())
+	configRules = append(configRules, rules.EtsyAccessToken())
 	configRules = append(configRules, rules.Facebook())
 	configRules = append(configRules, rules.FastlyAPIToken())
 	configRules = append(configRules, rules.FinicityClientSecret())
 	configRules = append(configRules, rules.FinicityAPIToken())
+	configRules = append(configRules, rules.FlickrAccessToken())
+	configRules = append(configRules, rules.FinnhubAccessToken())
 	configRules = append(configRules, rules.FlutterwavePublicKey())
 	configRules = append(configRules, rules.FlutterwaveSecretKey())
 	configRules = append(configRules, rules.FlutterwaveEncKey())
 	configRules = append(configRules, rules.FrameIO())
+	configRules = append(configRules, rules.FreshbooksAccessToken())
 	configRules = append(configRules, rules.GoCardless())
 	// TODO figure out what makes sense for GCP
 	// configRules = append(configRules, rules.GCPServiceAccount())
+	configRules = append(configRules, rules.GCPAPIKey())
 	configRules = append(configRules, rules.GitHubPat())
 	configRules = append(configRules, rules.GitHubOauth())
 	configRules = append(configRules, rules.GitHubApp())
 	configRules = append(configRules, rules.GitHubRefresh())
 	configRules = append(configRules, rules.Gitlab())
+	configRules = append(configRules, rules.GitterAccessToken())
 	configRules = append(configRules, rules.Hashicorp())
 	configRules = append(configRules, rules.Heroku())
 	configRules = append(configRules, rules.HubSpot())
 	configRules = append(configRules, rules.Intercom())
+	configRules = append(configRules, rules.KrakenAccessToken())
+	configRules = append(configRules, rules.KucoinAccessToken())
+	configRules = append(configRules, rules.KucoinSecretKey())
+	configRules = append(configRules, rules.LaunchDarklyAccessToken())
 	configRules = append(configRules, rules.LinearAPIToken())
 	configRules = append(configRules, rules.LinearClientSecret())
 	configRules = append(configRules, rules.LinkedinClientID())
@@ -74,12 +89,17 @@ func main() {
 	configRules = append(configRules, rules.MailGunPrivateAPIToken())
 	configRules = append(configRules, rules.MailGunSigningKey())
 	configRules = append(configRules, rules.MapBox())
+	configRules = append(configRules, rules.MattermostAccessToken())
 	configRules = append(configRules, rules.MessageBirdAPIToken())
 	configRules = append(configRules, rules.MessageBirdClientID())
+	configRules = append(configRules, rules.NetlifyAccessToken())
 	configRules = append(configRules, rules.NewRelicUserID())
 	configRules = append(configRules, rules.NewRelicUserKey())
 	configRules = append(configRules, rules.NewRelicBrowserAPIKey())
 	configRules = append(configRules, rules.NPM())
+	configRules = append(configRules, rules.NytimesAccessToken())
+	configRules = append(configRules, rules.PlaidAccessID())
+	configRules = append(configRules, rules.PlaidAccessToken())
 	configRules = append(configRules, rules.PlanetScalePassword())
 	configRules = append(configRules, rules.PlanetScaleAPIToken())
 	configRules = append(configRules, rules.PlanetScaleOAuthToken())
@@ -88,8 +108,12 @@ func main() {
 	configRules = append(configRules, rules.PulumiAPIToken())
 	configRules = append(configRules, rules.PyPiUploadToken())
 	configRules = append(configRules, rules.RubyGemsAPIToken())
+	configRules = append(configRules, rules.RapidAPIAccessToken())
+	configRules = append(configRules, rules.SendbirdAccessID())
+	configRules = append(configRules, rules.SendbirdAccessToken())
 	configRules = append(configRules, rules.SendGridAPIToken())
 	configRules = append(configRules, rules.SendInBlueAPIToken())
+	configRules = append(configRules, rules.SentryAccessToken())
 	configRules = append(configRules, rules.ShippoAPIToken())
 	configRules = append(configRules, rules.ShopifyAccessToken())
 	configRules = append(configRules, rules.ShopifyCustomAccessToken())
@@ -98,10 +122,21 @@ func main() {
 	configRules = append(configRules, rules.SlackAccessToken())
 	configRules = append(configRules, rules.SlackWebHook())
 	configRules = append(configRules, rules.StripeAccessToken())
+	configRules = append(configRules, rules.SquareAccessToken())
+	configRules = append(configRules, rules.SquareSpaceAccessToken())
+	configRules = append(configRules, rules.SumoLogicAccessID())
+	configRules = append(configRules, rules.SumoLogicAccessToken())
 	configRules = append(configRules, rules.Twilio())
 	configRules = append(configRules, rules.TwitchAPIToken())
-	configRules = append(configRules, rules.Twitter())
+	configRules = append(configRules, rules.TwitterAPIKey())
+	configRules = append(configRules, rules.TwitterAPISecret())
+	configRules = append(configRules, rules.TwitterAccessToken())
+	configRules = append(configRules, rules.TwitterAccessSecret())
+	configRules = append(configRules, rules.TwitterBearerToken())
 	configRules = append(configRules, rules.Typeform())
+	configRules = append(configRules, rules.YandexAPIKey())
+	configRules = append(configRules, rules.YandexAWSAccessToken())
+	configRules = append(configRules, rules.YandexAccessToken())
 	configRules = append(configRules, rules.GenericCredential())
 
 	// ensure rules have unique ids

cmd/generate/config/rules/coinbase.go

@@ -0,0 +1,27 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func CoinbaseAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "coinbase-access-token",
+		Description: "Coinbase Access Token",
+		Regex: generateSemiGenericRegex([]string{"coinbase"},
+			alphaNumericExtendedShort("64")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"coinbase",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("coinbase",
+			secrets.NewSecret(alphaNumericExtendedShort("64"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/config.tmpl

@@ -19,8 +19,10 @@ regexes = [
     ]
 paths = [
     '''gitleaks.toml''',
-    '''(.*?)(jpg|gif|doc|pdf|bin|svg|socket)$''',
-    '''(go.mod|go.sum)$'''
+    '''(.*?)(jpg|gif|doc|docx|zip|xls|pdf|bin|svg|socket)$''',
+    '''(go.mod|go.sum)$''',
+    '''node_modules''',
+    '''vendor''',
 ]
 
 {{ range $i, $rule := .Rules }}[[rules]]

cmd/generate/config/rules/confluent.go

@@ -0,0 +1,44 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func ConfluentSecretKey() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "confluent-secret-key",
+		Description: "Confluent Secret Key",
+		Regex:       generateSemiGenericRegex([]string{"confluent"}, alphaNumeric("64")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"confluent",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("confluent", secrets.NewSecret(alphaNumeric("64"))),
+	}
+	return validate(r, tps, nil)
+}
+
+func ConfluentAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "confluent-access-token",
+		Description: "Confluent Access Token",
+		Regex:       generateSemiGenericRegex([]string{"confluent"}, alphaNumeric("16")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"confluent",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("confluent", secrets.NewSecret(alphaNumeric("16"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/datadog.go

@@ -0,0 +1,26 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func DatadogtokenAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "datadogtoken-access-token",
+		Description: "Datadogtoken Access Token",
+		Regex: generateSemiGenericRegex([]string{"datadog"},
+			alphaNumeric("40")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"datadog",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("datadog", secrets.NewSecret(alphaNumeric("40"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/droneci.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func DroneciAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "droneci-access-token",
+		Description: "Droneci Access Token",
+		Regex:       generateSemiGenericRegex([]string{"droneci"}, alphaNumeric("32")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"droneci",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("droneci", secrets.NewSecret(alphaNumeric("32"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/etsy.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func EtsyAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "etsy-access-token",
+		Description: "Etsy Access Token",
+		Regex:       generateSemiGenericRegex([]string{"etsy"}, alphaNumeric("24")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"etsy",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("etsy", secrets.NewSecret(alphaNumeric("24"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/finnhub.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func FinnhubAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "finnhub-access-token",
+		Description: "Finnhub Access Token",
+		Regex:       generateSemiGenericRegex([]string{"finnhub"}, alphaNumeric("20")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"finnhub",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("finnhub", secrets.NewSecret(alphaNumeric("20"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/flickr.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func FlickrAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "flickr-access-token",
+		Description: "Flickr Access Token",
+		Regex:       generateSemiGenericRegex([]string{"flickr"}, alphaNumeric("32")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"flickr",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("flickr", secrets.NewSecret(alphaNumeric("32"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/freshbooks.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func FreshbooksAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "freshbooks-access-token",
+		Description: "Freshbooks Access Token",
+		Regex:       generateSemiGenericRegex([]string{"freshbooks"}, alphaNumeric("64")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"freshbooks",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("freshbooks", secrets.NewSecret(alphaNumeric("64"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/gcp.go

@@ -3,6 +3,7 @@ package rules
 import (
 	"regexp"
 
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
 	"github.com/zricethezav/gitleaks/v8/config"
 )
 
@@ -22,3 +23,22 @@ func GCPServiceAccount() *config.Rule {
 	}
 	return validate(r, tps, nil)
 }
+
+func GCPAPIKey() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "gcp-api-key",
+		Description: "GCP API key",
+		Regex:       generateUniqueTokenRegex(`AIza[0-9A-Za-z\\-_]{35}`),
+		SecretGroup: 1,
+		Keywords: []string{
+			"AIza",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("gcp", secrets.NewSecret(`AIza[0-9A-Za-z\\-_]{35}`)),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/gitter.go

@@ -0,0 +1,27 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func GitterAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "gitter-access-token",
+		Description: "Gitter Access Token",
+		Regex: generateSemiGenericRegex([]string{"gitter"},
+			alphaNumericExtendedShort("40")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"gitter",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("gitter",
+			secrets.NewSecret(alphaNumericExtendedShort("40"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/heroku.go

@@ -9,8 +9,7 @@ func Heroku() *config.Rule {
 	r := config.Rule{
 		Description: "Heroku API Key",
 		RuleID:      "heroku-api-key",
-		Regex: generateSemiGenericRegex([]string{"heroku"},
-			`[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12}`),
+		Regex:       generateSemiGenericRegex([]string{"heroku"}, hex8_4_4_4_12()),
 		SecretGroup: 1,
 		Keywords:    []string{"heroku"},
 	}

cmd/generate/config/rules/kraken.go

@@ -0,0 +1,27 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func KrakenAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "kraken-access-token",
+		Description: "Kraken Access Token",
+		Regex: generateSemiGenericRegex([]string{"kraken"},
+			alphaNumericExtendedLong("80,90")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"kraken",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("kraken",
+			secrets.NewSecret(alphaNumericExtendedLong("80,90"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/kucoin.go

@@ -0,0 +1,44 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func KucoinAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "kucoin-access-token",
+		Description: "Kucoin Access Token",
+		Regex:       generateSemiGenericRegex([]string{"kucoin"}, hex("24")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"kucoin",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("kucoin", secrets.NewSecret(hex("24"))),
+	}
+	return validate(r, tps, nil)
+}
+
+func KucoinSecretKey() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "kucoin-secret-key",
+		Description: "Kucoin Secret Key",
+		Regex:       generateSemiGenericRegex([]string{"kucoin"}, hex8_4_4_4_12()),
+		SecretGroup: 1,
+		Keywords: []string{
+			"kucoin",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("kucoin", secrets.NewSecret(hex8_4_4_4_12())),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/launchdarkly.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func LaunchDarklyAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "launchdarkly-access-token",
+		Description: "Launchdarkly Access Token",
+		Regex:       generateSemiGenericRegex([]string{"launchdarkly"}, alphaNumericExtended("40")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"launchdarkly",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("launchdarkly", secrets.NewSecret(alphaNumericExtended("40"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/mattermost.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func MattermostAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "mattermostpersonaltoken-access-token",
+		Description: "Mattermostpersonaltoken Access Token",
+		Regex:       generateSemiGenericRegex([]string{"mattermost"}, alphaNumeric("26")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"mattermost",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("mattermost", secrets.NewSecret(alphaNumeric("26"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/messagebird.go

@@ -41,7 +41,7 @@ func MessageBirdClientID() *config.Rule {
 			"messagebird",
 			"message-bird",
 			"message_bird",
-		}, `[a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12}`),
+		}, hex8_4_4_4_12()),
 		SecretGroup: 1,
 		Keywords: []string{
 			"messagebird",

cmd/generate/config/rules/netlify.go

@@ -0,0 +1,26 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func NetlifyAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "netlify-access-token",
+		Description: "Netlify Access Token",
+		Regex: generateSemiGenericRegex([]string{"netlify"},
+			alphaNumericExtended("40,46")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"netlify",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("netlify", secrets.NewSecret(alphaNumericExtended("40,46"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/nytimes.go

@@ -0,0 +1,29 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func NytimesAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "nytimes-access-token",
+		Description: "Nytimes Access Token",
+		Regex: generateSemiGenericRegex([]string{
+			"nytimes", "new-york-times,", "newyorktimes"},
+			alphaNumericExtended("32")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"nytimes",
+			"new-york-times",
+			"newyorktimes",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("nytimes", secrets.NewSecret(alphaNumeric("32"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/plaid.go

@@ -0,0 +1,44 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func PlaidAccessID() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "plaid-client-id",
+		Description: "Plaidkey Client ID",
+		Regex:       generateSemiGenericRegex([]string{"plaid"}, alphaNumeric("24")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"plaid",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("plaid", secrets.NewSecret(alphaNumeric("24"))),
+	}
+	return validate(r, tps, nil)
+}
+
+func PlaidAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "plaid-api-secret",
+		Description: "Plaid API Secret",
+		Regex:       generateSemiGenericRegex([]string{"plaid"}, alphaNumeric("30")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"plaid",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("plaid", secrets.NewSecret(alphaNumeric("30"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/rapidapi.go

@@ -0,0 +1,27 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func RapidAPIAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "rapidapi-access-token",
+		Description: "RapidAPI Access Token",
+		Regex: generateSemiGenericRegex([]string{"rapidapi"},
+			alphaNumericExtendedShort("50")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"rapidapi",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("rapidapi",
+			secrets.NewSecret(alphaNumericExtendedShort("50"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/rule.go

@@ -68,6 +68,7 @@ func validate(r config.Rule, truePositives []string, falsePositives []string) *c
 	})
 	for _, tp := range truePositives {
 		if len(d.DetectString(tp)) != 1 {
+			fmt.Println(r.Regex.String())
 			log.Fatal().Msgf("Failed to validate (tp) %s %s", r.RuleID, tp)
 		}
 	}
@@ -91,6 +92,18 @@ func alphaNumeric(size string) string {
 	return fmt.Sprintf(`[a-z0-9]{%s}`, size)
 }
 
+func alphaNumericExtendedShort(size string) string {
+	return fmt.Sprintf(`[a-z0-9_-]{%s}`, size)
+}
+
 func alphaNumericExtended(size string) string {
 	return fmt.Sprintf(`[a-z0-9=_\-]{%s}`, size)
 }
+
+func alphaNumericExtendedLong(size string) string {
+	return fmt.Sprintf(`[a-z0-9\/=_\+\-]{%s}`, size)
+}
+
+func hex8_4_4_4_12() string {
+	return `[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}`
+}

cmd/generate/config/rules/sendbird.go

@@ -0,0 +1,44 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func SendbirdAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "sendbird-access-token",
+		Description: "Sendbird Access Token",
+		Regex:       generateSemiGenericRegex([]string{"sendbird"}, hex("40")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"sendbird",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("sendbird", secrets.NewSecret(hex("40"))),
+	}
+	return validate(r, tps, nil)
+}
+
+func SendbirdAccessID() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "sendbird-access-id",
+		Description: "Sendbird Access ID",
+		Regex:       generateSemiGenericRegex([]string{"sendbird"}, hex8_4_4_4_12()),
+		SecretGroup: 1,
+		Keywords: []string{
+			"sendbird",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("sendbird", secrets.NewSecret(hex8_4_4_4_12())),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/sentry.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func SentryAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "sentrytoken-access-token",
+		Description: "Sentrytoken Access Token",
+		Regex:       generateSemiGenericRegex([]string{"sentry"}, hex("64")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"sentry",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("sentry", secrets.NewSecret(hex("64"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/square.go

@@ -0,0 +1,36 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func SquareAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "square-access-token",
+		Description: "Square Access Token",
+		Regex:       generateUniqueTokenRegex(`sq0atp-[0-9A-Za-z\-_]{22}`),
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("square", secrets.NewSecret(`sq0atp-[0-9A-Za-z\-_]{22}`)),
+	}
+	return validate(r, tps, nil)
+}
+
+func SquareSecret() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "square-secret",
+		Description: "Square Secret",
+		Regex:       generateUniqueTokenRegex(`sq0csp-[0-9A-Za-z\\-_]{43}`),
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("square", secrets.NewSecret(`sq0csp-[0-9A-Za-z\\-_]{43}`)),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/squarespace.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func SquareSpaceAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "squarespace-access-token",
+		Description: "Squarespace Access Token",
+		Regex:       generateSemiGenericRegex([]string{"squarespace"}, hex8_4_4_4_12()),
+		SecretGroup: 1,
+		Keywords: []string{
+			"squarespace",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("squarespace", secrets.NewSecret(hex8_4_4_4_12())),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/stopwords.go

@@ -229,7 +229,7 @@ var DefaultStopWords = []string{
 	"gaia",
 	"display",
 	"universal",
-	"function",
+	"func",
 	"metadata",
 	"hipchat",
 	"under",

cmd/generate/config/rules/sumologic.go

@@ -0,0 +1,46 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func SumoLogicAccessID() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "sumologic-access-id",
+		Description: "SumoLogic Access ID",
+		Regex: generateSemiGenericRegex([]string{"sumo"},
+			alphaNumeric("14")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"sumo",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("sumo", secrets.NewSecret(alphaNumeric("14"))),
+	}
+	return validate(r, tps, nil)
+}
+
+func SumoLogicAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "sumologic-access-token",
+		Description: "SumoLogic Access Token",
+		Regex: generateSemiGenericRegex([]string{"sumo"},
+			alphaNumeric("64")),
+		SecretGroup: 1,
+		Keywords: []string{
+			"sumo",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("sumo", secrets.NewSecret(alphaNumeric("64"))),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/trello.go

@@ -0,0 +1,25 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func TrelloAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "trello-access-token",
+		Description: "Trello Access Token",
+		Regex:       generateSemiGenericRegex([]string{"trello"}, `[a-zA-Z-0-9]{32}`),
+		SecretGroup: 1,
+		Keywords: []string{
+			"trello",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("trello", secrets.NewSecret(`[a-zA-Z-0-9]{32}`)),
+	}
+	return validate(r, tps, nil)
+}

cmd/generate/config/rules/twitter.go

@@ -5,20 +5,87 @@ import (
 	"github.com/zricethezav/gitleaks/v8/config"
 )
 
-func Twitter() *config.Rule {
+func TwitterAPIKey() *config.Rule {
 	// define rule
 	r := config.Rule{
-		Description: "twitter",
-		RuleID:      "twitter",
-		Regex:       generateSemiGenericRegex([]string{"twitter"}, hex("35,44")),
+		Description: "twitter-api-key",
+		RuleID:      "Twitter API Key",
+		Regex:       generateSemiGenericRegex([]string{"twitter"}, alphaNumeric("25")),
 		SecretGroup: 1,
 		Keywords:    []string{"twitter"},
 	}
 
 	// validate
 	tps := []string{
-		"twitterToken := \"" + secrets.NewSecret(hex("36")) + "aaaa\"",
-		"twitterToken := `" + secrets.NewSecret(hex("36")) + "aaaa`",
+		generateSampleSecret("twitter", secrets.NewSecret(alphaNumeric("25"))),
+	}
+	return validate(r, tps, nil)
+}
+
+func TwitterAPISecret() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "twitter-api-secret",
+		RuleID:      "Twitter API Secret",
+		Regex:       generateSemiGenericRegex([]string{"twitter"}, alphaNumeric("50")),
+		SecretGroup: 1,
+		Keywords:    []string{"twitter"},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("twitter", secrets.NewSecret(alphaNumeric("50"))),
+	}
+	return validate(r, tps, nil)
+}
+
+func TwitterBearerToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "twitter-bearer-token",
+		RuleID:      "Twitter Bearer Token",
+		Regex:       generateSemiGenericRegex([]string{"twitter"}, "A{22}[a-zA-Z0-9%]{80,100}"),
+		SecretGroup: 1,
+		Keywords:    []string{"twitter"},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("twitter", secrets.NewSecret("A{22}[a-zA-Z0-9%]{80,100}")),
+	}
+	return validate(r, tps, nil)
+}
+
+func TwitterAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "twitter-access-token",
+		RuleID:      "Twitter access token",
+		Regex:       generateSemiGenericRegex([]string{"twitter"}, "[0-9]{15,25}-[a-zA-Z0-9]{20,40}"),
+		SecretGroup: 1,
+		Keywords:    []string{"twitter"},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("twitter", secrets.NewSecret("[0-9]{15,25}-[a-zA-Z0-9]{20,40}")),
+	}
+	return validate(r, tps, nil)
+}
+
+func TwitterAccessSecret() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "twitter-access-secret",
+		RuleID:      "Twitter access secret",
+		Regex:       generateSemiGenericRegex([]string{"twitter"}, alphaNumeric("45")),
+		SecretGroup: 1,
+		Keywords:    []string{"twitter"},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("twitter", secrets.NewSecret(alphaNumeric("45"))),
 	}
 	return validate(r, tps, nil)
 }

cmd/generate/config/rules/yandex.go

@@ -0,0 +1,69 @@
+package rules
+
+import (
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func YandexAWSAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "yandex-aws-access-token",
+		Description: "Yandex AWS Access Token",
+		Regex: generateSemiGenericRegex([]string{"yandex"},
+			`YC[a-zA-Z0-9_\-]{38}`),
+		SecretGroup: 1,
+		Keywords: []string{
+			"yandex",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("yandex",
+			secrets.NewSecret(`YC[a-zA-Z0-9_\-]{38}`)),
+	}
+	return validate(r, tps, nil)
+}
+
+func YandexAPIKey() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "yandex-api-key",
+		Description: "Yandex API Key",
+		Regex: generateSemiGenericRegex([]string{"yandex"},
+			`AQVN[A-Za-z0-9_\-]{35,38}`),
+		SecretGroup: 1,
+		Keywords: []string{
+			"yandex",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("yandex",
+			secrets.NewSecret(`AQVN[A-Za-z0-9_\-]{35,38}`)),
+	}
+	return validate(r, tps, nil)
+}
+
+func YandexAccessToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		RuleID:      "yandex-access-token",
+		Description: "Yandex Access Token",
+		Regex: generateSemiGenericRegex([]string{"yandex"},
+			`t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2}`),
+		SecretGroup: 1,
+		Keywords: []string{
+			"yandex",
+		},
+	}
+
+	// validate
+	tps := []string{
+		generateSampleSecret("yandex",
+			secrets.NewSecret(`t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2}`)),
+	}
+	return validate(r, tps, nil)
+}

config/gitleaks.toml

@@ -19,8 +19,10 @@ regexes = [
     ]
 paths = [
     '''gitleaks.toml''',
-    '''(.*?)(jpg|gif|doc|pdf|bin|svg|socket)$''',
-    '''(go.mod|go.sum)$'''
+    '''(.*?)(jpg|gif|doc|docx|zip|xls|pdf|bin|svg|socket)$''',
+    '''(go.mod|go.sum)$''',
+    '''node_modules''',
+    '''vendor''',
 ]
 
 [[rules]]
@@ -135,6 +137,15 @@ keywords = [
     "beamer",
 ]
 
+[[rules]]
+description = "Coinbase Access Token"
+id = "coinbase-access-token"
+regex = '''(?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "coinbase",
+]
+
 [[rules]]
 description = "Clojars API token"
 id = "clojars-api-token"
@@ -143,6 +154,24 @@ keywords = [
     "clojars",
 ]
 
+[[rules]]
+description = "Confluent Access Token"
+id = "confluent-access-token"
+regex = '''(?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-zA-Z-0-9]{16})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "confluent",
+]
+
+[[rules]]
+description = "Confluent Secret Key"
+id = "confluent-secret-key"
+regex = '''(?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-zA-Z-0-9]{64})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "confluent",
+]
+
 [[rules]]
 description = "Contentful delivery API token"
 id = "contentful-delivery-api-token"
@@ -160,6 +189,15 @@ keywords = [
     "dapi",
 ]
 
+[[rules]]
+description = "Datadogtoken Access Token"
+id = "datadogtoken-access-token"
+regex = '''(?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "datadog",
+]
+
 [[rules]]
 description = "Discord API key"
 id = "discord-api-token"
@@ -187,6 +225,14 @@ keywords = [
     "discord",
 ]
 
+[[rules]]
+description = "Doppler API token"
+id = "doppler-api-token"
+regex = '''(dp\.pt\.)(?i)[a-z0-9]{43}'''
+keywords = [
+    "doppler",
+]
+
 [[rules]]
 description = "Dropbox API secret"
 id = "dropbox-api-token"
@@ -213,11 +259,12 @@ keywords = [
 ]
 
 [[rules]]
-description = "Doppler API token"
-id = "doppler-api-token"
-regex = '''(dp\.pt\.)(?i)[a-z0-9]{43}'''
+description = "Droneci Access Token"
+id = "droneci-access-token"
+regex = '''(?i)(?:droneci)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
 keywords = [
-    "doppler",
+    "droneci",
 ]
 
 [[rules]]
@@ -252,6 +299,15 @@ keywords = [
     "eztk",
 ]
 
+[[rules]]
+description = "Etsy Access Token"
+id = "etsy-access-token"
+regex = '''(?i)(?:etsy)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "etsy",
+]
+
 [[rules]]
 description = "facebook"
 id = "facebook"
@@ -288,6 +344,24 @@ keywords = [
     "finicity",
 ]
 
+[[rules]]
+description = "Flickr Access Token"
+id = "flickr-access-token"
+regex = '''(?i)(?:flickr)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "flickr",
+]
+
+[[rules]]
+description = "Finnhub Access Token"
+id = "finnhub-access-token"
+regex = '''(?i)(?:finnhub)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "finnhub",
+]
+
 [[rules]]
 description = "Finicity Public Key"
 id = "flutterwave-public-key"
@@ -320,6 +394,15 @@ keywords = [
     "fio-u-",
 ]
 
+[[rules]]
+description = "Freshbooks Access Token"
+id = "freshbooks-access-token"
+regex = '''(?i)(?:freshbooks)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "freshbooks",
+]
+
 [[rules]]
 description = "GoCardless API token"
 id = "gocardless-api-token"
@@ -329,6 +412,15 @@ keywords = [
     "live_","gocardless",
 ]
 
+[[rules]]
+description = "GCP API key"
+id = "gcp-api-key"
+regex = '''(?i)\b(AIza[0-9A-Za-z\\-_]{35})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "aiza",
+]
+
 [[rules]]
 description = "GitHub Personal Access Token"
 id = "github-pat"
@@ -369,6 +461,15 @@ keywords = [
     "glpat-",
 ]
 
+[[rules]]
+description = "Gitter Access Token"
+id = "gitter-access-token"
+regex = '''(?i)(?:gitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{40})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "gitter",
+]
+
 [[rules]]
 description = "HashiCorp Terraform user/org API token"
 id = "hashicorp-tf-api-token"
@@ -380,7 +481,7 @@ keywords = [
 [[rules]]
 description = "Heroku API Key"
 id = "heroku-api-key"
-regex = '''(?i)(?:heroku)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
+regex = '''(?i)(?:heroku)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
 secretGroup = 1
 keywords = [
     "heroku",
@@ -404,6 +505,42 @@ keywords = [
     "intercom",
 ]
 
+[[rules]]
+description = "Kraken Access Token"
+id = "kraken-access-token"
+regex = '''(?i)(?:kraken)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9\/=_\+\-]{80,90})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "kraken",
+]
+
+[[rules]]
+description = "Kucoin Access Token"
+id = "kucoin-access-token"
+regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{24})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "kucoin",
+]
+
+[[rules]]
+description = "Kucoin Secret Key"
+id = "kucoin-secret-key"
+regex = '''(?i)(?:kucoin)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "kucoin",
+]
+
+[[rules]]
+description = "Launchdarkly Access Token"
+id = "launchdarkly-access-token"
+regex = '''(?i)(?:launchdarkly)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "launchdarkly",
+]
+
 [[rules]]
 description = "Linear API Token"
 id = "linear-api-key"
@@ -502,6 +639,15 @@ keywords = [
     "mapbox",
 ]
 
+[[rules]]
+description = "Mattermostpersonaltoken Access Token"
+id = "mattermostpersonaltoken-access-token"
+regex = '''(?i)(?:mattermost)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{26})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "mattermost",
+]
+
 [[rules]]
 description = "MessageBird API token"
 id = "messagebird-api-token"
@@ -514,12 +660,21 @@ keywords = [
 [[rules]]
 description = "MessageBird client ID"
 id = "messagebird-client-id"
-regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-h0-9]{8}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{4}-[a-h0-9]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
+regex = '''(?i)(?:messagebird|message-bird|message_bird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
 secretGroup = 1
 keywords = [
     "messagebird","message-bird","message_bird",
 ]
 
+[[rules]]
+description = "Netlify Access Token"
+id = "netlify-access-token"
+regex = '''(?i)(?:netlify)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{40,46})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "netlify",
+]
+
 [[rules]]
 description = "New Relic user API Key"
 id = "new-relic-user-api-key"
@@ -556,6 +711,33 @@ keywords = [
     "npm_",
 ]
 
+[[rules]]
+description = "Nytimes Access Token"
+id = "nytimes-access-token"
+regex = '''(?i)(?:nytimes|new-york-times,|newyorktimes)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "nytimes","new-york-times","newyorktimes",
+]
+
+[[rules]]
+description = "Plaidkey Client ID"
+id = "plaid-client-id"
+regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "plaid",
+]
+
+[[rules]]
+description = "Plaid API Secret"
+id = "plaid-api-secret"
+regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "plaid",
+]
+
 [[rules]]
 description = "PlanetScale password"
 id = "planetscale-password"
@@ -626,6 +808,33 @@ keywords = [
     "rubygems_",
 ]
 
+[[rules]]
+description = "RapidAPI Access Token"
+id = "rapidapi-access-token"
+regex = '''(?i)(?:rapidapi)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{50})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "rapidapi",
+]
+
+[[rules]]
+description = "Sendbird Access ID"
+id = "sendbird-access-id"
+regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "sendbird",
+]
+
+[[rules]]
+description = "Sendbird Access Token"
+id = "sendbird-access-token"
+regex = '''(?i)(?:sendbird)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{40})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "sendbird",
+]
+
 [[rules]]
 description = "SendGrid API token"
 id = "sendgrid-api-token"
@@ -644,6 +853,15 @@ keywords = [
     "xkeysib-",
 ]
 
+[[rules]]
+description = "Sentrytoken Access Token"
+id = "sentrytoken-access-token"
+regex = '''(?i)(?:sentry)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "sentry",
+]
+
 [[rules]]
 description = "Shippo API token"
 id = "shippo-api-token"
@@ -709,6 +927,41 @@ keywords = [
     "sk_test","pk_test","sk_live","pk_live",
 ]
 
+[[rules]]
+description = "Square Access Token"
+id = "square-access-token"
+regex = '''(?i)\b(sq0atp-[0-9A-Za-z\-_]{22})(?:['|\"|\n|\r|\s|\x60]|$)'''
+keywords = [
+    
+]
+
+[[rules]]
+description = "Squarespace Access Token"
+id = "squarespace-access-token"
+regex = '''(?i)(?:squarespace)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "squarespace",
+]
+
+[[rules]]
+description = "SumoLogic Access ID"
+id = "sumologic-access-id"
+regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "sumo",
+]
+
+[[rules]]
+description = "SumoLogic Access Token"
+id = "sumologic-access-token"
+regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "sumo",
+]
+
 [[rules]]
 description = "Twilio API Key"
 id = "twilio-api-key"
@@ -727,9 +980,45 @@ keywords = [
 ]
 
 [[rules]]
-description = "twitter"
-id = "twitter"
-regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{35,44})(?:['|\"|\n|\r|\s|\x60]|$)'''
+description = "twitter-api-key"
+id = "Twitter API Key"
+regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{25})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "twitter",
+]
+
+[[rules]]
+description = "twitter-api-secret"
+id = "Twitter API Secret"
+regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{50})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "twitter",
+]
+
+[[rules]]
+description = "twitter-access-token"
+id = "Twitter access token"
+regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{15,25}-[a-zA-Z0-9]{20,40})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "twitter",
+]
+
+[[rules]]
+description = "twitter-access-secret"
+id = "Twitter access secret"
+regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{45})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "twitter",
+]
+
+[[rules]]
+description = "twitter-bearer-token"
+id = "Twitter Bearer Token"
+regex = '''(?i)(?:twitter)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(A{22}[a-zA-Z0-9%]{80,100})(?:['|\"|\n|\r|\s|\x60]|$)'''
 secretGroup = 1
 keywords = [
     "twitter",
@@ -744,6 +1033,33 @@ keywords = [
     "tfp_",
 ]
 
+[[rules]]
+description = "Yandex API Key"
+id = "yandex-api-key"
+regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(AQVN[A-Za-z0-9_\-]{35,38})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "yandex",
+]
+
+[[rules]]
+description = "Yandex AWS Access Token"
+id = "yandex-aws-access-token"
+regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(YC[a-zA-Z0-9_\-]{38})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "yandex",
+]
+
+[[rules]]
+description = "Yandex Access Token"
+id = "yandex-access-token"
+regex = '''(?i)(?:yandex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(t1\.[A-Z0-9a-z_-]+[=]{0,2}\.[A-Z0-9a-z_-]{86}[=]{0,2})(?:['|\"|\n|\r|\s|\x60]|$)'''
+secretGroup = 1
+keywords = [
+    "yandex",
+]
+
 [[rules]]
 description = "Generic API Key"
 id = "generic-api-key"