rules.yml

JSON Web Token: (eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9._-]{10,}|eyJ[A-Za-z0-9_\/+-]{10,}\.[A-Za-z0-9._\/+-]{10,})
Swagger UI: ((swagger-ui.html)|("swagger":)|(Swagger UI)|(swaggerUi)|(openaip))
Ueditor: (ueditor\.(config|all)\.js)
Email: (([a-z0-9][_|\.])*[a-z0-9]+@([a-z0-9][-|_|\.])*[a-z0-9]+\.((?!js|css|jpg|jpeg|png|ico)[a-z]{2,}))
Chinese IDCard: ([^0-9]((\d{8}(0\d|10|11|12)([0-2]\d|30|31)\d{3}$)|(\d{6}(18|19|20)\d{2}(0[1-9]|10|11|12)([0-2]\d|30|31)\d{3}(\d|X|x)))[^0-9])
Chinese Mobile Number: ([^\w]((?:(?:\+|00)86)?1(?:(?:3[\d])|(?:4[5-79])|(?:5[0-35-9])|(?:6[5-7])|(?:7[0-8])|(?:8[\d])|(?:9[189]))\d{8})[^\w])
#Chinese Bank Card ID: ([^0-9]([1-9]\d{12,18})[^0-9])
Internal IP Address: ([^0-9]((127\.0\.0\.1)|(10\.\d{1,3}\.\d{1,3}\.\d{1,3})|(172\.((1[6-9])|(2\d)|(3[01]))\.\d{1,3}\.\d{1,3})|(192\.168\.\d{1,3}\.\d{1,3})))
MAC Address: (^([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})|[^a-zA-Z0-9]([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5}))
Java Deserialization: (javax\.faces\.ViewState)
#URL As A Value: (=(https?://.*|https?%3(a|A)%2(f|F)%2(f|F).*))
Upload Form: (type=\"file\")
OSS: ([A|a]ccess[K|k]ey[I|i][d|D]|[A|a]ccess[K|k]ey[S|s]ecret|[A|a]ccess[S|s]ecret)
Cloud Key: (((access)(|-|_)(key)(|-|_)(id|secret))|(LTAI[a-z0-9]{12,20}))
WeCom Key: ((corp)(id|secret))
SSH Private Key: ([-]+BEGIN [^\s]+ PRIVATE KEY[-])
Windows File/Dir Path: ([^\w](([a-zA-Z]:\\(?:\w+\\?)*)|([a-zA-Z]:\\(?:\w+\\)*\w+\.\w+)))
Linux File/Dir Path: (/(var|home|root|etc|data)(?:/[\w\s\-\.]+)*)
Password Field: ((|'|")([p](ass|wd|asswd|assword))(|'|")(:|=)( |)('|")(.*?)('|")(|,))
Username Field: ((|'|")([u](ser|name|ame|sername))(|'|")(:|=)( |)('|")(.*?)('|")(|,))
WeCom Key: ([c|C]or[p|P]id|[c|C]orp[s|S]ecret)
JDBC Connection: (jdbc:[a-z:]+://[a-z0-9\.\-_:;=/@?,&]+)
Authorization Header: ((basic [a-z0-9=:_\+\/-]{5,100})|(bearer [a-z0-9_.=:_\+\/-]{5,100}))
Github Access Token: ([a-z0-9_-]*:[a-z0-9_\-]+@github\.com*)
All URL: (https?://[-A-Za-z0-9+&@#/%?=~_|!:,.;\u4E00-\u9FFF]+[-A-Za-z0-9+&@#/%=~_|])
Linkfinder: (?:"|')(((?:[a-zA-Z]{1,10}://|//)[^"'/]{1,}\.[a-zA-Z]{2,}[^"']{0,})|((?:/|\.\./|\./)[^"'><,;|*()(%%$^/\\\[\]][^"'><,;|()]{1,})|([a-zA-Z0-9_\-/]{1,}/[a-zA-Z0-9_\-/]{1,}\.(?:[a-zA-Z]{1,4}|action)(?:[\?|#][^"|']{0,}|))|([a-zA-Z0-9_\-/]{1,}/[a-zA-Z0-9_\-/]{3,}(?:[\?|#][^"|']{0,}|))|([a-zA-Z0-9_\-]{1,}\.(?:php|asp|aspx|jsp|json|action|html|js|txt|xml)(?:[\?|#][^"|']{0,}|)))(?:"|')
Sensitive Field: ((\[)?('|")?([\w]{0,10})((key)|(secret)|(token)|(config)|(auth)|(access)|(admin)|(ticket))([\w]{0,10})('|")?(\])?(|)(:|=)( |)('|")(.*?)('|")(|,))
HTML Notes: (<!--.*?-->)