Jinshu Peethambaran
LinkedInAbout Me
  • AWS
    • Disable SSH Timeout on EC2
    • Deploy Amazon ElastiCache, a fully managed Redis service
    • Elastic Cache: Redis Connectivity from the Internet
    • Exporting AWS WAF Logs to Splunk via S3
    • Add new user to EC2 Instance
  • Zero Trust
    • Zero Trust in Database Security - Overview and Key Considerations
    • Zero Trust for Datacenter Workloads
  • Engineering
    • Change RDP Session Time Out
    • RegEx for Sensitive Data
  • Miscellaneous
    • Automated Deployment - Apache Guacamole
    • Characters allowed in a domain name
    • Automated installation of Nuclei on a MAC/Linux
    • Upload local directory codes to a new GitHub repository
Powered by GitBook
On this page

Was this helpful?

  1. Engineering

RegEx for Sensitive Data

Here is the regex we can use it in the scripts (python I preferred).

    'password': r'(?i)(?=.*[a-zA-Z])(?=.*\d)(?=.*[!@#$%^&*()\-_=+{};:,<.>]).{8,}',
    'jwt_token': r'(?i)Bearer\s+(?:[A-Za-z0-9\-_~+\/]+=*\.)+[A-Za-z0-9\-_~+\/]+=*',
    'credit_card': r'\b(?:\d[ -]*?){13,16}\b'

In this code, the pattern r'(?i)(?=.*[a-zA-Z])(?=.*\d)(?=.*[!@#$%^&*()\-_=+{};:,<.>]).{8,}' is used to identify potential passwords. Let's break down the pattern:

  • (?i) makes the pattern case-insensitive.

  • (?=.*[a-zA-Z]) ensures that the potential password contains at least one letter.

  • (?=.*\d) ensures that the potential password contains at least one digit.

  • (?=.*[!@#$%^&*()\-_=+{};:,<.>]) ensures that the potential password contains at least one special character.

  • .{8,} enforces a minimum length requirement of 8 characters for the potential password.

'jwt_token': r'(?i)Bearer\s+(?:[A-Za-z0-9\-_~+\/]+=*\.)+[A-Za-z0-9\-_~+\/]+=*': This pattern is designed to match potential JWT tokens preceded by the word "Bearer". It looks for sequences of alphanumeric characters, dashes, underscores, tildes, plus signs, forward slashes, and periods that resemble JWT tokens.

'credit_card': r'\b(?:\d[ -]*?){13,16}\b': This pattern is used to identify potential credit card numbers. It matches sequences of digits that have a length of 13 to 16 characters, allowing for optional spaces or dashes between the digits.

These patterns are just examples and may require further refinement based on the specific formats and validation rules of JWT tokens and credit card numbers in your use case. Make sure to adapt the patterns according to your requirements.

Remember to implement additional security measures, such as secure token handling, proper credit card validation, and compliance with relevant data protection regulations, to ensure the sensitive data is handled securely.

PreviousChange RDP Session Time OutNextAutomated Deployment - Apache Guacamole

Last updated 2 years ago

Was this helpful?