Built-in Detector Reference On this page Aegis ships with 200+ built-in detectors sourced from the gitleaks open-source ruleset. All detectors use JavaScript regex syntax with g (global) and i (case-insensitive) flags applied automatically.
Four detectors are enabled by default : aws-access-token, credit-card, ssn, and private-key. All others are off by default.
Core & Generic# Catch-all patterns for the most universally sensitive content types.
Detector ID Default What It Detects aws-access-tokenON AWS IAM access key IDs (AKIA prefix) credit-cardON Major credit card numbers (Visa, MC, Amex, Discover) ssnON US Social Security Numbers (hyphenated and plain 9-digit) private-keyON PEM-encoded private keys (RSA, EC, generic) generic-api-keyOFF Generic apikey= / api_key= patterns jwtOFF JSON Web Tokens (eyJ prefix) jwt-base64OFF Base64-encoded JSON Web Tokens age-secret-keyOFF Age encryption tool secret keys pkcs12-fileOFF PKCS #12 files (bundled private keys) curl-auth-headerOFF Authorization tokens in curl command headers curl-auth-userOFF Basic auth credentials in curl commands kubernetes-secret-yamlOFF Kubernetes Secret manifests
AWS & Amazon# Detector ID What It Detects aws-amazon-bedrock-api-key-long-livedLong-lived Amazon Bedrock API keys aws-amazon-bedrock-api-key-short-livedShort-lived Amazon Bedrock API keys
Azure & Microsoft# Detector ID What It Detects azure-ad-client-secretAzure Active Directory client secrets microsoft-teams-webhookMicrosoft Teams incoming webhook URLs
Google Cloud# Detector ID What It Detects gcp-api-keyGoogle Cloud Platform API keys
Detector ID What It Detects alibaba-access-key-idAlibaba Cloud AccessKey ID alibaba-secret-keyAlibaba Cloud Secret Key cloudflare-api-keyCloudflare API Key cloudflare-global-api-keyCloudflare Global API Key cloudflare-origin-ca-keyCloudflare Origin CA Key digitalocean-access-tokenDigitalOcean OAuth Access Token digitalocean-patDigitalOcean Personal Access Token digitalocean-refresh-tokenDigitalOcean OAuth Refresh Token flyio-access-tokenFly.io API key heroku-api-keyHeroku personal API token heroku-api-key-v2Heroku API key (v2 format) scalingo-api-tokenScalingo cloud platform API token
Source Control & CI/CD# Detector ID What It Detects bitbucket-client-idBitbucket OAuth client ID bitbucket-client-secretBitbucket OAuth client secret codecov-access-tokenCodecov access token droneci-access-tokenDrone CI access token github-app-tokenGitHub App token github-fine-grained-patGitHub fine-grained personal access token github-oauthGitHub OAuth access token github-patGitHub personal access token github-refresh-tokenGitHub refresh token gitlab-cicd-job-tokenGitLab CI/CD job token gitlab-deploy-tokenGitLab deploy token gitlab-feature-flag-client-tokenGitLab feature flag client token gitlab-feed-tokenGitLab feed token gitlab-incoming-mail-tokenGitLab incoming mail token gitlab-kubernetes-agent-tokenGitLab Kubernetes Agent token gitlab-oauth-app-secretGitLab OIDC application secret gitlab-patGitLab personal access token gitlab-pat-routableGitLab personal access token (routable format) gitlab-pttGitLab pipeline trigger token gitlab-rrtGitLab runner registration token gitlab-runner-authentication-tokenGitLab runner authentication token gitlab-runner-authentication-token-routableGitLab runner authentication token (routable) gitlab-scim-tokenGitLab SCIM token gitlab-session-cookieGitLab session cookie harness-api-keyHarness personal or service access token octopus-deploy-api-keyOctopus Deploy API key artifactory-api-keyArtifactory API key artifactory-reference-tokenArtifactory reference token jfrog-api-keyJFrog API key jfrog-identity-tokenJFrog identity token travisci-access-tokenTravis CI access token
Communication & Collaboration# Detector ID What It Detects discord-api-tokenDiscord API key discord-client-idDiscord client ID discord-client-secretDiscord client secret gitter-access-tokenGitter access token mattermost-access-tokenMattermost access token messagebird-api-tokenMessageBird API token messagebird-client-idMessageBird client ID sendbird-access-idSendbird access ID sendbird-access-tokenSendbird access token slack-app-tokenSlack app-level token slack-bot-tokenSlack bot token slack-config-access-tokenSlack configuration access token slack-config-refresh-tokenSlack configuration refresh token slack-legacy-bot-tokenSlack legacy bot token slack-legacy-tokenSlack legacy token slack-legacy-workspace-tokenSlack legacy workspace token slack-user-tokenSlack user token slack-webhook-urlSlack incoming webhook URL telegram-bot-api-tokenTelegram Bot API token twilio-api-keyTwilio API key
AI & Machine Learning# Detector ID What It Detects anthropic-admin-api-keyAnthropic Admin API key anthropic-api-keyAnthropic API key cohere-api-tokenCohere API token huggingface-access-tokenHugging Face access token huggingface-organization-api-tokenHugging Face organization API token openai-api-keyOpenAI API key perplexity-api-keyPerplexity AI API key privateai-api-tokenPrivateAI API token
Monitoring, Observability & Security# Detector ID What It Detects datadog-access-tokenDatadog access token dynatrace-api-tokenDynatrace API token grafana-api-keyGrafana API key grafana-cloud-api-tokenGrafana Cloud API token grafana-service-account-tokenGrafana service account token infracost-api-tokenInfracost API token new-relic-browser-api-tokenNew Relic browser ingest API token new-relic-insert-keyNew Relic insights insert key new-relic-user-api-idNew Relic user API ID new-relic-user-api-keyNew Relic user API key snyk-api-tokenSnyk API token sonar-api-tokenSonarQube/SonarCloud API token sourcegraph-access-tokenSourcegraph access token sumologic-access-idSumoLogic access ID sumologic-access-tokenSumoLogic access token
Payment, Financial & Cryptocurrency# Detector ID What It Detects bittrex-access-keyBittrex access key bittrex-secret-keyBittrex secret key coinbase-access-tokenCoinbase access token easypost-api-tokenEasyPost API token easypost-test-api-tokenEasyPost test API token finicity-api-tokenFinicity API token finicity-client-secretFinicity client secret finnhub-access-tokenFinnhub access token flutterwave-encryption-keyFlutterwave encryption key flutterwave-public-keyFlutterwave public key flutterwave-secret-keyFlutterwave secret key freshbooks-access-tokenFreshbooks access token gocardless-api-tokenGoCardless API token kraken-access-tokenKraken access token kucoin-access-tokenKuCoin access token kucoin-secret-keyKuCoin secret key plaid-api-tokenPlaid API token plaid-client-idPlaid client ID plaid-secret-keyPlaid secret key square-access-tokenSquare access token stripe-access-tokenStripe access token
Email & Marketing# Detector ID What It Detects beamer-api-tokenBeamer API token hubspot-api-keyHubSpot API token mailchimp-api-keyMailchimp API key mailgun-private-api-tokenMailgun private API token mailgun-pub-keyMailgun public validation key mailgun-signing-keyMailgun webhook signing key sendgrid-api-tokenSendGrid API token sendinblue-api-tokenSendinblue (Brevo) API token typeform-api-tokenTypeform API token
Detector ID What It Detects clojars-api-tokenClojars API token confluent-access-tokenConfluent access token confluent-secret-keyConfluent secret key databricks-api-tokenDatabricks API token doppler-api-tokenDoppler API token hashicorp-tf-api-tokenHashiCorp Terraform user/org API token hashicorp-tf-passwordHashiCorp Terraform password field launchdarkly-access-tokenLaunchDarkly access token linear-api-keyLinear API token linear-client-secretLinear client secret npm-access-tokennpm access token nuget-config-passwordPassword in NuGet config file openshift-user-tokenOpenShift user token planetscale-api-tokenPlanetScale API token planetscale-oauth-tokenPlanetScale OAuth token planetscale-passwordPlanetScale password postman-api-tokenPostman API token prefect-api-tokenPrefect API token pulumi-api-tokenPulumi API token pypi-upload-tokenPyPI upload token rubygems-api-tokenRubyGems API token
Identity & Access Management# Detector ID What It Detects 1password-secret-key1Password secret key 1password-service-account-token1Password service account token atlassian-api-tokenAtlassian API token authress-service-client-access-keyAuthress service client access key okta-access-tokenOkta access token vault-batch-tokenHashiCorp Vault batch token vault-service-tokenHashiCorp Vault service token
Storage, Content & E-commerce# Detector ID What It Detects airtable-api-keyAirtable API key airtable-personnal-access-tokenAirtable personal access token contentful-delivery-api-tokenContentful delivery API token dropbox-api-tokenDropbox API secret dropbox-long-lived-api-tokenDropbox long-lived API token dropbox-short-lived-api-tokenDropbox short-lived API token frameio-api-tokenFrame.io API token mapbox-api-tokenMapBox API token notion-api-tokenNotion API token readme-api-tokenReadMe API token shopify-access-tokenShopify access token shopify-custom-access-tokenShopify custom app access token shopify-private-app-access-tokenShopify private app access token shopify-shared-secretShopify shared secret squarespace-access-tokenSquarespace access token
Detector ID What It Detects etsy-access-tokenEtsy access token facebook-access-tokenFacebook access token facebook-page-access-tokenFacebook page access token facebook-secretFacebook application secret flickr-access-tokenFlickr access token linkedin-client-idLinkedIn OAuth client ID linkedin-client-secretLinkedIn OAuth client secret nytimes-access-tokenNew York Times API token twitch-api-tokenTwitch API token twitter-access-secretTwitter/X access secret twitter-access-tokenTwitter/X access token twitter-api-keyTwitter/X API key twitter-api-secretTwitter/X API secret twitter-bearer-tokenTwitter/X bearer token
Other APIs & Services# Detector ID What It Detects adafruit-api-keyAdafruit API key adobe-client-idAdobe OAuth Web Client ID adobe-client-secretAdobe client secret algolia-api-keyAlgolia API key asana-client-idAsana client ID asana-client-secretAsana client secret cisco-meraki-api-keyCisco Meraki API key clickhouse-cloud-api-secret-keyClickHouse Cloud API secret key defined-networking-api-tokenDefined Networking API token duffel-api-tokenDuffel travel platform API token fastly-api-tokenFastly CDN API key freemius-secret-keyFreemius secret key gitter-access-tokenGitter access token intra42-client-secretIntra42 (42School) client secret intercom-api-keyIntercom API token lob-api-keyLob API key lob-pub-api-keyLob publishable API key looker-client-idLooker client ID looker-client-secretLooker client secret maxmind-license-keyMaxMind license key netlify-access-tokenNetlify access token rapidapi-access-tokenRapidAPI access token sendbird-access-idSendbird access ID settlemint-application-access-tokenSettleMint application access token settlemint-personal-access-tokenSettleMint personal access token settlemint-service-access-tokenSettleMint service access token shippo-api-tokenShippo shipping API token sidekiq-secretSidekiq secret sidekiq-sensitive-urlSidekiq sensitive URL yandex-access-tokenYandex access token yandex-api-keyYandex API key yandex-aws-access-tokenYandex AWS access token zendesk-secret-keyZendesk secret key