├── .gitignore
├── .goreleaser.yaml
├── LICENSE
├── README.md
├── api
    ├── appidtoname.go
    ├── config.go
    └── filemonitor.go
├── cmd
    └── root.go
├── config
    ├── config.yaml
    └── rule.yaml
├── go.mod
├── go.sum
├── image
    ├── img.png
    └── img_1.png
├── internal
    ├── cmd
    │   └── cmd.go
    ├── config
    │   ├── delete.go
    │   ├── share.go
    │   └── wxapkg.go
    ├── decrypt
    │   └── decrypt.go
    ├── enum
    │   └── wxapkg.go
    ├── formatter
    │   ├── formatter.go
    │   ├── htmlformatter.go
    │   ├── jsformatter.go
    │   └── jsonformatter.go
    ├── hook
    │   ├── embed_other.go
    │   ├── embed_windows.go
    │   ├── hook.go
    │   └── win.exe
    ├── key
    │   ├── 800+ 规则.yml
    │   ├── key.go
    │   └── match.go
    ├── pack
    │   └── pack.go
    ├── restore
    │   ├── decompiler.go
    │   ├── parser.go
    │   └── restore.go
    ├── unpack
    │   ├── uconfig.go
    │   ├── ujs.go
    │   ├── unpack.go
    │   ├── uxml.go
    │   └── uxss.go
    └── util
    │   ├── getWccVersion.go
    │   ├── getWxapkgType.go
    │   ├── humanReadableSize.go
    │   └── transformCSS.go
└── main.go


/.gitignore:
--------------------------------------------------------------------------------
  1 | ### GoLand+all template
  2 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
  3 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
  4 | 
  5 | # User-specific stuff
  6 | .idea/**/workspace.xml
  7 | .idea/**/tasks.xml
  8 | .idea/**/usage.statistics.xml
  9 | .idea/**/dictionaries
 10 | .idea/**/shelf
 11 | 
 12 | # AWS User-specific
 13 | .idea/**/aws.xml
 14 | 
 15 | # Generated files
 16 | .idea/**/contentModel.xml
 17 | 
 18 | # Sensitive or high-churn files
 19 | .idea/**/dataSources/
 20 | .idea/**/dataSources.ids
 21 | .idea/**/dataSources.local.xml
 22 | .idea/**/sqlDataSources.xml
 23 | .idea/**/dynamic.xml
 24 | .idea/**/uiDesigner.xml
 25 | .idea/**/dbnavigator.xml
 26 | 
 27 | # Gradle
 28 | .idea/**/gradle.xml
 29 | .idea/**/libraries
 30 | 
 31 | # Gradle and Maven with auto-import
 32 | # When using Gradle or Maven with auto-import, you should exclude module files,
 33 | # since they will be recreated, and may cause churn.  Uncomment if using
 34 | # auto-import.
 35 | # .idea/artifacts
 36 | # .idea/compiler.xml
 37 | # .idea/jarRepositories.xml
 38 | # .idea/modules.xml
 39 | # .idea/*.iml
 40 | # .idea/modules
 41 | # *.iml
 42 | # *.ipr
 43 | 
 44 | # CMake
 45 | cmake-build-*/
 46 | 
 47 | # Mongo Explorer plugin
 48 | .idea/**/mongoSettings.xml
 49 | 
 50 | # File-based project format
 51 | *.iws
 52 | 
 53 | # IntelliJ
 54 | out/
 55 | 
 56 | # mpeltonen/sbt-idea plugin
 57 | .idea_modules/
 58 | 
 59 | # JIRA plugin
 60 | atlassian-ide-plugin.xml
 61 | 
 62 | # Cursive Clojure plugin
 63 | .idea/replstate.xml
 64 | 
 65 | # SonarLint plugin
 66 | .idea/sonarlint/
 67 | 
 68 | # Crashlytics plugin (for Android Studio and IntelliJ)
 69 | com_crashlytics_export_strings.xml
 70 | crashlytics.properties
 71 | crashlytics-build.properties
 72 | fabric.properties
 73 | 
 74 | # Editor-based Rest Client
 75 | .idea/httpRequests
 76 | 
 77 | # Android studio 3.1+ serialized cache file
 78 | .idea/caches/build_file_checksums.ser
 79 | 
 80 | ### Go template
 81 | # If you prefer the allow list template instead of the deny list, see community template:
 82 | # https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
 83 | #
 84 | # Binaries for programs and plugins
 85 | *.dll
 86 | *.so
 87 | *.dylib
 88 | 
 89 | # Test binary, built with `go test -c`
 90 | *.test
 91 | 
 92 | # Output of the go coverage tool, specifically when used with LiteIDE
 93 | *.out
 94 | out/*
 95 | 
 96 | # Dependency directories (remove the comment below to include it)
 97 | # vendor/
 98 | 
 99 | # Go workspace file
100 | go.work
101 | 
102 | ### GoLand template
103 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
104 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
105 | 
106 | # User-specific stuff
107 | 
108 | # AWS User-specific
109 | 
110 | # Generated files
111 | 
112 | # Sensitive or high-churn files
113 | 
114 | # Gradle
115 | 
116 | # Gradle and Maven with auto-import
117 | # When using Gradle or Maven with auto-import, you should exclude module files,
118 | # since they will be recreated, and may cause churn.  Uncomment if using
119 | # auto-import.
120 | # .idea/artifacts
121 | # .idea/compiler.xml
122 | # .idea/jarRepositories.xml
123 | # .idea/modules.xml
124 | # .idea/*.iml
125 | # .idea/modules
126 | # *.iml
127 | # *.ipr
128 | 
129 | # CMake
130 | 
131 | # Mongo Explorer plugin
132 | 
133 | # File-based project format
134 | 
135 | # IntelliJ
136 | 
137 | # mpeltonen/sbt-idea plugin
138 | 
139 | # JIRA plugin
140 | 
141 | # Cursive Clojure plugin
142 | 
143 | # SonarLint plugin
144 | 
145 | # Crashlytics plugin (for Android Studio and IntelliJ)
146 | 
147 | # Editor-based Rest Client
148 | 
149 | # Android studio 3.1+ serialized cache file
150 | 
151 | ### GoLand+iml template
152 | # Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
153 | # Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
154 | 
155 | # User-specific stuff
156 | 
157 | # AWS User-specific
158 | 
159 | # Generated files
160 | 
161 | # Sensitive or high-churn files
162 | 
163 | # Gradle
164 | 
165 | # Gradle and Maven with auto-import
166 | # When using Gradle or Maven with auto-import, you should exclude module files,
167 | # since they will be recreated, and may cause churn.  Uncomment if using
168 | # auto-import.
169 | # .idea/artifacts
170 | # .idea/compiler.xml
171 | # .idea/jarRepositories.xml
172 | # .idea/modules.xml
173 | # .idea/*.iml
174 | # .idea/modules
175 | # *.iml
176 | # *.ipr
177 | 
178 | # CMake
179 | 
180 | # Mongo Explorer plugin
181 | 
182 | # File-based project format
183 | 
184 | # IntelliJ
185 | 
186 | # mpeltonen/sbt-idea plugin
187 | 
188 | # JIRA plugin
189 | 
190 | # Cursive Clojure plugin
191 | 
192 | # SonarLint plugin
193 | 
194 | # Crashlytics plugin (for Android Studio and IntelliJ)
195 | 
196 | # Editor-based Rest Client
197 | 
198 | # Android studio 3.1+ serialized cache file
199 | 
200 | 
201 | dist/
202 | .idea/
203 | 


--------------------------------------------------------------------------------
/.goreleaser.yaml:
--------------------------------------------------------------------------------
 1 | # This is an example .goreleaser.yml file with some sensible defaults.
 2 | # Make sure to check the documentation at https://goreleaser.com
 3 | 
 4 | # The lines below are called `modelines`. See `:help modeline`
 5 | # Feel free to remove those if you don't want/need to use them.
 6 | # yaml-language-server: $schema=https://goreleaser.com/static/schema.json
 7 | # vim: set ts=2 sw=2 tw=0 fo=cnqoj
 8 | 
 9 | version: 2
10 | 
11 | before:
12 |   hooks:
13 |     # You may remove this if you don't use go modules.
14 |     - go mod tidy
15 | 
16 | upx:
17 |   - enabled: true
18 |     compress: best
19 |     lzma: true
20 | 
21 | builds:
22 |   - env:
23 |       - CGO_ENABLED=0
24 |     goos:
25 |       - windows
26 |       - darwin
27 | 
28 | archives:
29 |   - format: binary
30 | 
31 | changelog:
32 |   sort: asc
33 |   filters:
34 |     exclude:
35 |       - "^docs:"
36 |       - "^test:"
37 |       - "^style:"
38 |       - "^ci:"
39 |       - "^perf:"
40 |       - "^build:"
41 |       - "^deps:"
42 |       - "^vendor:"
43 |       - "^internal:"
44 |       - "^examples:"
45 | 
46 | checksum:
47 |   algorithm: md5


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2024 Antkites
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # KillWxapkg-Auto
 2 | 
 3 | > 二开KillWxapkg，自动化监控实时点击打开的微信小程序进行反编译，辅助小程序渗透测试。
 4 | > 原作者：https://github.com/Ackites/KillWxapkg
 5 | 
 6 | 
 7 | ------------------
 8 | ## 声明
 9 | 
10 | **本程序仅供于学习交流，请使用者遵守《中华人民共和国网络安全法》，勿将此工具用于非授权的测试，开发者不负任何连带法律责任。**
11 | 
12 | **核心抄的，只是个自动化；没啥技术难度，大哥们别来提有关核心的issue，我只是个搬运工。**
13 | 
14 | ## 二开
15 | 
16 | > 思路原本是24年上半年就想到，后面由于各种原因忘了。后面听了小迪直播中艾克sec的分享，同为22期学员差距怎么这么大。现在看来还是自己懒了。
17 | > 想到了《士兵突击》团长对许三多说的话：
18 | > “想到和得到的中间，还有两个字：做到！” 
19 | 
20 | 1. 【完成】自动监控实时点击打开的微信小程序进行反编译，并输出反编译后的代码。
21 | 
22 | 2. 【完成】将微信appid查询转换为微信小程序名字，方便后续查找泄露文件点复现漏洞。(需要联网)
23 | 
24 | 3. 【废弃】~~优化原作者敏感信息查找规则以及方式。~~ 发现原作者规则更改很简单，config/rule.yaml 自定义即可。(把email、phone、wxid等设置false减少干扰，另外修改原版敏感信息匹配输出json为html)
25 | 
26 | ![img.png](image/img.png)
27 | 
28 | 4. 【计划】改成WEBUI界面，方便使用。(问为啥不改成客户端，就是说个人感觉打开界面太多了会太杂乱，不如一个浏览器一个窗口)
29 | 
30 | ## 介绍
31 | >主要新增KillWxapkg-Auto.exe -auto用法, 其余用法参照原作者。
32 | 
33 | config/config.yaml 配置小程序目录绝对路径
34 | 
35 | > KillWxapkg-Auto.exe -auto
36 | 
37 | ![img_1.png](image%2Fimg_1.png)
38 | 
39 | 
40 | **有时候会编译失败找不到文件，这里多是小程序太大网络环境较慢导致，可以等一会小程序对应文件加载完删掉Ctrl+Z重新进行反编译。**
41 | ```shell
42 | $ KillWxapkg-Auto.exe --help
43 | 
44 |   -auto
45 |         是否目录监控自动反编译，点击即是反编译
46 |   -ext string
47 |         处理的文件后缀 (default ".wxapkg")
48 |   -hook
49 |         是否开启动态调试
50 |   -id string
51 |         微信小程序的AppID
52 |   -in string
53 |         输入文件路径（多个文件用逗号分隔）或输入目录路径
54 |   -noClean
55 |         是否清理中间文件
56 |   -out string
57 |         输出目录路径（如果未指定，则默认保存到输入目录下以AppID命名的文件夹）
58 |   -pretty
59 |         是否美化输出
60 |   -repack string
61 |         重新打包wxapkg文件
62 |   -restore
63 |         是否还原工程目录结构
64 |   -save
65 |         是否保存解密后的文件
66 |   -sensitive
67 |         是否获取敏感数据
68 |   -watch
69 |         是否监听将要打包的文件夹，并自动打包
70 | ```
71 | 


--------------------------------------------------------------------------------
/api/appidtoname.go:
--------------------------------------------------------------------------------
 1 | package api
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 	"fmt"
 6 | 	"io/ioutil"
 7 | 	"net/http"
 8 | )
 9 | 
10 | // 定义一个结构体来映射JSON数据
11 | type ResponseData struct {
12 | 	Code int `json:"code"`
13 | 	Data struct {
14 | 		Nickname      string `json:"nickname"`
15 | 		Username      string `json:"username"`
16 | 		Description   string `json:"description"`
17 | 		Avatar        string `json:"avatar"`
18 | 		AppID         string `json:"appid"`
19 | 		UsesCount     string `json:"uses_count"`
20 | 		PrincipalName string `json:"principal_name"`
21 | 	} `json:"data"`
22 | }
23 | 
24 | // 请求函数
25 | func SendRequest(appID string) ([]byte, error) {
26 | 	// 目标URL, 对应appid查询小程序
27 | 	url := "https://kainy.cn/api/weapp/info/"
28 | 
29 | 	// 创建POST请求
30 | 	req, err := http.NewRequest("POST", url, bytes.NewBuffer([]byte("appid="+appID)))
31 | 	if err != nil {
32 | 		return nil, fmt.Errorf("创建请求失败: %v", err)
33 | 	}
34 | 
35 | 	// 设置请求头
36 | 	req.Header.Set("Host", "kainy.cn")
37 | 	req.Header.Set("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36")
38 | 	req.Header.Set("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8")
39 | 	req.Header.Set("Accept-Encoding", "gzip, deflate, br")
40 | 	req.Header.Set("Connection", "keep-alive")
41 | 
42 | 	// 发送请求
43 | 	client := &http.Client{}
44 | 	resp, err := client.Do(req)
45 | 	if err != nil {
46 | 		return nil, fmt.Errorf("发送请求失败: %v", err)
47 | 	}
48 | 	defer resp.Body.Close()
49 | 
50 | 	// 读取响应
51 | 	return ioutil.ReadAll(resp.Body)
52 | }
53 | 
54 | //func main() {
55 | //	// 调用请求函数
56 | //	body, err := SendRequest("wx310cecc58fa78fc6")
57 | //	if err != nil {
58 | //		fmt.Println(err)
59 | //		return
60 | //	}
61 | //
62 | //	// 输出状态码
63 | //	fmt.Println("响应内容:", string(body))
64 | //
65 | //	// 解析JSON响应
66 | //	var responseData ResponseData
67 | //	if err := json.Unmarshal(body, &responseData); err != nil {
68 | //		fmt.Println("解析JSON失败:", err)
69 | //		return
70 | //	}
71 | //
72 | //	// 提取name字段
73 | //	fmt.Println("名称:", responseData.Data.Nickname)
74 | //}
75 | 


--------------------------------------------------------------------------------
/api/config.go:
--------------------------------------------------------------------------------
 1 | package api
 2 | 
 3 | import (
 4 | 	"errors"
 5 | 	"gopkg.in/yaml.v2"
 6 | 	"io/ioutil"
 7 | )
 8 | 
 9 | // Config 用于映射 YAML 文件的结构
10 | type Config struct {
11 | 	WxAppletPath string `yaml:"wx_applet_path"`
12 | 	WxOutputPath string `yaml:"wx_output_path"`
13 | 	TimeOut      int    `yaml:"time_out"`
14 | }
15 | 
16 | // LoadConfig 读取 YAML 文件并返回配置
17 | func LoadConfig(filePath string) (*Config, error) {
18 | 	if filePath == "" {
19 | 		return nil, errors.New("file path cannot be empty")
20 | 	}
21 | 
22 | 	data, err := ioutil.ReadFile(filePath)
23 | 	if err != nil {
24 | 		return nil, err
25 | 	}
26 | 
27 | 	var config Config
28 | 	err = yaml.Unmarshal(data, &config)
29 | 	if err != nil {
30 | 		return nil, err
31 | 	}
32 | 
33 | 	return &config, nil
34 | }
35 | 


--------------------------------------------------------------------------------
/api/filemonitor.go:
--------------------------------------------------------------------------------
 1 | package api
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"github.com/fsnotify/fsnotify"
 6 | 	"log"
 7 | 	"os"
 8 | 	"path/filepath"
 9 | 	"strings"
10 | )
11 | 
12 | // 监控目录并通过通道返回新增的文件名
13 | func WatchNewFiles(directory string, fileChan chan<- string) error {
14 | 	// 创建一个文件系统监听器
15 | 	watcher, err := fsnotify.NewWatcher()
16 | 	if err != nil {
17 | 		return err
18 | 	}
19 | 	defer watcher.Close()
20 | 
21 | 	// 开始监控指定的目录
22 | 	err = watcher.Add(directory)
23 | 	if err != nil {
24 | 		return err
25 | 	}
26 | 
27 | 	// 持续监听文件系统事件
28 | 	for {
29 | 		select {
30 | 		case event := <-watcher.Events:
31 | 			// 检测到新文件被创建
32 | 			if event.Op&fsnotify.Create == fsnotify.Create {
33 | 				//fmt.Printf("新文件: %s\n", event.Name)
34 | 				//fmt.Println(filepath.Base(event.Name))
35 | 				// 将新增的文件名发送到通道中
36 | 				if strings.HasPrefix(filepath.Base(event.Name), "wx") { // 过滤掉日志文件
37 | 					fileChan <- event.Name
38 | 				}
39 | 			}
40 | 		case err := <-watcher.Errors:
41 | 			log.Println("监控错误:", err)
42 | 		}
43 | 	}
44 | }
45 | 
46 | func ListSubdirectories(path string) ([]string, error) {
47 | 	entries, err := os.ReadDir(path)
48 | 	if err != nil {
49 | 		return nil, fmt.Errorf("无法读取目录: %w", err)
50 | 	}
51 | 
52 | 	var subdirs []string
53 | 
54 | 	// 遍历目录条目，筛选出子目录
55 | 	for _, entry := range entries {
56 | 		if entry.Type().IsDir() {
57 | 			subdirs = append(subdirs, entry.Name()) // 收集子目录名称
58 | 		}
59 | 	}
60 | 
61 | 	return subdirs, nil
62 | }
63 | 


--------------------------------------------------------------------------------
/cmd/root.go:
--------------------------------------------------------------------------------
 1 | package cmd
 2 | 
 3 | import (
 4 | 	"log"
 5 | 	"sync"
 6 | 
 7 | 	. "github.com/Ackites/KillWxapkg/internal/cmd"
 8 | 	. "github.com/Ackites/KillWxapkg/internal/config"
 9 | 	"github.com/Ackites/KillWxapkg/internal/restore"
10 | )
11 | 
12 | func Execute(appID, input, outputDir, fileExt string, restoreDir bool, pretty bool, noClean bool, save bool, sensitive bool) {
13 | 	// 存储配置
14 | 	configManager := NewSharedConfigManager()
15 | 	configManager.Set("appID", appID)
16 | 	configManager.Set("input", input)
17 | 	configManager.Set("outputDir", outputDir)
18 | 	configManager.Set("fileExt", fileExt)
19 | 	configManager.Set("restoreDir", restoreDir)
20 | 	configManager.Set("pretty", pretty)
21 | 	configManager.Set("noClean", noClean)
22 | 	configManager.Set("save", save)
23 | 	configManager.Set("sensitive", sensitive)
24 | 
25 | 	inputFiles := ParseInput(input, fileExt)
26 | 
27 | 	if len(inputFiles) == 0 {
28 | 		log.Println("未找到任何文件")
29 | 		return
30 | 	}
31 | 
32 | 	// 确定输出目录
33 | 	if outputDir == "" {
34 | 		outputDir = DetermineOutputDir(input, appID)
35 | 	}
36 | 
37 | 	var wg sync.WaitGroup
38 | 	for _, inputFile := range inputFiles {
39 | 		wg.Add(1)
40 | 		go func(file string) {
41 | 			defer wg.Done()
42 | 			err := ProcessFile(file, outputDir, appID, save)
43 | 			if err != nil {
44 | 				log.Printf("处理文件 %s 时出错: %v\n", file, err)
45 | 			} else {
46 | 				log.Printf("成功处理文件: %s\n", file)
47 | 			}
48 | 		}(inputFile)
49 | 	}
50 | 	wg.Wait()
51 | 
52 | 	// 还原工程目录结构
53 | 	restore.ProjectStructure(outputDir, restoreDir)
54 | }
55 | 


--------------------------------------------------------------------------------
/config/config.yaml:
--------------------------------------------------------------------------------
1 | wx_applet_path: D:\appdata\tencent\WeChat_resp\WeChat Files\Applet
2 | wx_output_path:
3 | time_out: 10
4 | # time_out为小程序资源加载超时时间，单位为秒，偶尔出现加载超时的情况，可以适当调大


--------------------------------------------------------------------------------
/config/rule.yaml:
--------------------------------------------------------------------------------
  1 | rules:
  2 |     - id: domain
  3 |       enabled: false
  4 |       pattern: ""
  5 |     - id: path
  6 |       enabled: false
  7 |       pattern: ""
  8 |     - id: domain_url
  9 |       enabled: false
 10 |       pattern: ""
 11 |     - id: ip
 12 |       enabled: false
 13 |       pattern: ""
 14 |     - id: ip_url
 15 |       enabled: false
 16 |       pattern: \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}
 17 |     - id: email
 18 |       enabled: false
 19 |       pattern: \b[A-Za-z0-9._\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,61}\b
 20 |     - id: id_card
 21 |       enabled: true
 22 |       pattern: \b([1-9]\d{5}(19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx])\b
 23 |     - id: phone
 24 |       enabled: false
 25 |       pattern: \b1[3-9]\d{9}\b
 26 |     - id: jwt_token
 27 |       enabled: true
 28 |       pattern: eyJ[A-Za-z0-9_/+\-]{10,}={0,2}\.[A-Za-z0-9_/+\-\\]{15,}={0,2}\.[A-Za-z0-9_/+\-\\]{10,}={0,2}
 29 |     - id: Aliyun_AK_ID
 30 |       enabled: true
 31 |       pattern: \bLTAI[A-Za-z\d]{12,30}\b
 32 |     - id: QCloud_AK_ID
 33 |       enabled: true
 34 |       pattern: \bAKID[A-Za-z\d]{13,40}\b
 35 |     - id: JDCloud_AK_ID
 36 |       enabled: true
 37 |       pattern: \bJDC_[0-9A-Z]{25,40}\b
 38 |     - id: AWS_AK_ID
 39 |       enabled: true
 40 |       pattern: '["''''](?:A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}["'''']'
 41 |     - id: VolcanoEngine_AK_ID
 42 |       enabled: true
 43 |       pattern: \b(?:AKLT|AKTP)[a-zA-Z0-9]{35,50}\b
 44 |     - id: Kingsoft_AK_ID
 45 |       enabled: true
 46 |       pattern: \bAKLT[a-zA-Z0-9-_]{16,28}\b
 47 |     - id: GCP_AK_ID
 48 |       enabled: true
 49 |       pattern: \bAIza[0-9A-Za-z_\-]{35}\b
 50 |     - id: secret_key
 51 |       enabled: true
 52 |       pattern: ""
 53 |     - id: bearer_token
 54 |       enabled: true
 55 |       pattern: \b[Bb]earer\s+[a-zA-Z0-9\-=._+/\\]{20,500}\b
 56 |     - id: basic_token
 57 |       enabled: true
 58 |       pattern: \b[Bb]asic\s+[A-Za-z0-9+/]{18,}={0,2}\b
 59 |     - id: auth_token
 60 |       enabled: true
 61 |       pattern: '["''''\[]*[Aa]uthorization["''''\]]*\s*[:=]\s*[''''"]?\b(?:[Tt]oken\s+)?[a-zA-Z0-9\-_+/]{20,500}[''''"]?'
 62 |     - id: private_key
 63 |       enabled: true
 64 |       pattern: '-----\s*?BEGIN[ A-Z0-9_-]*?PRIVATE KEY\s*?-----[a-zA-Z0-9\/\n\r=+]*-----\s*?END[ A-Z0-9_-]*? PRIVATE KEY\s*?-----'
 65 |     - id: gitlab_v2_token
 66 |       enabled: true
 67 |       pattern: \b(glpat-[a-zA-Z0-9\-=_]{20,22})\b
 68 |     - id: github_token
 69 |       enabled: true
 70 |       pattern: \b((?:ghp|gho|ghu|ghs|ghr|github_pat)_[a-zA-Z0-9_]{36,255})\b
 71 |     - id: qcloud_api_gateway_appkey
 72 |       enabled: true
 73 |       pattern: \bAPID[a-zA-Z0-9]{32,42}\b
 74 |     - id: wechat_appid
 75 |       enabled: false
 76 |       pattern: '["''''](wx[a-z0-9]{15,18})["'''']'
 77 |     - id: wechat_corpid
 78 |       enabled: true
 79 |       pattern: '["''''](ww[a-z0-9]{15,18})["'''']'
 80 |     - id: wechat_id
 81 |       enabled: true
 82 |       pattern: '["''''](gh_[a-z0-9]{11,13})["'''']'
 83 |     - id: password
 84 |       enabled: true
 85 |       pattern: (?i)(?:admin_?pass|password|[a-z]{3,15}_?password|user_?pass|user_?pwd|admin_?pwd)\\?['"]*\s*[:=]\s*\\?['"][a-z0-9!@#$%&*]{5,50}\\?['"]
 86 |     - id: wechat_webhookurl
 87 |       enabled: true
 88 |       pattern: \bhttps://qyapi.weixin.qq.com/cgi-bin/webhook/send\?key=[a-zA-Z0-9\-]{25,50}\b
 89 |     - id: dingtalk_webhookurl
 90 |       enabled: true
 91 |       pattern: \bhttps://oapi.dingtalk.com/robot/send\?access_token=[a-z0-9]{50,80}\b
 92 |     - id: feishu_webhookurl
 93 |       enabled: true
 94 |       pattern: \bhttps://open.feishu.cn/open-apis/bot/v2/hook/[a-z0-9\-]{25,50}\b
 95 |     - id: slack_webhookurl
 96 |       enabled: true
 97 |       pattern: \bhttps://hooks.slack.com/services/[a-zA-Z0-9\-_]{6,12}/[a-zA-Z0-9\-_]{6,12}/[a-zA-Z0-9\-_]{15,24}\b
 98 |     - id: grafana_api_key
 99 |       enabled: true
100 |       pattern: \beyJrIjoi[a-zA-Z0-9\-_+/]{50,100}={0,2}\b
101 |     - id: grafana_cloud_api_token
102 |       enabled: true
103 |       pattern: \bglc_[A-Za-z0-9\-_+/]{32,200}={0,2}\b
104 |     - id: grafana_service_account_token
105 |       enabled: true
106 |       pattern: \bglsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8}\b
107 |     - id: app_key
108 |       enabled: true
109 |       pattern: \b(?:VUE|APP|REACT)_[A-Z_0-9]{1,15}_(?:KEY|PASS|PASSWORD|TOKEN|APIKEY)['"]*[:=]"(?:[A-Za-z0-9_\-]{15,50}|[a-z0-9/+]{50,100}==?)"
110 |     - id: 腾讯文档
111 |       enabled: true
112 |       pattern: \bhttps://docs.qq.com/[a-z0-9\-]*/+[a-zA-Z0-9\-_]*
113 | 


--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
 1 | module github.com/Ackites/KillWxapkg
 2 | 
 3 | go 1.23
 4 | 
 5 | require (
 6 | 	github.com/ditashi/jsbeautifier-go v0.0.0-20141206144643-2520a8026a9c
 7 | 	github.com/dop251/goja v0.0.0-20240822155948-fa6d1ed5e4b6
 8 | 	github.com/fsnotify/fsnotify v1.7.0
 9 | 	github.com/tdewolff/parse/v2 v2.7.15
10 | 	github.com/yosssi/gohtml v0.0.0-20201013000340-ee4748c638f4
11 | 	golang.org/x/crypto v0.26.0
12 | 	golang.org/x/net v0.28.0
13 | 	golang.org/x/text v0.17.0
14 | 	gopkg.in/yaml.v2 v2.4.0
15 | 	gopkg.in/yaml.v3 v3.0.1
16 | )
17 | 
18 | require (
19 | 	github.com/dlclark/regexp2 v1.11.4 // indirect
20 | 	github.com/go-sourcemap/sourcemap v2.1.3+incompatible // indirect
21 | 	github.com/google/pprof v0.0.0-20230207041349-798e818bf904 // indirect
22 | 	golang.org/x/sys v0.23.0 // indirect
23 | )
24 | 


--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
 1 | github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0=
 2 | github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ=
 3 | github.com/ditashi/jsbeautifier-go v0.0.0-20141206144643-2520a8026a9c h1:+Zo5Ca9GH0RoeVZQKzFJcTLoAixx5s5Gq3pTIS+n354=
 4 | github.com/ditashi/jsbeautifier-go v0.0.0-20141206144643-2520a8026a9c/go.mod h1:HJGU9ULdREjOcVGZVPB5s6zYmHi1RxzT71l2wQyLmnE=
 5 | github.com/dlclark/regexp2 v1.11.4 h1:rPYF9/LECdNymJufQKmri9gV604RvvABwgOA8un7yAo=
 6 | github.com/dlclark/regexp2 v1.11.4/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
 7 | github.com/dop251/goja v0.0.0-20240822155948-fa6d1ed5e4b6 h1:0x8Sh2rKCTVUQnRTJFIwtRWAp91VMsnATQEsMAg14kM=
 8 | github.com/dop251/goja v0.0.0-20240822155948-fa6d1ed5e4b6/go.mod h1:MxLav0peU43GgvwVgNbLAj1s/bSGboKkhuULvq/7hx4=
 9 | github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
10 | github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
11 | github.com/go-sourcemap/sourcemap v2.1.3+incompatible h1:W1iEw64niKVGogNgBN3ePyLFfuisuzeidWPMPWmECqU=
12 | github.com/go-sourcemap/sourcemap v2.1.3+incompatible/go.mod h1:F8jJfvm2KbVjc5NqelyYJmf/v5J0dwNLS2mL4sNA1Jg=
13 | github.com/google/pprof v0.0.0-20230207041349-798e818bf904 h1:4/hN5RUoecvl+RmJRE2YxKWtnnQls6rQjjW5oV7qg2U=
14 | github.com/google/pprof v0.0.0-20230207041349-798e818bf904/go.mod h1:uglQLonpP8qtYCYyzA+8c/9qtqgA3qsXGYqCPKARAFg=
15 | github.com/tdewolff/parse/v2 v2.7.15 h1:hysDXtdGZIRF5UZXwpfn3ZWRbm+ru4l53/ajBRGpCTw=
16 | github.com/tdewolff/parse/v2 v2.7.15/go.mod h1:3FbJWZp3XT9OWVN3Hmfp0p/a08v4h8J9W1aghka0soA=
17 | github.com/tdewolff/test v1.0.11-0.20231101010635-f1265d231d52 h1:gAQliwn+zJrkjAHVcBEYW/RFvd2St4yYimisvozAYlA=
18 | github.com/tdewolff/test v1.0.11-0.20231101010635-f1265d231d52/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE=
19 | github.com/yosssi/gohtml v0.0.0-20201013000340-ee4748c638f4 h1:0sw0nJM544SpsihWx1bkXdYLQDlzRflMgFJQ4Yih9ts=
20 | github.com/yosssi/gohtml v0.0.0-20201013000340-ee4748c638f4/go.mod h1:+ccdNT0xMY1dtc5XBxumbYfOUhmduiGudqaDgD2rVRE=
21 | golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
22 | golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
23 | golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
24 | golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
25 | golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
26 | golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
27 | golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
28 | golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
29 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
30 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
31 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
32 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
33 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
34 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
35 | 


--------------------------------------------------------------------------------
/image/img.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/iamHuFei/KillWxapkg-Auto/30a26be50ce6bd3e92cad883c45312a9a63beef8/image/img.png


--------------------------------------------------------------------------------
/image/img_1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/iamHuFei/KillWxapkg-Auto/30a26be50ce6bd3e92cad883c45312a9a63beef8/image/img_1.png


--------------------------------------------------------------------------------
/internal/cmd/cmd.go:
--------------------------------------------------------------------------------
  1 | package cmd
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"io"
  6 | 	"log"
  7 | 	"os"
  8 | 	"path/filepath"
  9 | 	"strings"
 10 | 
 11 | 	"github.com/Ackites/KillWxapkg/internal/restore"
 12 | 	"github.com/Ackites/KillWxapkg/internal/util"
 13 | 
 14 | 	. "github.com/Ackites/KillWxapkg/internal/config"
 15 | 	"github.com/Ackites/KillWxapkg/internal/decrypt"
 16 | 	"github.com/Ackites/KillWxapkg/internal/unpack"
 17 | )
 18 | 
 19 | // ParseInput 解析输入文件
 20 | func ParseInput(input, fileExt string) []string {
 21 | 	var inputFiles []string
 22 | 	if fileInfo, err := os.Stat(input); err == nil && fileInfo.IsDir() {
 23 | 		files, err := os.ReadDir(input)
 24 | 		if err != nil {
 25 | 			log.Fatalf("读取输入目录失败: %v", err)
 26 | 		}
 27 | 		for _, file := range files {
 28 | 			if !file.IsDir() && strings.HasSuffix(file.Name(), fileExt) {
 29 | 				inputFiles = append(inputFiles, filepath.Join(input, file.Name()))
 30 | 			}
 31 | 		}
 32 | 	} else {
 33 | 		inputFiles = strings.Split(input, ",")
 34 | 	}
 35 | 
 36 | 	// 过滤掉不存在的文件
 37 | 	var validFiles []string
 38 | 	for _, file := range inputFiles {
 39 | 		if _, err := os.Stat(file); err == nil {
 40 | 			validFiles = append(validFiles, file)
 41 | 		}
 42 | 	}
 43 | 	return validFiles
 44 | }
 45 | 
 46 | // DetermineOutputDir 确定输出目录
 47 | func DetermineOutputDir(input, appID string) string {
 48 | 	var baseDir string
 49 | 
 50 | 	if fileInfo, err := os.Stat(input); err == nil && fileInfo.IsDir() {
 51 | 		baseDir = input
 52 | 	} else {
 53 | 		baseDir = filepath.Dir(input)
 54 | 	}
 55 | 
 56 | 	if appID == "" {
 57 | 		return filepath.Join(baseDir, "result")
 58 | 	}
 59 | 
 60 | 	return filepath.Join(baseDir, appID)
 61 | }
 62 | 
 63 | // ProcessFile 合并目录
 64 | func ProcessFile(inputFile, outputDir, appID string, save bool) error {
 65 | 	log.Printf("开始处理文件: %s\n", inputFile)
 66 | 
 67 | 	manager := GetWxapkgManager()
 68 | 
 69 | 	// 初始化 WxapkgInfo
 70 | 	info := &WxapkgInfo{
 71 | 		WxAppId:     appID,
 72 | 		IsExtracted: false,
 73 | 	}
 74 | 
 75 | 	// 确定解密后的文件路径
 76 | 	decryptedFilePath := filepath.Join(outputDir, filepath.Base(inputFile))
 77 | 
 78 | 	// 解密
 79 | 	decryptedData, err := decrypt.DecryptWxapkg(inputFile, appID)
 80 | 	if err != nil {
 81 | 		return fmt.Errorf("解密失败: %v", err)
 82 | 	}
 83 | 
 84 | 	// 保存解密后的文件
 85 | 	err = os.MkdirAll(outputDir, 0755)
 86 | 	if err != nil {
 87 | 		return fmt.Errorf("创建输出目录失败: %v", err)
 88 | 	}
 89 | 
 90 | 	// 是否保存解密后的文件
 91 | 	if save {
 92 | 		err = os.WriteFile(decryptedFilePath, decryptedData, 0755)
 93 | 		if err != nil {
 94 | 			return fmt.Errorf("保存解密文件失败: %v", err)
 95 | 		}
 96 | 
 97 | 		log.Printf("文件解密并保存到: %s\n", decryptedFilePath)
 98 | 	}
 99 | 
100 | 	// 解包到临时目录
101 | 	tempDir, err := os.MkdirTemp("", "wxapkg")
102 | 	if err != nil {
103 | 		return fmt.Errorf("创建临时目录失败: %v", err)
104 | 	}
105 | 	defer func(path string) {
106 | 		err := os.RemoveAll(path)
107 | 		if err != nil {
108 | 			log.Printf("删除临时目录 %s 失败: %v\n", path, err)
109 | 		}
110 | 	}(tempDir)
111 | 
112 | 	// 包文件列表
113 | 	var filelist []string
114 | 
115 | 	filelist, err = unpack.UnpackWxapkg(decryptedData, tempDir)
116 | 	if err != nil {
117 | 		return fmt.Errorf("解包失败: %v", err)
118 | 	}
119 | 
120 | 	// 设置解包状态
121 | 	info.IsExtracted = true
122 | 
123 | 	// 合并解包后的内容到输出目录
124 | 	err = mergeDirs(tempDir, outputDir)
125 | 	if err != nil {
126 | 		return fmt.Errorf("合并目录失败: %v", err)
127 | 	}
128 | 
129 | 	info.WxapkgType = util.GetWxapkgType(filelist)
130 | 
131 | 	if restore.IsMainPackage(info) {
132 | 		info.SourcePath = outputDir
133 | 	} else if restore.IsSubpackage(info) {
134 | 		info.SourcePath = filelist[0]
135 | 	}
136 | 
137 | 	// 将包信息添加到管理器中
138 | 	manager.AddPackage(info.SourcePath, info)
139 | 
140 | 	return nil
141 | }
142 | 
143 | // mergeDirs 合并目录
144 | func mergeDirs(srcDir, dstDir string) error {
145 | 	return filepath.Walk(srcDir, func(path string, info os.FileInfo, err error) error {
146 | 		if err != nil {
147 | 			return err
148 | 		}
149 | 		relPath, err := filepath.Rel(srcDir, path)
150 | 		if err != nil {
151 | 			return err
152 | 		}
153 | 		targetPath := filepath.Join(dstDir, relPath)
154 | 
155 | 		if info.IsDir() {
156 | 			return os.MkdirAll(targetPath, 0755)
157 | 		}
158 | 
159 | 		srcFile, err := os.Open(path)
160 | 		if err != nil {
161 | 			return err
162 | 		}
163 | 		defer func(srcFile *os.File) {
164 | 			err := srcFile.Close()
165 | 			if err != nil {
166 | 				log.Printf("关闭文件 %s 失败: %v\n", srcFile.Name(), err)
167 | 			}
168 | 		}(srcFile)
169 | 
170 | 		dstFile, err := os.Create(targetPath)
171 | 		if err != nil {
172 | 			return err
173 | 		}
174 | 		defer func(dstFile *os.File) {
175 | 			err := dstFile.Close()
176 | 			if err != nil {
177 | 				log.Printf("关闭文件 %s 失败: %v\n", dstFile.Name(), err)
178 | 			}
179 | 		}(dstFile)
180 | 
181 | 		_, err = io.Copy(dstFile, srcFile)
182 | 		return err
183 | 	})
184 | }
185 | 


--------------------------------------------------------------------------------
/internal/config/delete.go:
--------------------------------------------------------------------------------
 1 | package config
 2 | 
 3 | import (
 4 | 	"context"
 5 | 	"log"
 6 | 	"os"
 7 | 	"sync"
 8 | )
 9 | 
10 | // FileDeletionManager 用于管理需要删除的文件列表
11 | type FileDeletionManager struct {
12 | 	mu       sync.Mutex
13 | 	files    map[string]bool
14 | 	cancelFn context.CancelFunc
15 | 	ctx      context.Context
16 | }
17 | 
18 | var deleteInstance *FileDeletionManager
19 | var deleteOnce sync.Once
20 | 
21 | // NewFileDeletionManager 创建或获取一个单例的FileDeletionManager
22 | func NewFileDeletionManager() *FileDeletionManager {
23 | 	deleteOnce.Do(func() {
24 | 		c := context.Background()
25 | 		ctx, cancel := context.WithCancel(c)
26 | 		deleteInstance = &FileDeletionManager{
27 | 			files:    make(map[string]bool),
28 | 			cancelFn: cancel,
29 | 			ctx:      ctx,
30 | 		}
31 | 	})
32 | 	return deleteInstance
33 | }
34 | 
35 | // AddFile 添加文件路径到删除列表
36 | func (f *FileDeletionManager) AddFile(filePath string) {
37 | 	f.mu.Lock()
38 | 	defer f.mu.Unlock()
39 | 	f.files[filePath] = true
40 | }
41 | 
42 | // DeleteFiles 删除所有在列表中的文件
43 | func (f *FileDeletionManager) DeleteFiles() {
44 | 	f.mu.Lock()
45 | 	files := make([]string, 0, len(f.files))
46 | 	for file := range f.files {
47 | 		files = append(files, file)
48 | 	}
49 | 	f.mu.Unlock()
50 | 
51 | 	for _, file := range files {
52 | 		select {
53 | 		case <-f.ctx.Done():
54 | 			log.Println("文件删除操作已取消")
55 | 			return
56 | 		default:
57 | 			// 判断文件是否存在
58 | 			if _, err := os.Stat(file); os.IsNotExist(err) {
59 | 				continue
60 | 			}
61 | 			err := os.Remove(file)
62 | 			if err != nil {
63 | 				log.Printf("删除文件 %s 失败: %v\n", file, err)
64 | 			} else {
65 | 				f.mu.Lock()
66 | 				delete(f.files, file) // 删除成功后从列表中移除文件
67 | 				f.mu.Unlock()
68 | 				log.Printf("文件 %s 已成功删除", file)
69 | 			}
70 | 		}
71 | 	}
72 | }
73 | 
74 | // Cancel 取消删除操作
75 | func (f *FileDeletionManager) Cancel() {
76 | 	f.cancelFn()
77 | }
78 | 


--------------------------------------------------------------------------------
/internal/config/share.go:
--------------------------------------------------------------------------------
 1 | package config
 2 | 
 3 | import (
 4 | 	"sync"
 5 | )
 6 | 
 7 | // SharedConfigManager 用于管理共享配置
 8 | type SharedConfigManager struct {
 9 | 	mu       sync.RWMutex
10 | 	settings map[string]interface{}
11 | }
12 | 
13 | var shareInstance *SharedConfigManager
14 | var shareOnce sync.Once
15 | 
16 | // NewSharedConfigManager 创建一个新的SharedConfigManager
17 | func NewSharedConfigManager() *SharedConfigManager {
18 | 	shareOnce.Do(func() {
19 | 		shareInstance = &SharedConfigManager{
20 | 			settings: make(map[string]interface{}),
21 | 		}
22 | 	})
23 | 	return shareInstance
24 | }
25 | 
26 | // Set 设置一个配置项的值
27 | func (scm *SharedConfigManager) Set(key string, value interface{}) {
28 | 	scm.mu.Lock()
29 | 	defer scm.mu.Unlock()
30 | 	scm.settings[key] = value
31 | }
32 | 
33 | // SetBulk 批量设置配置项的值
34 | func (scm *SharedConfigManager) SetBulk(configs map[string]interface{}) {
35 | 	scm.mu.Lock()
36 | 	defer scm.mu.Unlock()
37 | 	for key, value := range configs {
38 | 		scm.settings[key] = value
39 | 	}
40 | }
41 | 
42 | // Get 获取一个配置项的值
43 | func (scm *SharedConfigManager) Get(key string) (interface{}, bool) {
44 | 	scm.mu.RLock()
45 | 	defer scm.mu.RUnlock()
46 | 	value, exists := scm.settings[key]
47 | 	return value, exists
48 | }
49 | 
50 | // GetBulk 批量获取配置项的值
51 | func (scm *SharedConfigManager) GetBulk(keys []string) map[string]interface{} {
52 | 	scm.mu.RLock()
53 | 	defer scm.mu.RUnlock()
54 | 	results := make(map[string]interface{})
55 | 	for _, key := range keys {
56 | 		if value, exists := scm.settings[key]; exists {
57 | 			results[key] = value
58 | 		}
59 | 	}
60 | 	return results
61 | }
62 | 
63 | // Delete 删除一个配置项
64 | func (scm *SharedConfigManager) Delete(key string) {
65 | 	scm.mu.Lock()
66 | 	defer scm.mu.Unlock()
67 | 	delete(scm.settings, key)
68 | }
69 | 
70 | // GetAll 返回所有配置项的副本
71 | func (scm *SharedConfigManager) GetAll() map[string]interface{} {
72 | 	scm.mu.RLock()
73 | 	defer scm.mu.RUnlock()
74 | 	c := make(map[string]interface{})
75 | 	for key, value := range scm.settings {
76 | 		c[key] = value
77 | 	}
78 | 	return c
79 | }
80 | 


--------------------------------------------------------------------------------
/internal/config/wxapkg.go:
--------------------------------------------------------------------------------
 1 | package config
 2 | 
 3 | import (
 4 | 	"sync"
 5 | 
 6 | 	"github.com/Ackites/KillWxapkg/internal/enum"
 7 | )
 8 | 
 9 | // Parser 接口
10 | type Parser interface {
11 | 	Parse(option WxapkgInfo) error
12 | }
13 | 
14 | // WxapkgOption 微信小程序解包选项
15 | type WxapkgOption struct {
16 | 	ViewSource      string
17 | 	AppConfigSource string
18 | 	ServiceSource   string
19 | 	SetAppConfig    bool
20 | }
21 | 
22 | // WxapkgInfo 保存包的信息
23 | type WxapkgInfo struct {
24 | 	WxAppId     string
25 | 	WxapkgType  enum.WxapkgType
26 | 	SourcePath  string
27 | 	IsExtracted bool
28 | 	Option      *WxapkgOption
29 | 	Parsers     []Parser // 添加解析器列表
30 | }
31 | 
32 | // WxapkgManager 管理多个微信小程序包
33 | type WxapkgManager struct {
34 | 	Packages map[string]*WxapkgInfo
35 | }
36 | 
37 | var managerInstance *WxapkgManager
38 | var wxapkgOnce sync.Once
39 | 
40 | // GetWxapkgManager 获取单例的 WxapkgManager 实例
41 | func GetWxapkgManager() *WxapkgManager {
42 | 	wxapkgOnce.Do(func() {
43 | 		managerInstance = &WxapkgManager{
44 | 			Packages: make(map[string]*WxapkgInfo),
45 | 		}
46 | 	})
47 | 	return managerInstance
48 | }
49 | 
50 | // AddPackage 添加包信息
51 | func (manager *WxapkgManager) AddPackage(id string, info *WxapkgInfo) {
52 | 	manager.Packages[id] = info
53 | }
54 | 
55 | // GetPackage 获取包信息
56 | func (manager *WxapkgManager) GetPackage(id string) (*WxapkgInfo, bool) {
57 | 	info, exists := manager.Packages[id]
58 | 	return info, exists
59 | }
60 | 


--------------------------------------------------------------------------------
/internal/decrypt/decrypt.go:
--------------------------------------------------------------------------------
 1 | package decrypt
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 	"crypto/aes"
 6 | 	"crypto/cipher"
 7 | 	"crypto/sha1"
 8 | 	"encoding/binary"
 9 | 	"fmt"
10 | 	"os"
11 | 
12 | 	"golang.org/x/crypto/pbkdf2"
13 | )
14 | 
15 | const (
16 | 	saltStr       = "saltiest"
17 | 	ivStr         = "the iv: 16 bytes"
18 | 	fileHeader    = "V1MMWX"
19 | 	defaultXorKey = 0x66
20 | )
21 | 
22 | func DecryptWxapkg(inputFile, appID string) ([]byte, error) {
23 | 	ciphertext, err := os.ReadFile(inputFile)
24 | 	if err != nil {
25 | 		return nil, fmt.Errorf("读取文件失败: %v", err)
26 | 	}
27 | 
28 | 	// 先检查是否已解密
29 | 	reader := bytes.NewReader(ciphertext)
30 | 	var firstMark byte
31 | 	binary.Read(reader, binary.BigEndian, &firstMark)
32 | 	var info1, indexInfoLength, bodyInfoLength uint32
33 | 	binary.Read(reader, binary.BigEndian, &info1)
34 | 	binary.Read(reader, binary.BigEndian, &indexInfoLength)
35 | 	binary.Read(reader, binary.BigEndian, &bodyInfoLength)
36 | 	var lastMark byte
37 | 	binary.Read(reader, binary.BigEndian, &lastMark)
38 | 	if firstMark == 0xBE && lastMark == 0xED {
39 | 		// 已解密直接返回
40 | 		return ciphertext, nil
41 | 	}
42 | 
43 | 	if string(ciphertext[:len(fileHeader)]) != fileHeader {
44 | 		return nil, fmt.Errorf("无效的文件格式")
45 | 	}
46 | 
47 | 	key := pbkdf2.Key([]byte(appID), []byte(saltStr), 1000, 32, sha1.New)
48 | 
49 | 	block, err := aes.NewCipher(key)
50 | 	if err != nil {
51 | 		return nil, fmt.Errorf("创建AES密码块失败: %v", err)
52 | 	}
53 | 
54 | 	iv := []byte(ivStr)
55 | 	mode := cipher.NewCBCDecrypter(block, iv)
56 | 	originData := make([]byte, 1024)
57 | 	mode.CryptBlocks(originData, ciphertext[6:1024+6])
58 | 
59 | 	afData := make([]byte, len(ciphertext)-1024-6)
60 | 	var xorKey byte
61 | 	if len(appID) >= 2 {
62 | 		xorKey = appID[len(appID)-2]
63 | 	} else {
64 | 		xorKey = defaultXorKey
65 | 	}
66 | 	for i, b := range ciphertext[1024+6:] {
67 | 		afData[i] = b ^ xorKey
68 | 	}
69 | 
70 | 	originData = append(originData[:1023], afData...)
71 | 
72 | 	return originData, nil
73 | }
74 | 


--------------------------------------------------------------------------------
/internal/enum/wxapkg.go:
--------------------------------------------------------------------------------
 1 | package enum
 2 | 
 3 | // 定义微信小程序包的文件名常量
 4 | const (
 5 | 	App_Config    = "app-config.json" // 应用配置文件
 6 | 	App_Service   = "app-service.js"  // 应用服务文件
 7 | 	PageFrameHtml = "page-frame.html" // 页面框架HTML文件
 8 | 	AppWxss       = "app-wxss.js"     // 应用样式文件
 9 | 	CommonApp     = "common.app.js"   // 通用应用文件
10 | 	AppJson       = "app.json"        // 应用JSON文件
11 | 	Workers       = "workers.js"      // 工作者脚本文件
12 | 	Page_Frame    = "page-frame.js"   // 页面框架JS文件
13 | 	AppService    = "appservice.js"   // 应用服务文件
14 | 	PageFrame     = "pageframe.js"    // 页面框架JS文件
15 | 	Game          = "game.js"         // 游戏脚本文件
16 | 	GameJson      = "game.json"       // 游戏JSON文件
17 | 	SubContext    = "subContext.js"   // 子上下文脚本文件
18 | 	Plugin        = "plugin.js"       // 插件脚本文件
19 | 	PluginJson    = "plugin.json"     // 插件JSON文件
20 | )
21 | 
22 | // WxapkgType 定义微信小程序包的类型
23 | type WxapkgType string
24 | 
25 | // 定义微信小程序包的类型常量
26 | const (
27 | 	App_V1 WxapkgType = "APP_V1" // 应用类型 V1
28 | 	App_V2 WxapkgType = "APP_V2" // 应用类型 V2
29 | 	App_V3 WxapkgType = "APP_V3" // 应用类型 V3
30 | 	App_V4 WxapkgType = "APP_V4" // 应用类型 V4
31 | 
32 | 	APP_SUBPACKAGE_V1 WxapkgType = "APP_SUBPACKAGE_V1" // 应用子包类型 V1
33 | 	APP_SUBPACKAGE_V2 WxapkgType = "APP_SUBPACKAGE_V2" // 应用子包类型 V2
34 | 
35 | 	APP_PLUGIN_V1 WxapkgType = "APP_PLUGIN_V1" // 应用插件类型 V1
36 | 
37 | 	GAME            WxapkgType = "GAME"            // 游戏类型
38 | 	GAME_SUBPACKAGE WxapkgType = "GAME_SUBPACKAGE" // 游戏子包类型
39 | 	GAME_PLUGIN     WxapkgType = "GAME_PLUGIN"     // 游戏插件类型
40 | 
41 | 	FRAMEWORK WxapkgType = "FRAMEWORK" // 框架类型
42 | )
43 | 


--------------------------------------------------------------------------------
/internal/formatter/formatter.go:
--------------------------------------------------------------------------------
 1 | package formatter
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"strings"
 6 | 
 7 | 	. "github.com/Ackites/KillWxapkg/internal/config"
 8 | )
 9 | 
10 | // Formatter 是一个文件格式化器接口
11 | type Formatter interface {
12 | 	Format([]byte) ([]byte, error)
13 | }
14 | 
15 | // 注册所有格式化器
16 | var formatters = map[string]Formatter{}
17 | 
18 | // RegisterFormatter 注册文件扩展名对应的格式化器
19 | func RegisterFormatter(ext string, formatter Formatter) {
20 | 	formatters[strings.ToLower(ext)] = formatter
21 | }
22 | 
23 | // GetFormatter 返回文件扩展名对应的格式化器
24 | func GetFormatter(ext string) (Formatter, error) {
25 | 	formatter, exists := formatters[strings.ToLower(ext)]
26 | 	if !exists {
27 | 		return nil, fmt.Errorf("不支持的文件类型: %s", ext)
28 | 	}
29 | 	configManager := NewSharedConfigManager()
30 | 	if pretty, ok := configManager.Get("pretty"); ok {
31 | 		if p, o := pretty.(bool); o {
32 | 			if !p && ext == ".js" {
33 | 				return nil, fmt.Errorf("不进行美化输出")
34 | 			}
35 | 		}
36 | 	}
37 | 	return formatter, nil
38 | }
39 | 


--------------------------------------------------------------------------------
/internal/formatter/htmlformatter.go:
--------------------------------------------------------------------------------
 1 | package formatter
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 	"regexp"
 6 | 	"strings"
 7 | 
 8 | 	"github.com/yosssi/gohtml"
 9 | )
10 | 
11 | // HTMLFormatter 结构体，用于格式化 HTML 代码
12 | type HTMLFormatter struct {
13 | 	jsFormatter *JSFormatter
14 | }
15 | 
16 | // 正则表达式用于匹配 HTML 中的 <script> 标签及其内容
17 | var regScriptInHtml = regexp.MustCompile(`(?s) *<script.*?>(.*?)</script>`)
18 | 
19 | // NewHTMLFormatter 创建一个新的 HTMLFormatter 实例
20 | func NewHTMLFormatter() *HTMLFormatter {
21 | 	return &HTMLFormatter{
22 | 		jsFormatter: NewJSFormatter(),
23 | 	}
24 | }
25 | 
26 | // Format 方法用于格式化 HTML 代码
27 | // input: 原始的 HTML 代码字节切片
28 | // 返回值: 格式化后的 HTML 代码字节切片和错误信息（如果有）
29 | func (f *HTMLFormatter) Format(input []byte) ([]byte, error) {
30 | 	// 使用 gohtml 库格式化 HTML 代码
31 | 	data := gohtml.FormatBytes(bytes.TrimSpace(input))
32 | 
33 | 	// 替换 <script> 标签中的 JavaScript 代码
34 | 	data = regScriptInHtml.ReplaceAllFunc(data, func(script []byte) []byte {
35 | 		// 计算 <script> 标签前的空格数量
36 | 		space := countLeadingSpaces(script)
37 | 
38 | 		// 提取 <script> 标签中的 JavaScript 代码
39 | 		jsCode := regScriptInHtml.FindSubmatch(script)[1]
40 | 		jsStr := strings.Repeat(" ", space+2) + string(bytes.TrimSpace(jsCode))
41 | 
42 | 		// 使用 jsFormatter 格式化 JavaScript 代码
43 | 		beautifiedCode, err := f.jsFormatter.Format([]byte(jsStr))
44 | 		if err == nil {
45 | 			// 替换原始 JavaScript 代码为格式化后的代码，保持缩进一致性
46 | 			return bytes.Replace(script, jsCode, []byte("\n"+string(beautifiedCode)+"\n"+strings.Repeat(" ", space)), 1)
47 | 		}
48 | 		return script
49 | 	})
50 | 
51 | 	return data, nil
52 | }
53 | 
54 | // countLeadingSpaces 函数用于计算字节切片前导空格的数量
55 | func countLeadingSpaces(data []byte) int {
56 | 	result := 0
57 | 	for _, c := range data {
58 | 		if c == ' ' {
59 | 			result++
60 | 		} else {
61 | 			break
62 | 		}
63 | 	}
64 | 	return result
65 | }
66 | 
67 | func init() {
68 | 	RegisterFormatter(".html", NewHTMLFormatter())
69 | }
70 | 


--------------------------------------------------------------------------------
/internal/formatter/jsformatter.go:
--------------------------------------------------------------------------------
 1 | package formatter
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 
 6 | 	"github.com/ditashi/jsbeautifier-go/jsbeautifier"
 7 | )
 8 | 
 9 | // JSFormatter 结构体，用于格式化 JavaScript 代码
10 | type JSFormatter struct{}
11 | 
12 | // NewJSFormatter 创建一个新的 JSFormatter 实例
13 | func NewJSFormatter() *JSFormatter {
14 | 	return &JSFormatter{}
15 | }
16 | 
17 | // Format 方法用于格式化 JavaScript 代码
18 | // input: 原始的 JavaScript 代码字节切片
19 | // 返回值: 格式化后的 JavaScript 代码字节切片和错误信息（如果有）
20 | func (f *JSFormatter) Format(input []byte) ([]byte, error) {
21 | 	// 将输入数据转换为字符串，并去除前后空白
22 | 	code := string(bytes.TrimSpace(input))
23 | 
24 | 	// 使用 jsbeautifier 库格式化 JavaScript 代码
25 | 	beautifiedCode, err := jsbeautifier.Beautify(&code, jsbeautifier.DefaultOptions())
26 | 	if err != nil {
27 | 		return input, err
28 | 	}
29 | 
30 | 	return []byte(beautifiedCode), nil
31 | }
32 | 
33 | func init() {
34 | 	RegisterFormatter(".js", NewJSFormatter())
35 | }
36 | 


--------------------------------------------------------------------------------
/internal/formatter/jsonformatter.go:
--------------------------------------------------------------------------------
 1 | package formatter
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 	"encoding/json"
 6 | )
 7 | 
 8 | // JSONFormatter 格式化 JSON 文件
 9 | type JSONFormatter struct{}
10 | 
11 | func NewJSONFormatter() *JSONFormatter {
12 | 	return &JSONFormatter{}
13 | }
14 | 
15 | func (f *JSONFormatter) Format(input []byte) ([]byte, error) {
16 | 	var prettyJSON bytes.Buffer
17 | 	err := json.Indent(&prettyJSON, input, "", "    ")
18 | 	if err != nil {
19 | 		return nil, err
20 | 	}
21 | 	return prettyJSON.Bytes(), nil
22 | }
23 | 
24 | func init() {
25 | 	RegisterFormatter(".json", NewJSONFormatter())
26 | }
27 | 


--------------------------------------------------------------------------------
/internal/hook/embed_other.go:
--------------------------------------------------------------------------------
1 | //go:build !windows
2 | // +build !windows
3 | 
4 | package hook
5 | 
6 | // 在非 Windows 平台下不嵌入任何内容
7 | var embeddedExe []byte
8 | 


--------------------------------------------------------------------------------
/internal/hook/embed_windows.go:
--------------------------------------------------------------------------------
 1 | //go:build windows
 2 | // +build windows
 3 | 
 4 | package hook
 5 | 
 6 | import (
 7 | 	_ "embed"
 8 | )
 9 | 
10 | //go:embed win.exe
11 | var embeddedExe []byte
12 | 


--------------------------------------------------------------------------------
/internal/hook/hook.go:
--------------------------------------------------------------------------------
 1 | package hook
 2 | 
 3 | import (
 4 | 	_ "embed"
 5 | 	"fmt"
 6 | 	"io"
 7 | 	"os"
 8 | 	"os/exec"
 9 | 	"path/filepath"
10 | 	"runtime"
11 | 	"strings"
12 | 
13 | 	"golang.org/x/text/encoding/simplifiedchinese"
14 | 	"golang.org/x/text/transform"
15 | )
16 | 
17 | func Hook() {
18 | 	// 检查是否在 Windows 环境中运行
19 | 	if runtime.GOOS != "windows" {
20 | 		fmt.Println("Not running on Windows. Exiting hook.")
21 | 		return
22 | 	}
23 | 
24 | 	// 创建临时目录
25 | 	tempDir, err := os.MkdirTemp("", "KillwxapkgHook")
26 | 	if err != nil {
27 | 		fmt.Printf("Failed to create temporary directory: %v\n", err)
28 | 		return
29 | 	}
30 | 	defer func(path string) {
31 | 		err := os.RemoveAll(path)
32 | 		if err != nil {
33 | 			fmt.Printf("Failed to remove temporary directory: %v\n", err)
34 | 		}
35 | 	}(tempDir) // 确保在程序退出时删除临时目录
36 | 
37 | 	exePath := filepath.Join(tempDir, "win.exe")
38 | 
39 | 	// 将嵌入的 exe 文件写入到临时目录
40 | 	err = os.WriteFile(exePath, embeddedExe, 0755)
41 | 	if err != nil {
42 | 		fmt.Printf("Failed to write embedded exe file: %v\n", err)
43 | 		return
44 | 	}
45 | 
46 | 	// 执行临时目录中的 exe 文件
47 | 	cmd := exec.Command(exePath, "-x")
48 | 	output, err := cmd.CombinedOutput()
49 | 	if err != nil {
50 | 		fmt.Printf("Failed to execute embedded exe file: %v\n", err)
51 | 		return
52 | 	}
53 | 
54 | 	// 如果输出是 GBK 编码，进行转换
55 | 	decoder := transform.NewReader(strings.NewReader(string(output)), simplifiedchinese.GBK.NewDecoder())
56 | 	decodedOutput, err := io.ReadAll(decoder)
57 | 	if err != nil {
58 | 		fmt.Printf("Failed to decode output: %v\n", err)
59 | 		return
60 | 	}
61 | 
62 | 	// 打印 exe 文件的输出
63 | 	fmt.Printf("%s\n", decodedOutput)
64 | }
65 | 


--------------------------------------------------------------------------------
/internal/hook/win.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/iamHuFei/KillWxapkg-Auto/30a26be50ce6bd3e92cad883c45312a9a63beef8/internal/hook/win.exe


--------------------------------------------------------------------------------
/internal/key/800+ 规则.yml:
--------------------------------------------------------------------------------
   1 | rules:
   2 |   - id: AWS ARN secret 
   3 |     enabled: true
   4 |     pattern: arn:aws:[a-z0-9-]+:[a-z]{2}-[a-z]+-[0-9]+:[0-9]+:.+
   5 |   - id: AWS Access Key ID Value secret 
   6 |     enabled: true
   7 |     pattern: (A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}
   8 |   - id: AWS AppSync GraphQL Key secret 
   9 |     enabled: true
  10 |     pattern: da2-[a-z0-9]{26}
  11 |   - id: AWS MWS key secret 
  12 |     enabled: true
  13 |     pattern: amzn\.mws\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}
  14 |   - id: AWS S3 Bucket secret 
  15 |     enabled: true
  16 |     pattern: s3://[0-9a-z._/-]+
  17 |   - id: AWS cred file info secret 
  18 |     enabled: true
  19 |     pattern: (aws_access_key_id|aws_secret_access_key)
  20 |   - id: Abbysale secret 
  21 |     enabled: true
  22 |     pattern: (?:abbysale).{0,40}\b([a-z0-9A-Z]{40})\b
  23 |   - id: Abstract secret 
  24 |     enabled: true
  25 |     pattern: (?:abstract).{0,40}\b([0-9a-z]{32})\b
  26 |   - id: Abuseipdb secret 
  27 |     enabled: true
  28 |     pattern: (?:abuseipdb).{0,40}\b([a-z0-9]{80})\b
  29 |   - id: Accuweather secret 
  30 |     enabled: true
  31 |     pattern: (?:accuweather).{0,40}([a-z0-9A-Z\%]{35})\b
  32 |   - id: Adafruitio secret 
  33 |     enabled: true
  34 |     pattern: \b(aio\_[a-zA-Z0-9]{28})\b
  35 |   - id: Adobeio - 1 secret 
  36 |     enabled: true
  37 |     pattern: (?:adobe).{0,40}\b([a-z0-9]{32})\b
  38 |   - id: Adzuna - 1 secret 
  39 |     enabled: true
  40 |     pattern: (?:adzuna).{0,40}\b([a-z0-9]{8})\b
  41 |   - id: Adzuna - 2 secret 
  42 |     enabled: true
  43 |     pattern: (?:adzuna).{0,40}\b([a-z0-9]{32})\b
  44 |   - id: Aeroworkflow - 1 secret 
  45 |     enabled: true
  46 |     pattern: (?:aeroworkflow).{0,40}\b([0-9]{1,})\b
  47 |   - id: Aeroworkflow - 2 secret 
  48 |     enabled: true
  49 |     pattern: (?:aeroworkflow).{0,40}\b([a-zA-Z0-9^!]{20})\b
  50 |   - id: Agora secret 
  51 |     enabled: true
  52 |     pattern: (?:agora).{0,40}\b([a-z0-9]{32})\b
  53 |   - id: Airbrakeprojectkey - 1 secret 
  54 |     enabled: true
  55 |     pattern: (?:airbrake).{0,40}\b([0-9]{6})\b
  56 |   - id: Airbrakeprojectkey - 2 secret 
  57 |     enabled: true
  58 |     pattern: (?:airbrake).{0,40}\b([a-zA-Z-0-9]{32})\b
  59 |   - id: Airbrakeuserkey secret 
  60 |     enabled: true
  61 |     pattern: (?:airbrake).{0,40}\b([a-zA-Z-0-9]{40})\b
  62 |   - id: Airship secret 
  63 |     enabled: true
  64 |     pattern: (?:airship).{0,40}\b([0-9Aa-zA-Z]{91})\b
  65 |   - id: Airvisual secret 
  66 |     enabled: true
  67 |     pattern: (?:airvisual).{0,40}\b([a-z0-9-]{36})\b
  68 |   - id: Alconost secret 
  69 |     enabled: true
  70 |     pattern: (?:alconost).{0,40}\b([0-9Aa-z]{32})\b
  71 |   - id: Alegra - 1 secret 
  72 |     enabled: true
  73 |     pattern: (?:alegra).{0,40}\b([a-z0-9-]{20})\b
  74 |   - id: Alegra - 2 secret 
  75 |     enabled: true
  76 |     pattern: (?:alegra).{0,40}\b([a-zA-Z0-9.-@]{25,30})\b
  77 |   - id: Aletheiaapi secret 
  78 |     enabled: true
  79 |     pattern: (?:aletheiaapi).{0,40}\b([A-Z0-9]{32})\b
  80 |   - id: Alibaba - 2 secret 
  81 |     enabled: true
  82 |     pattern: \b(LTAI[a-zA-Z0-9]{17,21})
  83 |   - id: Alienvault secret 
  84 |     enabled: true
  85 |     pattern: (?:alienvault).{0,40}\b([a-z0-9]{64})\b
  86 |   - id: Allsports secret 
  87 |     enabled: true
  88 |     pattern: (?:allsports).{0,40}\b([0-9a-z]{64})\b
  89 |   - id: Amadeus - 1 secret 
  90 |     enabled: true
  91 |     pattern: (?:amadeus).{0,40}\b([0-9A-Za-z]{32})\b
  92 |   - id: Amadeus - 2 secret 
  93 |     enabled: true
  94 |     pattern: (?:amadeus).{0,40}\b([0-9A-Za-z]{16})\b
  95 |   - id: Ambee secret 
  96 |     enabled: true
  97 |     pattern: (?:ambee).{0,40}\b([0-9a-f]{64})\b
  98 |   - id: Amplitudeapikey secret 
  99 |     enabled: true
 100 |     pattern: (?:amplitude).{0,40}\b([a-f0-9]{32})
 101 |   - id: Apacta secret 
 102 |     enabled: true
 103 |     pattern: (?:apacta).{0,40}\b([a-z0-9-]{36})\b
 104 |   - id: Api2cart secret 
 105 |     enabled: true
 106 |     pattern: (?:api2cart).{0,40}\b([0-9a-f]{32})\b
 107 |   - id: Apideck - 1 secret 
 108 |     enabled: true
 109 |     pattern: \b(sk_live_[a-z0-9A-Z-]{93})\b
 110 |   - id: Apideck - 2 secret 
 111 |     enabled: true
 112 |     pattern: (?:apideck).{0,40}\b([a-z0-9A-Z]{40})\b
 113 |   - id: Apiflash - 1 secret 
 114 |     enabled: true
 115 |     pattern: (?:apiflash).{0,40}\b([a-z0-9]{32})\b
 116 |   - id: Apiflash - 2 secret 
 117 |     enabled: true
 118 |     pattern: (?:apiflash).{0,40}\b([a-zA-Z0-9\S]{21,30})\b
 119 |   - id: Apifonica secret 
 120 |     enabled: true
 121 |     pattern: (?:apifonica).{0,40}\b([0-9a-z]{11}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
 122 |   - id: Apify secret 
 123 |     enabled: true
 124 |     pattern: \b(apify\_api\_[a-zA-Z-0-9]{36})\b
 125 |   - id: Apimatic - 1 secret 
 126 |     enabled: true
 127 |     pattern: (?:apimatic).{0,40}\b([a-z0-9-\S]{8,32})\b
 128 |   - id: Apimatic - 2 secret 
 129 |     enabled: true
 130 |     pattern: (?:apimatic).{0,40}\b([a-zA-Z0-9]{3,20}@[a-zA-Z0-9]{2,12}.[a-zA-Z0-9]{2,5})\b
 131 |   - id: Apiscience secret 
 132 |     enabled: true
 133 |     pattern: (?:apiscience).{0,40}\b([a-bA-Z0-9\S]{22})\b
 134 |   - id: Apollo secret 
 135 |     enabled: true
 136 |     pattern: (?:apollo).{0,40}\b([a-zA-Z0-9]{22})\b
 137 |   - id: Appcues - 1 secret 
 138 |     enabled: true
 139 |     pattern: (?:appcues).{0,40}\b([0-9]{5})\b
 140 |   - id: Appcues - 2 secret 
 141 |     enabled: true
 142 |     pattern: (?:appcues).{0,40}\b([a-z0-9-]{36})\b
 143 |   - id: Appcues - 3 secret 
 144 |     enabled: true
 145 |     pattern: (?:appcues).{0,40}\b([a-z0-9-]{39})\b
 146 |   - id: Appfollow secret 
 147 |     enabled: true
 148 |     pattern: (?:appfollow).{0,40}\b([0-9A-Za-z]{20})\b
 149 |   - id: Appsynergy secret 
 150 |     enabled: true
 151 |     pattern: (?:appsynergy).{0,40}\b([a-z0-9]{64})\b
 152 |   - id: Apptivo - 1 secret 
 153 |     enabled: true
 154 |     pattern: (?:apptivo).{0,40}\b([a-z0-9-]{36})\b
 155 |   - id: Apptivo - 2 secret 
 156 |     enabled: true
 157 |     pattern: (?:apptivo).{0,40}\b([a-zA-Z0-9-]{32})\b
 158 |   - id: Artifactory - 2 secret 
 159 |     enabled: true
 160 |     pattern: \b([A-Za-z0-9](?:[A-Za-z0-9\-]{0,61}[A-Za-z0-9])\.jfrog\.io)
 161 |   - id: Artsy - 1 secret 
 162 |     enabled: true
 163 |     pattern: (?:artsy).{0,40}\b([0-9a-zA-Z]{20})\b
 164 |   - id: Artsy - 2 secret 
 165 |     enabled: true
 166 |     pattern: (?:artsy).{0,40}\b([0-9a-zA-Z]{32})\b
 167 |   - id: Asanaoauth secret 
 168 |     enabled: true
 169 |     pattern: (?:asana).{0,40}\b([a-z\/:0-9]{51})\b
 170 |   - id: Asanapersonalaccesstoken secret 
 171 |     enabled: true
 172 |     pattern: (?:asana).{0,40}\b([0-9]{1,}\/[0-9]{16,}:[A-Za-z0-9]{32,})\b
 173 |   - id: Assemblyai secret 
 174 |     enabled: true
 175 |     pattern: (?:assemblyai).{0,40}\b([0-9a-z]{32})\b
 176 |   - id: Asymmetric Private Key secret 
 177 |     enabled: true
 178 |     pattern: -----BEGIN ((EC|PGP|DSA|RSA|OPENSSH) )?PRIVATE KEY( BLOCK)?-----
 179 |   - id: Audd secret 
 180 |     enabled: true
 181 |     pattern: (?:audd).{0,40}\b([a-z0-9-]{32})\b
 182 |   - id: Auth0managementapitoken secret 
 183 |     enabled: true
 184 |     pattern: (?:auth0).{0,40}\b(ey[a-zA-Z0-9._-]+)\b
 185 |   - id: Autodesk - 1 secret 
 186 |     enabled: true
 187 |     pattern: (?:autodesk).{0,40}\b([0-9A-Za-z]{32})\b
 188 |   - id: Autodesk - 2 secret 
 189 |     enabled: true
 190 |     pattern: (?:autodesk).{0,40}\b([0-9A-Za-z]{16})\b
 191 |   - id: Autoklose secret 
 192 |     enabled: true
 193 |     pattern: (?:autoklose).{0,40}\b([a-zA-Z0-9-]{32})\b
 194 |   - id: Autopilot secret 
 195 |     enabled: true
 196 |     pattern: (?:autopilot).{0,40}\b([0-9a-f]{32})\b
 197 |   - id: Avazapersonalaccesstoken secret 
 198 |     enabled: true
 199 |     pattern: (?:avaza).{0,40}\b([0-9]+-[0-9a-f]{40})\b
 200 |   - id: Aviationstack secret 
 201 |     enabled: true
 202 |     pattern: (?:aviationstack).{0,40}\b([a-z0-9]{32})\b
 203 |   - id: Aws - 1 secret 
 204 |     enabled: true
 205 |     pattern: \b((?:AKIA|ABIA|ACCA|ASIA)[0-9A-Z]{16})\b
 206 |   - id: Axonaut secret 
 207 |     enabled: true
 208 |     pattern: (?:axonaut).{0,40}\b([a-z0-9]{32})\b
 209 |   - id: Aylien - 1 secret 
 210 |     enabled: true
 211 |     pattern: (?:aylien).{0,40}\b([a-z0-9]{32})\b
 212 |   - id: Aylien - 2 secret 
 213 |     enabled: true
 214 |     pattern: (?:aylien).{0,40}\b([a-z0-9]{8})\b
 215 |   - id: Ayrshare secret 
 216 |     enabled: true
 217 |     pattern: (?:ayrshare).{0,40}\b([A-Z]{7}-[A-Z0-9]{7}-[A-Z0-9]{7}-[A-Z0-9]{7})\b
 218 |   - id: Bannerbear secret 
 219 |     enabled: true
 220 |     pattern: (?:bannerbear).{0,40}\b([0-9a-zA-Z]{22}tt)\b
 221 |   - id: Baremetrics secret 
 222 |     enabled: true
 223 |     pattern: (?:baremetrics).{0,40}\b([a-zA-Z0-9_]{25})\b
 224 |   - id: Baseapiio secret 
 225 |     enabled: true
 226 |     pattern: (?:baseapi|base-api).{0,40}\b([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b
 227 |   - id: Beamer secret 
 228 |     enabled: true
 229 |     pattern: (?:beamer).{0,40}\b([a-zA-Z0-9_+/]{45}=)
 230 |   - id: Beebole secret 
 231 |     enabled: true
 232 |     pattern: (?:beebole).{0,40}\b([0-9a-z]{40})\b
 233 |   - id: Besttime secret 
 234 |     enabled: true
 235 |     pattern: (?:besttime).{0,40}\b([0-9A-Za-z_]{36})\b
 236 |   - id: Billomat - 1 secret 
 237 |     enabled: true
 238 |     pattern: (?:billomat).{0,40}\b([0-9a-z]{1,})\b
 239 |   - id: Billomat - 2 secret 
 240 |     enabled: true
 241 |     pattern: (?:billomat).{0,40}\b([0-9a-z]{32})\b
 242 |   - id: Bitbar secret 
 243 |     enabled: true
 244 |     pattern: (?:bitbar).{0,40}\b([0-9a-z]{32})\b
 245 |   - id: Bitcoinaverage secret 
 246 |     enabled: true
 247 |     pattern: (?:bitcoinaverage).{0,40}\b([a-zA-Z0-9]{43})\b
 248 |   - id: Bitfinex secret 
 249 |     enabled: true
 250 |     pattern: (?:bitfinex).{0,40}\b([A-Za-z0-9_-]{43})\b
 251 |   - id: Bitly Secret Key secret 
 252 |     enabled: true
 253 |     pattern: R_[0-9a-f]{32}
 254 |   - id: Bitlyaccesstoken secret 
 255 |     enabled: true
 256 |     pattern: (?:bitly).{0,40}\b([a-zA-Z-0-9]{40})\b
 257 |   - id: Bitmex - 1 secret 
 258 |     enabled: true
 259 |     pattern: (?:bitmex).{0,40}([ \r\n]{1}[0-9a-zA-Z\-\_]{24}[ \r\n]{1})
 260 |   - id: Bitmex - 2 secret 
 261 |     enabled: true
 262 |     pattern: (?:bitmex).{0,40}([ \r\n]{1}[0-9a-zA-Z\-\_]{48}[ \r\n]{1})
 263 |   - id: Blablabus secret 
 264 |     enabled: true
 265 |     pattern: (?:blablabus).{0,40}\b([0-9A-Za-z]{22})\b
 266 |   - id: Blazemeter secret 
 267 |     enabled: true
 268 |     pattern: (?:blazemeter|runscope).{0,40}\b([0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
 269 |   - id: Blitapp secret 
 270 |     enabled: true
 271 |     pattern: (?:blitapp).{0,40}\b([a-zA-Z0-9_-]{39})\b
 272 |   - id: Bombbomb secret 
 273 |     enabled: true
 274 |     pattern: (?:bombbomb).{0,40}\b([a-zA-Z0-9-._]{704})\b
 275 |   - id: Boostnote secret 
 276 |     enabled: true
 277 |     pattern: (?:boostnote).{0,40}\b([0-9a-f]{64})\b
 278 |   - id: Borgbase secret 
 279 |     enabled: true
 280 |     pattern: (?:borgbase).{0,40}\b([a-zA-Z0-9/_.-]{148,152})\b
 281 |   - id: Braintree API Key secret 
 282 |     enabled: true
 283 |     pattern: access_token$production$[0-9a-z]{16}$[0-9a-f]{32}
 284 |   - id: Brandfetch secret 
 285 |     enabled: true
 286 |     pattern: (?:brandfetch).{0,40}\b([0-9A-Za-z]{40})\b
 287 |   - id: Browshot secret 
 288 |     enabled: true
 289 |     pattern: (?:browshot).{0,40}\b([a-zA-Z-0-9]{28})\b
 290 |   - id: Buddyns secret 
 291 |     enabled: true
 292 |     pattern: (?:buddyns).{0,40}\b([0-9a-z]{40})\b
 293 |   - id: Bugherd secret 
 294 |     enabled: true
 295 |     pattern: (?:bugherd).{0,40}\b([0-9a-z]{22})\b
 296 |   - id: Bugsnag secret 
 297 |     enabled: true
 298 |     pattern: (?:bugsnag).{0,40}\b([0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
 299 |   - id: Buildkite secret 
 300 |     enabled: true
 301 |     pattern: (?:buildkite).{0,40}\b([a-z0-9]{40})\b
 302 |   - id: Bulbul secret 
 303 |     enabled: true
 304 |     pattern: (?:bulbul).{0,40}\b([a-z0-9]{32})\b
 305 |   - id: Buttercms secret 
 306 |     enabled: true
 307 |     pattern: (?:buttercms).{0,40}\b([a-z0-9]{40})\b
 308 |   - id: Caflou secret 
 309 |     enabled: true
 310 |     pattern: (?:caflou).{0,40}\b([a-bA-Z0-9\S]{155})\b
 311 |   - id: Calendarific secret 
 312 |     enabled: true
 313 |     pattern: (?:calendarific).{0,40}\b([a-z0-9]{40})\b
 314 |   - id: Calendlyapikey secret 
 315 |     enabled: true
 316 |     pattern: (?:calendly).{0,40}\b([a-zA-Z-0-9]{20}.[a-zA-Z-0-9]{171}.[a-zA-Z-0-9_]{43})\b
 317 |   - id: Calorieninja secret 
 318 |     enabled: true
 319 |     pattern: (?:calorieninja).{0,40}\b([0-9A-Za-z]{40})\b
 320 |   - id: Campayn secret 
 321 |     enabled: true
 322 |     pattern: (?:campayn).{0,40}\b([a-z0-9]{64})\b
 323 |   - id: Cannyio secret 
 324 |     enabled: true
 325 |     pattern: (?:canny).{0,40}\b([a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[0-9]{4}-[a-z0-9]{12})\b
 326 |   - id: Capsulecrm secret 
 327 |     enabled: true
 328 |     pattern: (?:capsulecrm).{0,40}\b([a-zA-Z0-9-._+=]{64})\b
 329 |   - id: Captaindata - 1 secret 
 330 |     enabled: true
 331 |     pattern: (?:captaindata).{0,40}\b([0-9a-f]{8}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{12})\b
 332 |   - id: Captaindata - 2 secret 
 333 |     enabled: true
 334 |     pattern: (?:captaindata).{0,40}\b([0-9a-f]{64})\b
 335 |   - id: Carboninterface secret 
 336 |     enabled: true
 337 |     pattern: (?:carboninterface).{0,40}\b([a-zA-Z0-9]{21})\b
 338 |   - id: Cashboard - 1 secret 
 339 |     enabled: true
 340 |     pattern: (?:cashboard).{0,40}\b([0-9A-Z]{3}-[0-9A-Z]{3}-[0-9A-Z]{3}-[0-9A-Z]{3})\b
 341 |   - id: Cashboard - 2 secret 
 342 |     enabled: true
 343 |     pattern: (?:cashboard).{0,40}\b([0-9a-z]{1,})\b
 344 |   - id: Caspio - 1 secret 
 345 |     enabled: true
 346 |     pattern: (?:caspio).{0,40}\b([a-z0-9]{8})\b
 347 |   - id: Caspio - 2 secret 
 348 |     enabled: true
 349 |     pattern: (?:caspio).{0,40}\b([a-z0-9]{50})\b
 350 |   - id: Censys - 1 secret 
 351 |     enabled: true
 352 |     pattern: (?:censys).{0,40}\b([a-zA-Z0-9]{32})\b
 353 |   - id: Censys - 2 secret 
 354 |     enabled: true
 355 |     pattern: (?:censys).{0,40}\b([a-z0-9-]{36})\b
 356 |   - id: Centralstationcrm secret 
 357 |     enabled: true
 358 |     pattern: (?:centralstation).{0,40}\b([a-z0-9]{30})\b
 359 |   - id: Cexio - 1 secret 
 360 |     enabled: true
 361 |     pattern: (?:cexio|cex.io).{0,40}\b([a-z]{2}[0-9]{9})\b
 362 |   - id: Cexio - 2 secret 
 363 |     enabled: true
 364 |     pattern: (?:cexio|cex.io).{0,40}\b([0-9A-Za-z]{24,27})\b
 365 |   - id: Chatbot secret 
 366 |     enabled: true
 367 |     pattern: (?:chatbot).{0,40}\b([a-zA-Z0-9_]{32})\b
 368 |   - id: Chatfule secret 
 369 |     enabled: true
 370 |     pattern: (?:chatfuel).{0,40}\b([a-zA-Z0-9]{128})\b
 371 |   - id: Checio secret 
 372 |     enabled: true
 373 |     pattern: (?:checio).{0,40}\b(pk_[a-z0-9]{45})\b
 374 |   - id: Checklyhq secret 
 375 |     enabled: true
 376 |     pattern: (?:checklyhq).{0,40}\b([a-z0-9]{32})\b
 377 |   - id: Checkout - 1 secret 
 378 |     enabled: true
 379 |     pattern: (?:checkout).{0,40}\b((sk_|sk_test_)[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})\b
 380 |   - id: Checkout - 2 secret 
 381 |     enabled: true
 382 |     pattern: (?:checkout).{0,40}\b(cus_[0-9a-zA-Z]{26})\b
 383 |   - id: Checkvist - 1 secret 
 384 |     enabled: true
 385 |     pattern: (?:checkvist).{0,40}\b([\w\.-]+@[\w-]+\.[\w\.-]{2,5})\b
 386 |   - id: Checkvist - 2 secret 
 387 |     enabled: true
 388 |     pattern: (?:checkvist).{0,40}\b([0-9a-zA-Z]{14})\b
 389 |   - id: Cicero secret 
 390 |     enabled: true
 391 |     pattern: (?:cicero).{0,40}\b([0-9a-z]{40})\b
 392 |   - id: Clearbit secret 
 393 |     enabled: true
 394 |     pattern: (?:clearbit).{0,40}\b([0-9a-z_]{35})\b
 395 |   - id: Clickhelp - 1 secret 
 396 |     enabled: true
 397 |     pattern: \b([0-9A-Za-z]{3,20}.try.clickhelp.co)\b
 398 |   - id: Clickhelp - 2 secret 
 399 |     enabled: true
 400 |     pattern: (?:clickhelp).{0,40}\b([0-9A-Za-z]{24})\b
 401 |   - id: Clicksendsms - 2 secret 
 402 |     enabled: true
 403 |     pattern: (?:sms).{0,40}\b([a-zA-Z0-9]{3,20}@[a-zA-Z0-9]{2,12}.[a-zA-Z0-9]{2,5})\b
 404 |   - id: Clickuppersonaltoken secret 
 405 |     enabled: true
 406 |     pattern: (?:clickup).{0,40}\b(pk_[0-9]{8}_[0-9A-Z]{32})\b
 407 |   - id: Cliengo secret 
 408 |     enabled: true
 409 |     pattern: (?:cliengo).{0,40}\b([0-9a-f]{8}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{4}\-[0-9a-f]{12})\b
 410 |   - id: Clinchpad secret 
 411 |     enabled: true
 412 |     pattern: (?:clinchpad).{0,40}\b([a-z0-9]{32})\b
 413 |   - id: Clockify secret 
 414 |     enabled: true
 415 |     pattern: (?:clockify).{0,40}\b([a-zA-Z0-9]{48})\b
 416 |   - id: Clockworksms - 1 secret 
 417 |     enabled: true
 418 |     pattern: (?:clockwork|textanywhere).{0,40}\b([0-9a-zA-Z]{24})\b
 419 |   - id: Clockworksms - 2 secret 
 420 |     enabled: true
 421 |     pattern: (?:clockwork|textanywhere).{0,40}\b([0-9]{5})\b
 422 |   - id: Closecrm secret 
 423 |     enabled: true
 424 |     pattern: \b(api_[a-z0-9A-Z.]{45})\b
 425 |   - id: Cloudelements - 1 secret 
 426 |     enabled: true
 427 |     pattern: (?:cloudelements).{0,40}\b([a-z0-9]{32})\b
 428 |   - id: Cloudelements - 2 secret 
 429 |     enabled: true
 430 |     pattern: (?:cloudelements).{0,40}\b([a-zA-Z0-9]{43})\b
 431 |   - id: Cloudflarecakey secret 
 432 |     enabled: true
 433 |     pattern: (?:cloudflare).{0,40}\b(v[A-Za-z0-9._-]{173,})\b
 434 |   - id: Cloudimage secret 
 435 |     enabled: true
 436 |     pattern: (?:cloudimage).{0,40}\b([a-z0-9_]{30})\b
 437 |   - id: Cloudinary Credentials secret 
 438 |     enabled: true
 439 |     pattern: cloudinary://[0-9]+:[A-Za-z0-9\-_\.]+@[A-Za-z0-9\-_\.]+
 440 |   - id: Cloudmersive secret 
 441 |     enabled: true
 442 |     pattern: (?:cloudmersive).{0,40}\b([a-z0-9-]{36})\b
 443 |   - id: Cloudplan secret 
 444 |     enabled: true
 445 |     pattern: (?:cloudplan).{0,40}\b([A-Z0-9-]{32})\b
 446 |   - id: Cloverly secret 
 447 |     enabled: true
 448 |     pattern: (?:cloverly).{0,40}\b([a-z0-9:_]{28})\b
 449 |   - id: Cloze - 1 secret 
 450 |     enabled: true
 451 |     pattern: (?:cloze).{0,40}\b([0-9a-f]{32})\b
 452 |   - id: Cloze - 2 secret 
 453 |     enabled: true
 454 |     pattern: (?:cloze).{0,40}\b([\w\.-]+@[\w-]+\.[\w\.-]{2,5})\b
 455 |   - id: Clustdoc secret 
 456 |     enabled: true
 457 |     pattern: (?:clustdoc).{0,40}\b([0-9a-zA-Z]{60})\b
 458 |   - id: Codacy secret 
 459 |     enabled: true
 460 |     pattern: (?:codacy).{0,40}\b([0-9A-Za-z]{20})\b
 461 |   - id: Coinapi secret 
 462 |     enabled: true
 463 |     pattern: (?:coinapi).{0,40}\b([A-Z0-9-]{36})\b
 464 |   - id: Coinbase secret 
 465 |     enabled: true
 466 |     pattern: (?:coinbase).{0,40}\b([a-zA-Z-0-9]{64})\b
 467 |   - id: Coinlayer secret 
 468 |     enabled: true
 469 |     pattern: (?:coinlayer).{0,40}\b([a-z0-9]{32})\b
 470 |   - id: Coinlib secret 
 471 |     enabled: true
 472 |     pattern: (?:coinlib).{0,40}\b([a-z0-9]{16})\b
 473 |   - id: Column secret 
 474 |     enabled: true
 475 |     pattern: (?:column).{0,40}\b((?:test|live)_[a-zA-Z0-9]{27})\b
 476 |   - id: Commercejs secret 
 477 |     enabled: true
 478 |     pattern: (?:commercejs).{0,40}\b([a-z0-9_]{48})\b
 479 |   - id: Commodities secret 
 480 |     enabled: true
 481 |     pattern: (?:commodities).{0,40}\b([a-zA-Z0-9]{60})\b
 482 |   - id: Companyhub - 1 secret 
 483 |     enabled: true
 484 |     pattern: (?:companyhub).{0,40}\b([0-9a-zA-Z]{20})\b
 485 |   - id: Companyhub - 2 secret 
 486 |     enabled: true
 487 |     pattern: (?:companyhub).{0,40}\b([a-zA-Z0-9$%^=-]{4,32})\b
 488 |   - id: Confluent - 1 secret 
 489 |     enabled: true
 490 |     pattern: (?:confluent).{0,40}\b([a-zA-Z-0-9]{16})\b
 491 |   - id: Confluent - 2 secret 
 492 |     enabled: true
 493 |     pattern: (?:confluent).{0,40}\b([a-zA-Z-0-9]{64})\b
 494 |   - id: Convertkit secret 
 495 |     enabled: true
 496 |     pattern: (?:convertkit).{0,40}\b([a-z0-9A-Z_]{22})\b
 497 |   - id: Convier secret 
 498 |     enabled: true
 499 |     pattern: (?:convier).{0,40}\b([0-9]{2}\|[a-zA-Z0-9]{40})\b
 500 |   - id: Copper - 2 secret 
 501 |     enabled: true
 502 |     pattern: (?:copper).{0,40}\b([a-z0-9]{32})\b
 503 |   - id: Countrylayer secret 
 504 |     enabled: true
 505 |     pattern: (?:countrylayer).{0,40}\b([a-z0-9]{32})\b
 506 |   - id: Courier secret 
 507 |     enabled: true
 508 |     pattern: (?:courier).{0,40}\b(pk\_[a-zA-Z0-9]{1,}\_[a-zA-Z0-9]{28})\b
 509 |   - id: Coveralls secret 
 510 |     enabled: true
 511 |     pattern: (?:coveralls).{0,40}\b([a-zA-Z0-9-]{37})\b
 512 |   - id: Crowdin secret 
 513 |     enabled: true
 514 |     pattern: (?:crowdin).{0,40}\b([0-9A-Za-z]{80})\b
 515 |   - id: Cryptocompare secret 
 516 |     enabled: true
 517 |     pattern: (?:cryptocompare).{0,40}\b([a-z-0-9]{64})\b
 518 |   - id: Currencycloud - 1 secret 
 519 |     enabled: true
 520 |     pattern: (?:currencycloud).{0,40}\b([0-9a-z]{64})\b
 521 |   - id: Currencyfreaks secret 
 522 |     enabled: true
 523 |     pattern: (?:currencyfreaks).{0,40}\b([0-9a-z]{32})\b
 524 |   - id: Currencylayer secret 
 525 |     enabled: true
 526 |     pattern: (?:currencylayer).{0,40}\b([a-z0-9]{32})\b
 527 |   - id: Currencyscoop secret 
 528 |     enabled: true
 529 |     pattern: (?:currencyscoop).{0,40}\b([a-z0-9]{32})\b
 530 |   - id: Currentsapi secret 
 531 |     enabled: true
 532 |     pattern: (?:currentsapi).{0,40}\b([a-zA-Z0-9\S]{48})\b
 533 |   - id: Customerguru - 1 secret 
 534 |     enabled: true
 535 |     pattern: (?:guru).{0,40}\b([a-z0-9A-Z]{50})\b
 536 |   - id: Customerguru - 2 secret 
 537 |     enabled: true
 538 |     pattern: (?:guru).{0,40}\b([a-z0-9A-Z]{30})\b
 539 |   - id: D7network secret 
 540 |     enabled: true
 541 |     pattern: (?:d7network).{0,40}\b([a-zA-Z0-9\W\S]{23}\=)
 542 |   - id: Dailyco secret 
 543 |     enabled: true
 544 |     pattern: (?:daily).{0,40}\b([0-9a-f]{64})\b
 545 |   - id: Dandelion secret 
 546 |     enabled: true
 547 |     pattern: (?:dandelion).{0,40}\b([a-z0-9]{32})\b
 548 |   - id: Databricks secret 
 549 |     enabled: true
 550 |     pattern: dapi[a-f0-9]{32}\b
 551 |   - id: Datafire secret 
 552 |     enabled: true
 553 |     pattern: (?:datafire).{0,40}\b([a-z0-9\S]{175,190})\b
 554 |   - id: Datagov secret 
 555 |     enabled: true
 556 |     pattern: (?:data.gov).{0,40}\b([a-zA-Z0-9]{40})\b
 557 |   - id: Deepai secret 
 558 |     enabled: true
 559 |     pattern: (?:deepai).{0,40}\b([a-z0-9-]{36})\b
 560 |   - id: Deepgram secret 
 561 |     enabled: true
 562 |     pattern: (?:deepgram).{0,40}\b([0-9a-z]{40})\b
 563 |   - id: Delighted secret 
 564 |     enabled: true
 565 |     pattern: (?:delighted).{0,40}\b([a-z0-9A-Z]{32})\b
 566 |   - id: Deputy - 1 secret 
 567 |     enabled: true
 568 |     pattern: \b([0-9a-z]{1,}.as.deputy.com)\b
 569 |   - id: Deputy - 2 secret 
 570 |     enabled: true
 571 |     pattern: (?:deputy).{0,40}\b([0-9a-z]{32})\b
 572 |   - id: Detectlanguage secret 
 573 |     enabled: true
 574 |     pattern: (?:detectlanguage).{0,40}\b([a-z0-9]{32})\b
 575 |   - id: Dfuse secret 
 576 |     enabled: true
 577 |     pattern: \b(web\_[0-9a-z]{32})\b
 578 |   - id: Diffbot secret 
 579 |     enabled: true
 580 |     pattern: (?:diffbot).{0,40}\b([a-z0-9]{32})\b
 581 |   - id: Digitaloceantoken secret 
 582 |     enabled: true
 583 |     pattern: (?:digitalocean).{0,40}\b([A-Za-z0-9_-]{64})\b
 584 |   - id: Discord Webhook secret 
 585 |     enabled: true
 586 |     pattern: https://discordapp\.com/api/webhooks/[0-9]+/[A-Za-z0-9\-]+
 587 |   - id: Discordbottoken - 1 secret 
 588 |     enabled: true
 589 |     pattern: (?:discord).{0,40}\b([A-Za-z0-9_-]{24}\.[A-Za-z0-9_-]{6}\.[A-Za-z0-9_-]{27})\b
 590 |   - id: Discordbottoken - 2 secret 
 591 |     enabled: true
 592 |     pattern: (?:discord).{0,40}\b([0-9]{17})\b
 593 |   - id: Discordwebhook secret 
 594 |     enabled: true
 595 |     pattern: (https:\/\/discord.com\/api\/webhooks\/[0-9]{18}\/[0-9a-zA-Z-]{68})
 596 |   - id: Ditto secret 
 597 |     enabled: true
 598 |     pattern: (?:ditto).{0,40}\b([a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}\.[a-z0-9]{40})\b
 599 |   - id: Dnscheck - 1 secret 
 600 |     enabled: true
 601 |     pattern: (?:dnscheck).{0,40}\b([a-z0-9A-Z-]{36})\b
 602 |   - id: Dnscheck - 2 secret 
 603 |     enabled: true
 604 |     pattern: (?:dnscheck).{0,40}\b([a-z0-9A-Z]{32})\b
 605 |   - id: Documo secret 
 606 |     enabled: true
 607 |     pattern: \b(ey[a-zA-Z0-9]{34}.ey[a-zA-Z0-9]{154}.[a-zA-Z0-9_-]{43})\b
 608 |   - id: Doppler secret 
 609 |     enabled: true
 610 |     pattern: \b(dp\.pt\.[a-zA-Z0-9]{43})\b
 611 |   - id: Dotmailer - 1 secret 
 612 |     enabled: true
 613 |     pattern: (?:dotmailer).{0,40}\b(apiuser-[a-z0-9]{12}@apiconnector.com)\b
 614 |   - id: Dotmailer - 2 secret 
 615 |     enabled: true
 616 |     pattern: (?:dotmailer).{0,40}\b([a-zA-Z0-9\S]{8,24})\b
 617 |   - id: Dovico secret 
 618 |     enabled: true
 619 |     pattern: (?:dovico).{0,40}\b([0-9a-z]{32}\.[0-9a-z]{1,}\b)
 620 |   - id: Dronahq secret 
 621 |     enabled: true
 622 |     pattern: (?:dronahq).{0,40}\b([a-z0-9]{50})\b
 623 |   - id: Droneci secret 
 624 |     enabled: true
 625 |     pattern: (?:droneci).{0,40}\b([a-zA-Z0-9]{32})\b
 626 |   - id: Dropbox secret 
 627 |     enabled: true
 628 |     pattern: \b(sl\.[A-Za-z0-9\-\_]{130,140})\b
 629 |   - id: Dwolla secret 
 630 |     enabled: true
 631 |     pattern: (?:dwolla).{0,40}\b([a-zA-Z-0-9]{50})\b
 632 |   - id: Dynalist secret 
 633 |     enabled: true
 634 |     pattern: (?:dynalist).{0,40}\b([a-zA-Z0-9-_]{128})\b
 635 |   - id: Dynatrace token secret 
 636 |     enabled: true
 637 |     pattern: dt0[a-zA-Z]{1}[0-9]{2}\.[A-Z0-9]{24}\.[A-Z0-9]{64}
 638 |   - id: Dyspatch secret 
 639 |     enabled: true
 640 |     pattern: (?:dyspatch).{0,40}\b([A-Z0-9]{52})\b
 641 |   - id: EC secret 
 642 |     enabled: true
 643 |     pattern: -----BEGIN EC PRIVATE KEY-----
 644 |   - id: Eagleeyenetworks - 1 secret 
 645 |     enabled: true
 646 |     pattern: (?:eagleeyenetworks).{0,40}\b([a-zA-Z0-9]{3,20}@[a-zA-Z0-9]{2,12}.[a-zA-Z0-9]{2,5})\b
 647 |   - id: Eagleeyenetworks - 2 secret 
 648 |     enabled: true
 649 |     pattern: (?:eagleeyenetworks).{0,40}\b([a-zA-Z0-9]{15})\b
 650 |   - id: Easyinsight - 1 secret 
 651 |     enabled: true
 652 |     pattern: (?:easyinsight|easy-insight).{0,40}\b([a-zA-Z0-9]{20})\b
 653 |   - id: Easyinsight - 2 secret 
 654 |     enabled: true
 655 |     pattern: (?:easyinsight|easy-insight).{0,40}\b([0-9Aa-zA-Z]{20})\b
 656 |   - id: Edamam - 1 secret 
 657 |     enabled: true
 658 |     pattern: (?:edamam).{0,40}\b([0-9a-z]{32})\b
 659 |   - id: Edamam - 2 secret 
 660 |     enabled: true
 661 |     pattern: (?:edamam).{0,40}\b([0-9a-z]{8})\b
 662 |   - id: Edenai secret 
 663 |     enabled: true
 664 |     pattern: (?:edenai).{0,40}\b([a-zA-Z0-9]{36}.[a-zA-Z0-9]{92}.[a-zA-Z0-9_]{43})\b
 665 |   - id: Eightxeight - 2 secret 
 666 |     enabled: true
 667 |     pattern: (?:8x8).{0,40}\b([a-zA-Z0-9]{43})\b
 668 |   - id: Elasticemail secret 
 669 |     enabled: true
 670 |     pattern: (?:elastic).{0,40}\b([A-Za-z0-9_-]{96})\b
 671 |   - id: Enablex - 1 secret 
 672 |     enabled: true
 673 |     pattern: (?:enablex).{0,40}\b([a-zA-Z0-9]{36})\b
 674 |   - id: Enablex - 2 secret 
 675 |     enabled: true
 676 |     pattern: (?:enablex).{0,40}\b([a-z0-9]{24})\b
 677 |   - id: Enigma secret 
 678 |     enabled: true
 679 |     pattern: (?:enigma).{0,40}\b([a-zA-Z0-9]{40})\b
 680 |   - id: Ethplorer secret 
 681 |     enabled: true
 682 |     pattern: (?:ethplorer).{0,40}\b([a-z0-9A-Z-]{22})\b
 683 |   - id: Everhour secret 
 684 |     enabled: true
 685 |     pattern: (?:everhour).{0,40}\b([0-9Aa-f]{4}-[0-9a-f]{4}-[0-9a-f]{6}-[0-9a-f]{6}-[0-9a-f]{8})\b
 686 |   - id: Exchangerateapi secret 
 687 |     enabled: true
 688 |     pattern: (?:exchangerate).{0,40}\b([a-z0-9]{24})\b
 689 |   - id: Exchangeratesapi secret 
 690 |     enabled: true
 691 |     pattern: (?:exchangerates).{0,40}\b([a-z0-9]{32})\b
 692 |   - id: Facebook Access Token secret 
 693 |     enabled: true
 694 |     pattern: EAACEdEose0cBA[0-9A-Za-z]+
 695 |   - id: Faceplusplus secret 
 696 |     enabled: true
 697 |     pattern: (?:faceplusplus).{0,40}\b([0-9a-zA-Z_-]{32})\b
 698 |   - id: Fakejson secret 
 699 |     enabled: true
 700 |     pattern: (?:fakejson).{0,40}\b([a-zA-Z0-9]{22})\b
 701 |   - id: Fastforex secret 
 702 |     enabled: true
 703 |     pattern: (?:fastforex).{0,40}\b([a-z0-9-]{28})\b
 704 |   - id: Fastlypersonaltoken secret 
 705 |     enabled: true
 706 |     pattern: (?:fastly).{0,40}\b([A-Za-z0-9_-]{32})\b
 707 |   - id: Feedier secret 
 708 |     enabled: true
 709 |     pattern: (?:feedier).{0,40}\b([a-z0-9A-Z]{32})\b
 710 |   - id: Fetchrss secret 
 711 |     enabled: true
 712 |     pattern: (?:fetchrss).{0,40}\b([0-9A-Za-z.]{40})\b
 713 |   - id: Figmapersonalaccesstoken secret 
 714 |     enabled: true
 715 |     pattern: (?:figma).{0,40}\b([0-9]{6}-[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
 716 |   - id: Fileio secret 
 717 |     enabled: true
 718 |     pattern: (?:fileio).{0,40}\b([A-Z0-9.-]{39})\b
 719 |   - id: Finage secret 
 720 |     enabled: true
 721 |     pattern: \b(API_KEY[0-9A-Z]{32})\b
 722 |   - id: Financialmodelingprep secret 
 723 |     enabled: true
 724 |     pattern: (?:financialmodelingprep).{0,40}\b([a-zA-Z0-9]{32})\b
 725 |   - id: Findl secret 
 726 |     enabled: true
 727 |     pattern: (?:findl).{0,40}\b([a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12})\b
 728 |   - id: Finnhub secret 
 729 |     enabled: true
 730 |     pattern: (?:finnhub).{0,40}\b([0-9a-z]{20})\b
 731 |   - id: Fixerio secret 
 732 |     enabled: true
 733 |     pattern: (?:fixer).{0,40}\b([A-Za-z0-9]{32})\b
 734 |   - id: Flatio secret 
 735 |     enabled: true
 736 |     pattern: (?:flat).{0,40}\b([0-9a-z]{128})\b
 737 |   - id: Fleetbase secret 
 738 |     enabled: true
 739 |     pattern: \b(flb_live_[0-9a-zA-Z]{20})\b
 740 |   - id: Flickr secret 
 741 |     enabled: true
 742 |     pattern: (?:flickr).{0,40}\b([0-9a-z]{32})\b
 743 |   - id: Flightapi secret 
 744 |     enabled: true
 745 |     pattern: (?:flightapi).{0,40}\b([a-z0-9]{24})\b
 746 |   - id: Flightstats - 1 secret 
 747 |     enabled: true
 748 |     pattern: (?:flightstats).{0,40}\b([0-9a-z]{32})\b
 749 |   - id: Flightstats - 2 secret 
 750 |     enabled: true
 751 |     pattern: (?:flightstats).{0,40}\b([0-9a-z]{8})\b
 752 |   - id: Flowflu - 2 secret 
 753 |     enabled: true
 754 |     pattern: (?:flowflu).{0,40}\b([a-zA-Z0-9]{51})\b
 755 |   - id: Flutterwave secret 
 756 |     enabled: true
 757 |     pattern: \b(FLWSECK-[0-9a-z]{32}-X)\b
 758 |   - id: Fmfw - 1 secret 
 759 |     enabled: true
 760 |     pattern: (?:fmfw).{0,40}\b([a-zA-Z0-9-]{32})\b
 761 |   - id: Fmfw - 2 secret 
 762 |     enabled: true
 763 |     pattern: (?:fmfw).{0,40}\b([a-zA-Z0-9_-]{32})\b
 764 |   - id: Formbucket secret 
 765 |     enabled: true
 766 |     pattern: (?:formbucket).{0,40}\b([0-9A-Za-z]{1,}.[0-9A-Za-z]{1,}\.[0-9A-Z-a-z\-_]{1,})
 767 |   - id: Formio secret 
 768 |     enabled: true
 769 |     pattern: (?:formio).{0,40}\b(eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9\.[0-9A-Za-z]{310}\.[0-9A-Z-a-z\-_]{43}[ \r\n]{1})
 770 |   - id: Foursquare secret 
 771 |     enabled: true
 772 |     pattern: (?:foursquare).{0,40}\b([0-9A-Z]{48})\b
 773 |   - id: Frameio secret 
 774 |     enabled: true
 775 |     pattern: \b(fio-u-[0-9a-zA-Z_-]{64})\b
 776 |   - id: Freshbooks - 1 secret 
 777 |     enabled: true
 778 |     pattern: (?:freshbooks).{0,40}\b([0-9a-z]{64})\b
 779 |   - id: Freshbooks - 2 secret 
 780 |     enabled: true
 781 |     pattern: (?:freshbooks).{0,40}\b(https://www.[0-9A-Za-z_-]{1,}.com)\b
 782 |   - id: Freshdesk - 1 secret 
 783 |     enabled: true
 784 |     pattern: (?:freshdesk).{0,40}\b([0-9A-Za-z]{20})\b
 785 |   - id: Freshdesk - 2 secret 
 786 |     enabled: true
 787 |     pattern: \b([0-9a-z-]{1,}.freshdesk.com)\b
 788 |   - id: Front secret 
 789 |     enabled: true
 790 |     pattern: (?:front).{0,40}\b([0-9a-zA-Z]{36}.[0-9a-zA-Z\.\-\_]{188,244})\b
 791 |   - id: Fulcrum secret 
 792 |     enabled: true
 793 |     pattern: (?:fulcrum).{0,40}\b([a-z0-9]{80})\b
 794 |   - id: Fullstory secret 
 795 |     enabled: true
 796 |     pattern: (?:fullstory).{0,40}\b([a-zA-Z-0-9/+]{88})\b
 797 |   - id: Fusebill secret 
 798 |     enabled: true
 799 |     pattern: (?:fusebill).{0,40}\b([a-zA-Z0-9]{88})\b
 800 |   - id: Fxmarket secret 
 801 |     enabled: true
 802 |     pattern: (?:fxmarket).{0,40}\b([0-9Aa-zA-Z-_=]{20})\b
 803 |   - id: Gcp secret 
 804 |     enabled: true
 805 |     pattern: \{[^{]+auth_provider_x509_cert_url[^}]+\}
 806 |   - id: Geckoboard secret 
 807 |     enabled: true
 808 |     pattern: (?:geckoboard).{0,40}\b([a-zA-Z0-9]{44})\b
 809 |   - id: Generic - 1376 secret 
 810 |     enabled: true
 811 |     pattern: jdbc:mysql(=| =|:| :)
 812 |   - id: Generic - 1700 secret 
 813 |     enabled: true
 814 |     pattern: BEGIN OPENSSH PRIVATE KEY
 815 |   - id: Generic - 1701 secret 
 816 |     enabled: true
 817 |     pattern: BEGIN PRIVATE KEY
 818 |   - id: Generic - 1702 secret 
 819 |     enabled: true
 820 |     pattern: BEGIN RSA PRIVATE KEY
 821 |   - id: Generic - 1703 secret 
 822 |     enabled: true
 823 |     pattern: BEGIN DSA PRIVATE KEY
 824 |   - id: Generic - 1704 secret 
 825 |     enabled: true
 826 |     pattern: BEGIN EC PRIVATE KEY
 827 |   - id: Generic - 1705 secret 
 828 |     enabled: true
 829 |     pattern: BEGIN PGP PRIVATE KEY BLOCK
 830 |   - id: Generic - 1710 secret 
 831 |     enabled: true
 832 |     pattern: algolia_api_key
 833 |   - id: Generic - 1711 secret 
 834 |     enabled: true
 835 |     pattern: asana_access_token
 836 |   - id: Generic - 1713 secret 
 837 |     enabled: true
 838 |     pattern: azure_tenant
 839 |   - id: Generic - 1714 secret 
 840 |     enabled: true
 841 |     pattern: bitly_access_token
 842 |   - id: Generic - 1716 secret 
 843 |     enabled: true
 844 |     pattern: browserstack_access_key
 845 |   - id: Generic - 1717 secret 
 846 |     enabled: true
 847 |     pattern: buildkite_access_token
 848 |   - id: Generic - 1718 secret 
 849 |     enabled: true
 850 |     pattern: comcast_access_token
 851 |   - id: Generic - 1719 secret 
 852 |     enabled: true
 853 |     pattern: datadog_api_key
 854 |   - id: Generic - 1720 secret 
 855 |     enabled: true
 856 |     pattern: deviantart_secret
 857 |   - id: Generic - 1721 secret 
 858 |     enabled: true
 859 |     pattern: deviantart_access_token
 860 |   - id: Generic - 1722 secret 
 861 |     enabled: true
 862 |     pattern: dropbox_api_token
 863 |   - id: Generic - 1723 secret 
 864 |     enabled: true
 865 |     pattern: facebook_appsecret
 866 |   - id: Generic - 1724 secret 
 867 |     enabled: true
 868 |     pattern: facebook_access_token
 869 |   - id: Generic - 1725 secret 
 870 |     enabled: true
 871 |     pattern: firebase_custom_token
 872 |   - id: Generic - 1726 secret 
 873 |     enabled: true
 874 |     pattern: firebase_id_token
 875 |   - id: Generic - 1727 secret 
 876 |     enabled: true
 877 |     pattern: github_client
 878 |   - id: Generic - 1728 secret 
 879 |     enabled: true
 880 |     pattern: github_ssh_key
 881 |   - id: Generic - 1730 secret 
 882 |     enabled: true
 883 |     pattern: gitlab_private_token
 884 |   - id: Generic - 1733 secret 
 885 |     enabled: true
 886 |     pattern: heroku_api_key
 887 |   - id: Generic - 1734 secret 
 888 |     enabled: true
 889 |     pattern: instagram_access_token
 890 |   - id: Generic - 1735 secret 
 891 |     enabled: true
 892 |     pattern: mailchimp_api_key
 893 |   - id: Generic - 1736 secret 
 894 |     enabled: true
 895 |     pattern: mailgun_api_key
 896 |   - id: Generic - 1739 secret 
 897 |     enabled: true
 898 |     pattern: pagerduty_api_token
 899 |   - id: Generic - 1740 secret 
 900 |     enabled: true
 901 |     pattern: paypal_key_sb
 902 |   - id: Generic - 1741 secret 
 903 |     enabled: true
 904 |     pattern: paypal_key_live
 905 |   - id: Generic - 1742 secret 
 906 |     enabled: true
 907 |     pattern: paypal_token_sb
 908 |   - id: Generic - 1743 secret 
 909 |     enabled: true
 910 |     pattern: paypal_token_live
 911 |   - id: Generic - 1744 secret 
 912 |     enabled: true
 913 |     pattern: pendo_integration_key
 914 |   - id: Generic - 1745 secret 
 915 |     enabled: true
 916 |     pattern: salesforce_access_token
 917 |   - id: Generic - 1746 secret 
 918 |     enabled: true
 919 |     pattern: saucelabs_ukey
 920 |   - id: Generic - 1747 secret 
 921 |     enabled: true
 922 |     pattern: sendgrid_api_key
 923 |   - id: Generic - 1748 secret 
 924 |     enabled: true
 925 |     pattern: slack_api_token
 926 |   - id: Generic - 1751 secret 
 927 |     enabled: true
 928 |     pattern: square_auth_token
 929 |   - id: Generic - 1752 secret 
 930 |     enabled: true
 931 |     pattern: travisci_api_token
 932 |   - id: Generic - 1754 secret 
 933 |     enabled: true
 934 |     pattern: twitter_api_secret
 935 |   - id: Generic - 1755 secret 
 936 |     enabled: true
 937 |     pattern: twitter_bearer_token
 938 |   - id: Generic - 1756 secret 
 939 |     enabled: true
 940 |     pattern: spotify_access_token
 941 |   - id: Generic - 1757 secret 
 942 |     enabled: true
 943 |     pattern: stripe_key_live
 944 |   - id: Generic - 1758 secret 
 945 |     enabled: true
 946 |     pattern: wakatime_api_key
 947 |   - id: Generic - 1759 secret 
 948 |     enabled: true
 949 |     pattern: wompi_auth_bearer_sb
 950 |   - id: Generic - 1760 secret 
 951 |     enabled: true
 952 |     pattern: wompi_auth_bearer_live
 953 |   - id: Generic - 1761 secret 
 954 |     enabled: true
 955 |     pattern: wpengine_api_key
 956 |   - id: Generic - 1763 secret 
 957 |     enabled: true
 958 |     pattern: zendesk_access_token
 959 |   - id: Generic - 1764 secret 
 960 |     enabled: true
 961 |     pattern: ssh-rsa
 962 |   - id: Gengo secret 
 963 |     enabled: true
 964 |     pattern: (?:gengo).{0,40}([ ]{0,1}[0-9a-zA-Z\[\]\-\(\)\{\}|_^@$=~]{64}[ \r\n]{1})
 965 |   - id: Geoapify secret 
 966 |     enabled: true
 967 |     pattern: (?:geoapify).{0,40}\b([a-z0-9]{32})\b
 968 |   - id: Geocode secret 
 969 |     enabled: true
 970 |     pattern: (?:geocode).{0,40}\b([a-z0-9]{28})\b
 971 |   - id: Geocodify secret 
 972 |     enabled: true
 973 |     pattern: (?:geocodify).{0,40}\b([0-9a-z]{40})\b
 974 |   - id: Geocodio - 2 secret 
 975 |     enabled: true
 976 |     pattern: (?:geocod).{0,40}\b([a-z0-9]{39})\b
 977 |   - id: Geoipifi secret 
 978 |     enabled: true
 979 |     pattern: (?:ipifi).{0,40}\b([a-z0-9A-Z_]{32})\b
 980 |   - id: Getemail secret 
 981 |     enabled: true
 982 |     pattern: (?:getemail).{0,40}\b([a-zA-Z0-9-]{20})\b
 983 |   - id: Getemails - 1 secret 
 984 |     enabled: true
 985 |     pattern: (?:getemails).{0,40}\b([a-z0-9-]{26})\b
 986 |   - id: Getemails - 2 secret 
 987 |     enabled: true
 988 |     pattern: (?:getemails).{0,40}\b([a-z0-9-]{18})\b
 989 |   - id: Getgeoapi secret 
 990 |     enabled: true
 991 |     pattern: (?:getgeoapi).{0,40}\b([0-9a-z]{40})\b
 992 |   - id: Getgist secret 
 993 |     enabled: true
 994 |     pattern: (?:getgist).{0,40}\b([a-z0-9A-Z+=]{68})
 995 |   - id: Getsandbox - 1 secret 
 996 |     enabled: true
 997 |     pattern: (?:getsandbox).{0,40}\b([a-z0-9-]{40})\b
 998 |   - id: Getsandbox - 2 secret 
 999 |     enabled: true
1000 |     pattern: (?:getsandbox).{0,40}\b([a-z0-9-]{15,30})\b
1001 |   - id: Github - 2 secret 
1002 |     enabled: true
1003 |     pattern: \b((?:ghp|gho|ghu|ghs|ghr)_[a-zA-Z0-9]{36,255}\b)
1004 |   - id: Github App Token secret 
1005 |     enabled: true
1006 |     pattern: (ghu|ghs)_[0-9a-zA-Z]{36}
1007 |   - id: Github OAuth Access Token secret 
1008 |     enabled: true
1009 |     pattern: gho_[0-9a-zA-Z]{36}
1010 |   - id: Github Personal Access Token secret 
1011 |     enabled: true
1012 |     pattern: ghp_[0-9a-zA-Z]{36}
1013 |   - id: Github Refresh Token secret 
1014 |     enabled: true
1015 |     pattern: ghr_[0-9a-zA-Z]{76}
1016 |   - id: Github_old secret 
1017 |     enabled: true
1018 |     pattern: (?:github)[^\.].{0,40}
1019 |   - id: Githubapp - 2 secret 
1020 |     enabled: true
1021 |     pattern: (?:github).{0,40}(-----BEGIN RSA PRIVATE KEY-----\s[A-Za-z0-9+\/\s]*\s-----END RSA PRIVATE KEY-----)
1022 |   - id: Gitlabv2 secret 
1023 |     enabled: true
1024 |     pattern: \b(glpat-[a-zA-Z0-9\-=_]{20,22})\b
1025 |   - id: Gitter secret 
1026 |     enabled: true
1027 |     pattern: (?:gitter).{0,40}\b([a-z0-9-]{40})\b
1028 |   - id: Glassnode secret 
1029 |     enabled: true
1030 |     pattern: (?:glassnode).{0,40}\b([0-9A-Za-z]{27})\b
1031 |   - id: Gocanvas - 1 secret 
1032 |     enabled: true
1033 |     pattern: (?:gocanvas).{0,40}\b([0-9A-Za-z/+]{43}=[ \r\n]{1})
1034 |   - id: Gocanvas - 2 secret 
1035 |     enabled: true
1036 |     pattern: (?:gocanvas).{0,40}\b([\w\.-]+@[\w-]+\.[\w\.-]{2,5})\b
1037 |   - id: Goodday secret 
1038 |     enabled: true
1039 |     pattern: (?:goodday).{0,40}\b([a-z0-9]{32})\b
1040 |   - id: Google API Key secret 
1041 |     enabled: true
1042 |     pattern: AIza[0-9a-z-_]{35}
1043 |   - id: Google Calendar URI secret 
1044 |     enabled: true
1045 |     pattern: https://www\.google\.com/calendar/embed\?src=[A-Za-z0-9%@&;=\-_\./]+
1046 |   - id: Google OAuth Access Token secret 
1047 |     enabled: true
1048 |     pattern: ya29\.[0-9A-Za-z\-_]+
1049 |   - id: Graphcms - 1 secret 
1050 |     enabled: true
1051 |     pattern: (?:graph).{0,40}\b([a-z0-9]{25})\b
1052 |   - id: Graphcms - 2 secret 
1053 |     enabled: true
1054 |     pattern: \b(ey[a-zA-Z0-9]{73}.ey[a-zA-Z0-9]{365}.[a-zA-Z0-9_-]{683})\b
1055 |   - id: Graphhopper secret 
1056 |     enabled: true
1057 |     pattern: (?:graphhopper).{0,40}\b([a-z0-9-]{36})\b
1058 |   - id: Groovehq secret 
1059 |     enabled: true
1060 |     pattern: (?:groove).{0,40}\b([a-z0-9A-Z]{64})
1061 |   - id: Guru - 1 secret 
1062 |     enabled: true
1063 |     pattern: (?:guru).{0,40}\b([a-zA-Z0-9]{3,20}@[a-zA-Z0-9]{2,12}.[a-zA-Z0-9]{2,5})\b
1064 |   - id: Guru - 2 secret 
1065 |     enabled: true
1066 |     pattern: (?:guru).{0,40}\b([a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})\b
1067 |   - id: Gyazo secret 
1068 |     enabled: true
1069 |     pattern: (?:gyazo).{0,40}\b([0-9A-Za-z-]{43})\b
1070 |   - id: Happi secret 
1071 |     enabled: true
1072 |     pattern: (?:happi).{0,40}\b([a-zA-Z0-9]{56})
1073 |   - id: Happyscribe secret 
1074 |     enabled: true
1075 |     pattern: (?:happyscribe).{0,40}\b([0-9a-zA-Z]{24})\b
1076 |   - id: Harvest - 1 secret 
1077 |     enabled: true
1078 |     pattern: (?:harvest).{0,40}\b([a-z0-9A-Z._]{97})\b
1079 |   - id: Hellosign secret 
1080 |     enabled: true
1081 |     pattern: (?:hellosign).{0,40}\b([a-zA-Z-0-9/+]{64})\b
1082 |   - id: Helpcrunch secret 
1083 |     enabled: true
1084 |     pattern: (?:helpcrunch).{0,40}\b([a-zA-Z-0-9+/=]{328})
1085 |   - id: Helpscout secret 
1086 |     enabled: true
1087 |     pattern: (?:helpscout).{0,40}\b([A-Za-z0-9]{56})\b
1088 |   - id: Hereapi secret 
1089 |     enabled: true
1090 |     pattern: (?:hereapi).{0,40}\b([a-zA-Z0-9\S]{43})\b
1091 |   - id: Heroku secret 
1092 |     enabled: true
1093 |     pattern: (?:heroku).{0,40}\b([0-9Aa-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b
1094 |   - id: Hive - 2 secret 
1095 |     enabled: true
1096 |     pattern: (?:hive).{0,40}\b([0-9A-Za-z]{17})\b
1097 |   - id: Hiveage secret 
1098 |     enabled: true
1099 |     pattern: (?:hiveage).{0,40}\b([0-9A-Za-z\_\-]{20})\b
1100 |   - id: Holidayapi secret 
1101 |     enabled: true
1102 |     pattern: (?:holidayapi).{0,40}\b([a-z0-9-]{36})\b
1103 |   - id: Html2pdf secret 
1104 |     enabled: true
1105 |     pattern: (?:html2pdf).{0,40}\b([a-zA-Z0-9]{64})\b
1106 |   - id: Hubspotapikey secret 
1107 |     enabled: true
1108 |     pattern: (?:hubspot).{0,40}\b([A-Za-z0-9]{8}\-[A-Za-z0-9]{4}\-[A-Za-z0-9]{4}\-[A-Za-z0-9]{4}\-[A-Za-z0-9]{12})\b
1109 |   - id: Humanity secret 
1110 |     enabled: true
1111 |     pattern: (?:humanity).{0,40}\b([0-9a-z]{40})\b
1112 |   - id: Hypertrack - 1 secret 
1113 |     enabled: true
1114 |     pattern: (?:hypertrack).{0,40}\b([0-9a-zA-Z\_\-]{54})\b
1115 |   - id: Hypertrack - 2 secret 
1116 |     enabled: true
1117 |     pattern: (?:hypertrack).{0,40}\b([0-9a-zA-Z\_\-]{27})\b
1118 |   - id: Ibmclouduserkey secret 
1119 |     enabled: true
1120 |     pattern: (?:ibm).{0,40}\b([A-Za-z0-9_-]{44})\b
1121 |   - id: Iconfinder secret 
1122 |     enabled: true
1123 |     pattern: (?:iconfinder).{0,40}\b([a-zA-Z0-9]{64})\b
1124 |   - id: Iexcloud secret 
1125 |     enabled: true
1126 |     pattern: (?:iexcloud).{0,40}\b([a-z0-9_]{35})\b
1127 |   - id: Imagekit secret 
1128 |     enabled: true
1129 |     pattern: (?:imagekit).{0,40}\b([a-zA-Z0-9_=]{36})
1130 |   - id: Imagga secret 
1131 |     enabled: true
1132 |     pattern: (?:imagga).{0,40}\b([a-z0-9A-Z=]{72})
1133 |   - id: Impala secret 
1134 |     enabled: true
1135 |     pattern: (?:impala).{0,40}\b([0-9A-Za-z_]{46})\b
1136 |   - id: Insightly secret 
1137 |     enabled: true
1138 |     pattern: (?:insightly).{0,40}\b([a-z0-9-]{36})\b
1139 |   - id: Integromat secret 
1140 |     enabled: true
1141 |     pattern: (?:integromat).{0,40}\b([a-z0-9-]{36})\b
1142 |   - id: Intrinio secret 
1143 |     enabled: true
1144 |     pattern: (?:intrinio).{0,40}\b([a-zA-Z0-9]{44})\b
1145 |   - id: Invoiceocean - 1 secret 
1146 |     enabled: true
1147 |     pattern: (?:invoiceocean).{0,40}\b([0-9A-Za-z]{20})\b
1148 |   - id: Invoiceocean - 2 secret 
1149 |     enabled: true
1150 |     pattern: \b([0-9a-z]{1,}.invoiceocean.com)\b
1151 |   - id: Ipapi secret 
1152 |     enabled: true
1153 |     pattern: (?:ipapi).{0,40}\b([a-z0-9]{32})\b
1154 |   - id: Ipgeolocation secret 
1155 |     enabled: true
1156 |     pattern: (?:ipgeolocation).{0,40}\b([a-z0-9]{32})\b
1157 |   - id: Ipify secret 
1158 |     enabled: true
1159 |     pattern: (?:ipify).{0,40}\b([a-zA-Z0-9_-]{32})\b
1160 |   - id: Ipinfodb secret 
1161 |     enabled: true
1162 |     pattern: (?:ipinfodb).{0,40}\b([a-z0-9]{64})\b
1163 |   - id: Ipquality secret 
1164 |     enabled: true
1165 |     pattern: (?:ipquality).{0,40}\b([0-9a-z]{32})\b
1166 |   - id: Ipstack secret 
1167 |     enabled: true
1168 |     pattern: (?:ipstack).{0,40}\b([a-fA-f0-9]{32})\b
1169 |   - id: JDBC Connection String secret 
1170 |     enabled: true
1171 |     pattern: jdbc:[a-z:]+://[A-Za-z0-9\.\-_:;=/@?,&]+
1172 |   - id: Jiratoken - 1 secret 
1173 |     enabled: true
1174 |     pattern: (?:jira).{0,40}\b([a-zA-Z-0-9]{24})\b
1175 |   - id: Jiratoken - 2 secret 
1176 |     enabled: true
1177 |     pattern: (?:jira).{0,40}\b([a-zA-Z-0-9]{5,24}\@[a-zA-Z-0-9]{3,16}\.com)\b
1178 |   - id: Jotform secret 
1179 |     enabled: true
1180 |     pattern: (?:jotform).{0,40}\b([0-9Aa-z]{32})\b
1181 |   - id: Jumpcloud secret 
1182 |     enabled: true
1183 |     pattern: (?:jumpcloud).{0,40}\b([a-zA-Z0-9]{40})\b
1184 |   - id: Juro secret 
1185 |     enabled: true
1186 |     pattern: (?:juro).{0,40}\b([a-zA-Z0-9]{40})\b
1187 |   - id: Kanban - 1 secret 
1188 |     enabled: true
1189 |     pattern: (?:kanban).{0,40}\b([0-9A-Z]{12})\b
1190 |   - id: Kanban - 2 secret 
1191 |     enabled: true
1192 |     pattern: \b([0-9a-z]{1,}.kanbantool.com)\b
1193 |   - id: Karmacrm secret 
1194 |     enabled: true
1195 |     pattern: (?:karma).{0,40}\b([a-zA-Z0-9]{20})\b
1196 |   - id: Keenio - 1 secret 
1197 |     enabled: true
1198 |     pattern: (?:keen).{0,40}\b([0-9a-z]{24})\b
1199 |   - id: Keenio - 2 secret 
1200 |     enabled: true
1201 |     pattern: (?:keen).{0,40}\b([0-9A-Z]{64})\b
1202 |   - id: Kickbox secret 
1203 |     enabled: true
1204 |     pattern: (?:kickbox).{0,40}\b([a-zA-Z0-9_]+[a-zA-Z0-9]{64})\b
1205 |   - id: Klipfolio secret 
1206 |     enabled: true
1207 |     pattern: (?:klipfolio).{0,40}\b([0-9a-f]{40})\b
1208 |   - id: Kontent secret 
1209 |     enabled: true
1210 |     pattern: (?:kontent).{0,40}\b([a-z0-9-]{36})\b
1211 |   - id: Kucoin - 1 secret 
1212 |     enabled: true
1213 |     pattern: (?:kucoin).{0,40}(r\n]{1}[!-~]{7,32}r\n]{1})
1214 |   - id: Kucoin - 2 secret 
1215 |     enabled: true
1216 |     pattern: (?:kucoin).{0,40}\b([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b
1217 |   - id: Kucoin - 3 secret 
1218 |     enabled: true
1219 |     pattern: (?:kucoin).{0,40}\b([0-9a-f]{24})\b
1220 |   - id: Kylas secret 
1221 |     enabled: true
1222 |     pattern: (?:kylas).{0,40}\b([a-z0-9-]{36})\b
1223 |   - id: Languagelayer secret 
1224 |     enabled: true
1225 |     pattern: (?:languagelayer).{0,40}\b([a-z0-9]{32})\b
1226 |   - id: Lastfm secret 
1227 |     enabled: true
1228 |     pattern: (?:lastfm).{0,40}\b([0-9a-z]{32})\b
1229 |   - id: Launchdarkly secret 
1230 |     enabled: true
1231 |     pattern: (?:launchdarkly).{0,40}\b([a-z0-9-]{40})\b
1232 |   - id: Leadfeeder secret 
1233 |     enabled: true
1234 |     pattern: (?:leadfeeder).{0,40}\b([a-zA-Z0-9-]{43})\b
1235 |   - id: Lendflow secret 
1236 |     enabled: true
1237 |     pattern: (?:lendflow).{0,40}\b([a-zA-Z0-9]{36}\.[a-zA-Z0-9]{235}\.[a-zA-Z0-9]{32}\-[a-zA-Z0-9]{47}\-[a-zA-Z0-9_]{162}\-[a-zA-Z0-9]{42}\-[a-zA-Z0-9_]{40}\-[a-zA-Z0-9_]{66}\-[a-zA-Z0-9_]{59}\-[a-zA-Z0-9]{7}\-[a-zA-Z0-9_]{220})\b
1238 |   - id: Lexigram secret 
1239 |     enabled: true
1240 |     pattern: (?:lexigram).{0,40}\b([a-zA-Z0-9\S]{301})\b
1241 |   - id: Linearapi secret 
1242 |     enabled: true
1243 |     pattern: \b(lin_api_[0-9A-Za-z]{40})\b
1244 |   - id: Linemessaging secret 
1245 |     enabled: true
1246 |     pattern: (?:line).{0,40}\b([A-Za-z0-9+/]{171,172})\b
1247 |   - id: Linenotify secret 
1248 |     enabled: true
1249 |     pattern: (?:linenotify).{0,40}\b([0-9A-Za-z]{43})\b
1250 |   - id: Linkpreview secret 
1251 |     enabled: true
1252 |     pattern: (?:linkpreview).{0,40}\b([a-zA-Z0-9]{32})\b
1253 |   - id: Liveagent secret 
1254 |     enabled: true
1255 |     pattern: (?:liveagent).{0,40}\b([a-zA-Z0-9]{32})\b
1256 |   - id: Livestorm secret 
1257 |     enabled: true
1258 |     pattern: (?:livestorm).{0,40}\b(eyJhbGciOiJIUzI1NiJ9\.eyJhdWQiOiJhcGkubGl2ZXN0b3JtLmNvIiwianRpIjoi[0-9A-Z-a-z]{134}\.[0-9A-Za-z\-\_]{43}r\n]{1})
1259 |   - id: Locationiq secret 
1260 |     enabled: true
1261 |     pattern: \b(pk\.[a-zA-Z-0-9]{32})\b
1262 |   - id: Loginradius secret 
1263 |     enabled: true
1264 |     pattern: (?:loginradius).{0,40}\b([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b
1265 |   - id: Lokalisetoken secret 
1266 |     enabled: true
1267 |     pattern: (?:lokalise).{0,40}\b([a-z0-9]{40})\b
1268 |   - id: Loyverse secret 
1269 |     enabled: true
1270 |     pattern: (?:loyverse).{0,40}\b([0-9-a-z]{32})\b
1271 |   - id: Luno - 1 secret 
1272 |     enabled: true
1273 |     pattern: (?:luno).{0,40}\b([a-z0-9]{13})\b
1274 |   - id: Luno - 2 secret 
1275 |     enabled: true
1276 |     pattern: (?:luno).{0,40}\b([a-zA-Z0-9_-]{43})\b
1277 |   - id: Macaddress secret 
1278 |     enabled: true
1279 |     pattern: (?:macaddress).{0,40}\b([a-zA-Z0-9_]{32})\b
1280 |   - id: Madkudu secret 
1281 |     enabled: true
1282 |     pattern: (?:madkudu).{0,40}\b([0-9a-f]{32})\b
1283 |   - id: Magnetic secret 
1284 |     enabled: true
1285 |     pattern: (?:magnetic).{0,40}\b([0-9Aa-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
1286 |   - id: Mailboxlayer secret 
1287 |     enabled: true
1288 |     pattern: (?:mailboxlayer).{0,40}\b([a-z0-9]{32})\b
1289 |   - id: Mailerlite secret 
1290 |     enabled: true
1291 |     pattern: (?:mailerlite).{0,40}\b([a-z0-9]{32})\b
1292 |   - id: Mailgun - 2 secret 
1293 |     enabled: true
1294 |     pattern: (?:mailgun).{0,40}\b([a-zA-Z-0-9]{72})\b
1295 |   - id: Mailgun API Key - 1 secret 
1296 |     enabled: true
1297 |     pattern: key-[0-9a-zA-Z]{32}
1298 |   - id: Mailjetbasicauth secret 
1299 |     enabled: true
1300 |     pattern: (?:mailjet).{0,40}\b([A-Za-z0-9]{87}\=)
1301 |   - id: Mailjetsms secret 
1302 |     enabled: true
1303 |     pattern: (?:mailjet).{0,40}\b([A-Za-z0-9]{32})\b
1304 |   - id: Mailmodo secret 
1305 |     enabled: true
1306 |     pattern: (?:mailmodo).{0,40}\b([A-Z0-9]{7}-[A-Z0-9]{7}-[A-Z0-9]{7}-[A-Z0-9]{7})\b
1307 |   - id: Mailsac secret 
1308 |     enabled: true
1309 |     pattern: (?:mailsac).{0,40}\b(k_[0-9A-Za-z]{36,})\b
1310 |   - id: Mandrill secret 
1311 |     enabled: true
1312 |     pattern: (?:mandrill).{0,40}\b([A-Za-z0-9_-]{22})\b
1313 |   - id: Mapbox - 2 secret 
1314 |     enabled: true
1315 |     pattern: \b(sk\.[a-zA-Z-0-9\.]{80,240})\b
1316 |   - id: Mapquest secret 
1317 |     enabled: true
1318 |     pattern: (?:mapquest).{0,40}\b([0-9A-Za-z]{32})\b
1319 |   - id: Marketstack secret 
1320 |     enabled: true
1321 |     pattern: (?:marketstack).{0,40}\b([a-z0-9]{32})\b
1322 |   - id: Mattermostpersonaltoken - 1 secret 
1323 |     enabled: true
1324 |     pattern: (?:mattermost).{0,40}\b([A-Za-z0-9-_]{1,}.cloud.mattermost.com)\b
1325 |   - id: Mattermostpersonaltoken - 2 secret 
1326 |     enabled: true
1327 |     pattern: (?:mattermost).{0,40}\b([a-z0-9]{26})\b
1328 |   - id: Mavenlink secret 
1329 |     enabled: true
1330 |     pattern: (?:mavenlink).{0,40}\b([0-9a-z]{64})\b
1331 |   - id: Maxmindlicense - 1 secret 
1332 |     enabled: true
1333 |     pattern: (?:maxmind|geoip).{0,40}\b([0-9A-Za-z]{16})\b
1334 |   - id: Maxmindlicense - 2 secret 
1335 |     enabled: true
1336 |     pattern: (?:maxmind|geoip).{0,40}\b([0-9]{2,7})\b
1337 |   - id: Meaningcloud secret 
1338 |     enabled: true
1339 |     pattern: (?:meaningcloud).{0,40}\b([a-z0-9]{32})\b
1340 |   - id: Mediastack secret 
1341 |     enabled: true
1342 |     pattern: (?:mediastack).{0,40}\b([a-z0-9]{32})\b
1343 |   - id: Meistertask secret 
1344 |     enabled: true
1345 |     pattern: (?:meistertask).{0,40}\b([a-zA-Z0-9]{43})\b
1346 |   - id: Mesibo secret 
1347 |     enabled: true
1348 |     pattern: (?:mesibo).{0,40}\b([0-9A-Za-z]{64})\b
1349 |   - id: Messagebird secret 
1350 |     enabled: true
1351 |     pattern: (?:messagebird).{0,40}\b([A-Za-z0-9_-]{25})\b
1352 |   - id: Metaapi - 1 secret 
1353 |     enabled: true
1354 |     pattern: (?:metaapi|meta-api).{0,40}\b([0-9a-f]{64})\b
1355 |   - id: Metaapi - 2 secret 
1356 |     enabled: true
1357 |     pattern: (?:metaapi|meta-api).{0,40}\b([0-9a-f]{24})\b
1358 |   - id: Metrilo secret 
1359 |     enabled: true
1360 |     pattern: (?:metrilo).{0,40}\b([a-z0-9]{16})\b
1361 |   - id: Microsoftteamswebhook secret 
1362 |     enabled: true
1363 |     pattern: (https:\/\/[a-zA-Z-0-9]+\.webhook\.office\.com\/webhookb2\/[a-zA-Z-0-9]{8}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{12}\@[a-zA-Z-0-9]{8}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{12}\/IncomingWebhook\/[a-zA-Z-0-9]{32}\/[a-zA-Z-0-9]{8}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{4}-[a-zA-Z-0-9]{12})
1364 |   - id: Midise secret 
1365 |     enabled: true
1366 |     pattern: midi-662b69edd2[a-zA-Z0-9]{54}
1367 |   - id: Mindmeister secret 
1368 |     enabled: true
1369 |     pattern: (?:mindmeister).{0,40}\b([a-zA-Z0-9]{43})\b
1370 |   - id: Mite - 1 secret 
1371 |     enabled: true
1372 |     pattern: (?:mite).{0,40}\b([0-9a-z]{16})\b
1373 |   - id: Mite - 2 secret 
1374 |     enabled: true
1375 |     pattern: \b([0-9a-z-]{1,}.mite.yo.lk)\b
1376 |   - id: Mixmax secret 
1377 |     enabled: true
1378 |     pattern: (?:mixmax).{0,40}\b([a-zA-Z0-9_-]{36})\b
1379 |   - id: Mixpanel - 1 secret 
1380 |     enabled: true
1381 |     pattern: (?:mixpanel).{0,40}\b([a-zA-Z0-9.-]{30,40})\b
1382 |   - id: Mixpanel - 2 secret 
1383 |     enabled: true
1384 |     pattern: (?:mixpanel).{0,40}\b([a-zA-Z0-9-]{32})\b
1385 |   - id: Moderation secret 
1386 |     enabled: true
1387 |     pattern: (?:moderation).{0,40}\b([a-zA-Z0-9]{36}\.[a-zA-Z0-9]{115}\.[a-zA-Z0-9_]{43})\b
1388 |   - id: Monday secret 
1389 |     enabled: true
1390 |     pattern: (?:monday).{0,40}\b(ey[a-zA-Z0-9_.]{210,225})\b
1391 |   - id: Moonclerck secret 
1392 |     enabled: true
1393 |     pattern: (?:moonclerck).{0,40}\b([0-9a-z]{32})\b
1394 |   - id: Moonclerk secret 
1395 |     enabled: true
1396 |     pattern: (?:moonclerk).{0,40}\b([0-9a-z]{32})\b
1397 |   - id: Moosend secret 
1398 |     enabled: true
1399 |     pattern: (?:moosend).{0,40}\b([0-9Aa-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b
1400 |   - id: Mrticktock - 1 secret 
1401 |     enabled: true
1402 |     pattern: (?:mrticktock).{0,40}\b([a-zA-Z0-9!=@#$%()_^]{1,50})
1403 |   - id: Myintervals secret 
1404 |     enabled: true
1405 |     pattern: (?:myintervals).{0,40}\b([0-9a-z]{11})\b
1406 |   - id: Nasdaqdatalink secret 
1407 |     enabled: true
1408 |     pattern: (?:nasdaq).{0,40}\b([a-zA-Z0-9_-]{20})\b
1409 |   - id: Nethunt - 1 secret 
1410 |     enabled: true
1411 |     pattern: (?:nethunt).{0,40}\b([a-zA-Z0-9.-@]{25,30})\b
1412 |   - id: Nethunt - 2 secret 
1413 |     enabled: true
1414 |     pattern: (?:nethunt).{0,40}\b([a-z0-9-\S]{36})\b
1415 |   - id: Netlify secret 
1416 |     enabled: true
1417 |     pattern: (?:netlify).{0,40}\b([A-Za-z0-9_-]{43,45})\b
1418 |   - id: Neutrinoapi - 1 secret 
1419 |     enabled: true
1420 |     pattern: (?:neutrinoapi).{0,40}\b([a-zA-Z0-9]{48})\b
1421 |   - id: Neutrinoapi - 2 secret 
1422 |     enabled: true
1423 |     pattern: (?:neutrinoapi).{0,40}\b([a-zA-Z0-9]{6,24})\b
1424 |   - id: Newrelic Admin API Key secret 
1425 |     enabled: true
1426 |     pattern: NRAA-[a-f0-9]{27}
1427 |   - id: Newrelic Insights API Key secret 
1428 |     enabled: true
1429 |     pattern: NRI(?:I|Q)-[A-Za-z0-9\-_]{32}
1430 |   - id: Newrelic REST API Key secret 
1431 |     enabled: true
1432 |     pattern: NRRA-[a-f0-9]{42}
1433 |   - id: Newrelic Synthetics Location Key secret 
1434 |     enabled: true
1435 |     pattern: NRSP-[a-z]{2}[0-9]{2}[a-f0-9]{31}
1436 |   - id: Newrelicpersonalapikey secret 
1437 |     enabled: true
1438 |     pattern: (?:newrelic).{0,40}\b([A-Za-z0-9_\.]{4}-[A-Za-z0-9_\.]{42})\b
1439 |   - id: Newsapi secret 
1440 |     enabled: true
1441 |     pattern: (?:newsapi).{0,40}\b([a-z0-9]{32})
1442 |   - id: Newscatcher secret 
1443 |     enabled: true
1444 |     pattern: (?:newscatcher).{0,40}\b([0-9A-Za-z_]{43})\b
1445 |   - id: Nexmoapikey - 1 secret 
1446 |     enabled: true
1447 |     pattern: (?:nexmo).{0,40}\b([A-Za-z0-9_-]{8})\b
1448 |   - id: Nexmoapikey - 2 secret 
1449 |     enabled: true
1450 |     pattern: (?:nexmo).{0,40}\b([A-Za-z0-9_-]{16})\b
1451 |   - id: Nftport secret 
1452 |     enabled: true
1453 |     pattern: (?:nftport).{0,40}\b([a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})\b
1454 |   - id: Nicereply secret 
1455 |     enabled: true
1456 |     pattern: (?:nicereply).{0,40}\b([0-9a-f]{40})\b
1457 |   - id: Nimble secret 
1458 |     enabled: true
1459 |     pattern: (?:nimble).{0,40}\b([a-zA-Z0-9]{30})\b
1460 |   - id: Nitro secret 
1461 |     enabled: true
1462 |     pattern: (?:nitro).{0,40}\b([0-9a-f]{32})\b
1463 |   - id: Noticeable secret 
1464 |     enabled: true
1465 |     pattern: (?:noticeable).{0,40}\b([0-9a-zA-Z]{20})\b
1466 |   - id: Notion secret 
1467 |     enabled: true
1468 |     pattern: \b(secret_[A-Za-z0-9]{43})\b
1469 |   - id: Nozbeteams secret 
1470 |     enabled: true
1471 |     pattern: (?:nozbe|nozbeteams).{0,40}\b([0-9A-Za-z]{16}_[0-9A-Za-z\-_]{64}r\n]{1})
1472 |   - id: Numverify secret 
1473 |     enabled: true
1474 |     pattern: (?:numverify).{0,40}\b([a-z0-9]{32})\b
1475 |   - id: Nutritionix - 1 secret 
1476 |     enabled: true
1477 |     pattern: (?:nutritionix).{0,40}\b([a-z0-9]{32})\b
1478 |   - id: Nutritionix - 2 secret 
1479 |     enabled: true
1480 |     pattern: (?:nutritionix).{0,40}\b([a-z0-9]{8})\b
1481 |   - id: Nylas secret 
1482 |     enabled: true
1483 |     pattern: (?:nylas).{0,40}\b([0-9A-Za-z]{30})\b
1484 |   - id: Oanda secret 
1485 |     enabled: true
1486 |     pattern: (?:oanda).{0,40}\b([a-zA-Z0-9]{24})\b
1487 |   - id: Omnisend secret 
1488 |     enabled: true
1489 |     pattern: (?:omnisend).{0,40}\b([a-z0-9A-Z-]{75})\b
1490 |   - id: Onedesk - 1 secret 
1491 |     enabled: true
1492 |     pattern: (?:onedesk).{0,40}\b([a-zA-Z0-9!=@#$%^]{8,64})
1493 |   - id: Onepagecrm - 1 secret 
1494 |     enabled: true
1495 |     pattern: (?:onepagecrm).{0,40}\b([a-zA-Z0-9=]{44})
1496 |   - id: Onepagecrm - 2 secret 
1497 |     enabled: true
1498 |     pattern: (?:onepagecrm).{0,40}\b([a-z0-9]{24})\b
1499 |   - id: Onwaterio secret 
1500 |     enabled: true
1501 |     pattern: (?:onwater).{0,40}\b([a-zA-Z0-9_-]{20})\b
1502 |   - id: Oopspam secret 
1503 |     enabled: true
1504 |     pattern: (?:oopspam).{0,40}\b([a-zA-Z0-9]{40})\b
1505 |   - id: Opencagedata secret 
1506 |     enabled: true
1507 |     pattern: (?:opencagedata).{0,40}\b([a-z0-9]{32})\b
1508 |   - id: Opengraphr secret 
1509 |     enabled: true
1510 |     pattern: (?:opengraphr).{0,40}\b([0-9Aa-zA-Z]{80})\b
1511 |   - id: Openuv secret 
1512 |     enabled: true
1513 |     pattern: (?:openuv).{0,40}\b([0-9a-z]{32})\b
1514 |   - id: Openweather secret 
1515 |     enabled: true
1516 |     pattern: (?:openweather).{0,40}\b([a-z0-9]{32})\b
1517 |   - id: Optimizely secret 
1518 |     enabled: true
1519 |     pattern: (?:optimizely).{0,40}\b([0-9A-Za-z-:]{54})\b
1520 |   - id: Owlbot secret 
1521 |     enabled: true
1522 |     pattern: (?:owlbot).{0,40}\b([a-z0-9]{40})\b
1523 |   - id: PGP private key block secret 
1524 |     enabled: true
1525 |     pattern: -----BEGIN PGP PRIVATE KEY BLOCK-----
1526 |   - id: Pagerdutyapikey secret 
1527 |     enabled: true
1528 |     pattern: (?:pagerduty).{0,40}\b([a-z]{1}\+[a-zA-Z]{9}\-[a-z]{2}\-[a-z0-9]{5})\b
1529 |   - id: Pandadoc secret 
1530 |     enabled: true
1531 |     pattern: (?:pandadoc).{0,40}\b([a-zA-Z0-9]{40})\b
1532 |   - id: Pandascore secret 
1533 |     enabled: true
1534 |     pattern: (?:pandascore).{0,40}(r\n]{0,1}[0-9A-Za-z\-\_]{51}r\n]{1})
1535 |   - id: Paralleldots secret 
1536 |     enabled: true
1537 |     pattern: (?:paralleldots).{0,40}\b([0-9A-Za-z]{43})\b
1538 |   - id: Partnerstack secret 
1539 |     enabled: true
1540 |     pattern: (?:partnerstack).{0,40}\b([0-9A-Za-z]{64})\b
1541 |   - id: Passbase secret 
1542 |     enabled: true
1543 |     pattern: (?:passbase).{0,40}\b([a-zA-Z0-9]{128})\b
1544 |   - id: Pastebin secret 
1545 |     enabled: true
1546 |     pattern: (?:pastebin).{0,40}\b([a-zA-Z0-9_]{32})\b
1547 |   - id: PayPal Braintree access token secret 
1548 |     enabled: true
1549 |     pattern: access_token\$production\$[0-9a-z]{16}\$[0-9a-f]{32}
1550 |   - id: Paymoapp secret 
1551 |     enabled: true
1552 |     pattern: (?:paymoapp).{0,40}\b([a-zA-Z0-9]{44})\b
1553 |   - id: Paymongo secret 
1554 |     enabled: true
1555 |     pattern: (?:paymongo).{0,40}\b([a-zA-Z0-9_]{32})\b
1556 |   - id: Paystack secret 
1557 |     enabled: true
1558 |     pattern: \b(sk\_[a-z]{1,}\_[A-Za-z0-9]{40})\b
1559 |   - id: Pdflayer secret 
1560 |     enabled: true
1561 |     pattern: (?:pdflayer).{0,40}\b([a-z0-9]{32})\b
1562 |   - id: Pdfshift secret 
1563 |     enabled: true
1564 |     pattern: (?:pdfshift).{0,40}\b([0-9a-f]{32})\b
1565 |   - id: Peopledatalabs secret 
1566 |     enabled: true
1567 |     pattern: (?:peopledatalabs).{0,40}\b([a-z0-9]{64})\b
1568 |   - id: Pepipost secret 
1569 |     enabled: true
1570 |     pattern: (?:pepipost|netcore).{0,40}\b([a-zA-Z-0-9]{32})\b
1571 |   - id: Picatic API key secret 
1572 |     enabled: true
1573 |     pattern: sk_live_[0-9a-z]{32}
1574 |   - id: Pipedream secret 
1575 |     enabled: true
1576 |     pattern: (?:pipedream).{0,40}\b([a-z0-9]{32})\b
1577 |   - id: Pipedrive secret 
1578 |     enabled: true
1579 |     pattern: (?:pipedrive).{0,40}\b([a-zA-Z0-9]{40})\b
1580 |   - id: Pivotaltracker secret 
1581 |     enabled: true
1582 |     pattern: (?:pivotal).{0,40}([a-z0-9]{32})
1583 |   - id: Pixabay secret 
1584 |     enabled: true
1585 |     pattern: (?:pixabay).{0,40}\b([a-z0-9-]{34})\b
1586 |   - id: Plaidkey - 1 secret 
1587 |     enabled: true
1588 |     pattern: (?:plaid).{0,40}\b([a-z0-9]{24})\b
1589 |   - id: Plaidkey - 2 secret 
1590 |     enabled: true
1591 |     pattern: (?:plaid).{0,40}\b([a-z0-9]{30})\b
1592 |   - id: Planviewleankit - 1 secret 
1593 |     enabled: true
1594 |     pattern: (?:planviewleankit|planview).{0,40}\b([0-9a-f]{128})\b
1595 |   - id: Planviewleankit - 2 secret 
1596 |     enabled: true
1597 |     pattern: (?:planviewleankit|planview).{0,40}(?:subdomain).\b([a-zA-Z][a-zA-Z0-9.-]{1,23}[a-zA-Z0-9])\b
1598 |   - id: Planyo secret 
1599 |     enabled: true
1600 |     pattern: (?:planyo).{0,40}\b([0-9a-z]{62})\b
1601 |   - id: Plivo - 1 secret 
1602 |     enabled: true
1603 |     pattern: (?:plivo).{0,40}\b([A-Za-z0-9_-]{40})\b
1604 |   - id: Plivo - 2 secret 
1605 |     enabled: true
1606 |     pattern: (?:plivo).{0,40}\b([A-Z]{20})\b
1607 |   - id: Poloniex - 1 secret 
1608 |     enabled: true
1609 |     pattern: (?:poloniex).{0,40}\b([0-9a-f]{128})\b
1610 |   - id: Poloniex - 2 secret 
1611 |     enabled: true
1612 |     pattern: (?:poloniex).{0,40}\b([0-9A-Z]{8}-[0-9A-Z]{8}-[0-9A-Z]{8}-[0-9A-Z]{8})\b
1613 |   - id: Polygon secret 
1614 |     enabled: true
1615 |     pattern: (?:polygon).{0,40}\b([a-z0-9A-Z]{32})\b
1616 |   - id: Positionstack secret 
1617 |     enabled: true
1618 |     pattern: (?:positionstack).{0,40}\b([a-zA-Z0-9_]{32})\b
1619 |   - id: Postageapp secret 
1620 |     enabled: true
1621 |     pattern: (?:postageapp).{0,40}\b([0-9A-Za-z]{32})\b
1622 |   - id: Posthog secret 
1623 |     enabled: true
1624 |     pattern: \b(phc_[a-zA-Z0-9_]{43})\b
1625 |   - id: Postman secret 
1626 |     enabled: true
1627 |     pattern: \b(PMAK-[a-zA-Z-0-9]{59})\b
1628 |   - id: Postmark secret 
1629 |     enabled: true
1630 |     pattern: (?:postmark).{0,40}\b([0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
1631 |   - id: Powrbot secret 
1632 |     enabled: true
1633 |     pattern: (?:powrbot).{0,40}\b([a-z0-9A-Z]{40})\b
1634 |   - id: Privatekey secret 
1635 |     enabled: true
1636 |     pattern: -----\s*?BEGIN[ A-Z0-9_-]*?PRIVATE KEY\s*?-----[\s\S]*?----\s*?END[ A-Z0-9_-]*? PRIVATE KEY\s*?-----
1637 |   - id: Prospectcrm secret 
1638 |     enabled: true
1639 |     pattern: (?:prospect).{0,40}\b([a-z0-9-]{32})\b
1640 |   - id: Prospectio secret 
1641 |     enabled: true
1642 |     pattern: (?:prospect).{0,40}\b([a-z0-9A-Z-]{50})\b
1643 |   - id: Protocolsio secret 
1644 |     enabled: true
1645 |     pattern: (?:protocols).{0,40}\b([a-z0-9]{64})\b
1646 |   - id: Proxycrawl secret 
1647 |     enabled: true
1648 |     pattern: (?:proxycrawl).{0,40}\b([a-zA-Z0-9_]{22})\b
1649 |   - id: Pubnubpublishkey - 1 secret 
1650 |     enabled: true
1651 |     pattern: \b(sub-c-[0-9a-z]{8}-[a-z]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})\b
1652 |   - id: Pubnubpublishkey - 2 secret 
1653 |     enabled: true
1654 |     pattern: \b(pub-c-[0-9a-z]{8}-[0-9a-z]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})\b
1655 |   - id: Purestake secret 
1656 |     enabled: true
1657 |     pattern: (?:purestake).{0,40}\b([a-zA-Z0-9]{40})\b
1658 |   - id: Pushbulletapikey secret 
1659 |     enabled: true
1660 |     pattern: (?:pushbullet).{0,40}\b([A-Za-z0-9_\.]{34})\b
1661 |   - id: Pusherchannelkey - 2 secret 
1662 |     enabled: true
1663 |     pattern: (?:pusher).{0,40}\b([a-z0-9]{20})\b
1664 |   - id: Pusherchannelkey - 3 secret 
1665 |     enabled: true
1666 |     pattern: (?:pusher).{0,40}\b([0-9]{7})\b
1667 |   - id: PyPI upload token secret 
1668 |     enabled: true
1669 |     pattern: pypi-AgEIcHlwaS5vcmc[A-Za-z0-9-_]{50,1000}
1670 |   - id: Qualaroo secret 
1671 |     enabled: true
1672 |     pattern: (?:qualaroo).{0,40}\b([a-z0-9A-Z=]{64})
1673 |   - id: Qubole secret 
1674 |     enabled: true
1675 |     pattern: (?:qubole).{0,40}\b([0-9a-z]{64})\b
1676 |   - id: Quickmetrics secret 
1677 |     enabled: true
1678 |     pattern: (?:quickmetrics).{0,40}\b([a-zA-Z0-9_-]{22})\b
1679 |   - id: RKCS8 secret 
1680 |     enabled: true
1681 |     pattern: -----BEGIN PRIVATE KEY-----
1682 |   - id: RSA private key secret 
1683 |     enabled: true
1684 |     pattern: -----BEGIN RSA PRIVATE KEY-----
1685 |   - id: Rapidapi secret 
1686 |     enabled: true
1687 |     pattern: (?:rapidapi).{0,40}\b([A-Za-z0-9_-]{50})\b
1688 |   - id: Raven secret 
1689 |     enabled: true
1690 |     pattern: (?:raven).{0,40}\b([A-Z0-9-]{16})\b
1691 |   - id: Rawg secret 
1692 |     enabled: true
1693 |     pattern: (?:rawg).{0,40}\b([0-9Aa-z]{32})\b
1694 |   - id: Razorpay - 1 secret 
1695 |     enabled: true
1696 |     pattern: \brzp_\w{2,6}_\w{10,20}\b
1697 |   - id: Readme secret 
1698 |     enabled: true
1699 |     pattern: (?:readme).{0,40}\b([a-zA-Z0-9_]{32})\b
1700 |   - id: Reallysimplesystems secret 
1701 |     enabled: true
1702 |     pattern: \b(ey[a-zA-Z0-9-._]{153}.ey[a-zA-Z0-9-._]{916,1000})\b
1703 |   - id: Rebrandly secret 
1704 |     enabled: true
1705 |     pattern: (?:rebrandly).{0,40}\b([a-zA-Z0-9_]{32})\b
1706 |   - id: Refiner secret 
1707 |     enabled: true
1708 |     pattern: (?:refiner).{0,40}\b([0-9Aa-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b
1709 |   - id: Repairshopr - 1 secret 
1710 |     enabled: true
1711 |     pattern: (?:repairshopr).{0,40}\b([a-zA-Z0-9_.!+$#^*]{3,32})\b
1712 |   - id: Repairshopr - 2 secret 
1713 |     enabled: true
1714 |     pattern: (?:repairshopr).{0,40}\b([a-zA-Z0-9-]{51})\b
1715 |   - id: Restpack secret 
1716 |     enabled: true
1717 |     pattern: (?:restpack).{0,40}\b([a-zA-Z0-9]{48})\b
1718 |   - id: Restpackhtmltopdfapi secret 
1719 |     enabled: true
1720 |     pattern: (?:restpack).{0,40}\b([0-9A-Za-z]{48})\b
1721 |   - id: Rev - 1 secret 
1722 |     enabled: true
1723 |     pattern: (?:rev).{0,40}\b([0-9a-zA-Z\/\+]{27}\=r\n]{1})
1724 |   - id: Revampcrm - 1 secret 
1725 |     enabled: true
1726 |     pattern: (?:revamp).{0,40}\b([a-zA-Z0-9]{40}\b)
1727 |   - id: Ringcentral - 1 secret 
1728 |     enabled: true
1729 |     pattern: (?:ringcentral).{0,40}\b(https://www.[0-9A-Za-z_-]{1,}.com)\b
1730 |   - id: Ringcentral - 2 secret 
1731 |     enabled: true
1732 |     pattern: (?:ringcentral).{0,40}\b([0-9A-Za-z_-]{22})\b
1733 |   - id: Ritekit secret 
1734 |     enabled: true
1735 |     pattern: (?:ritekit).{0,40}\b([0-9a-f]{44})\b
1736 |   - id: Roaring secret 
1737 |     enabled: true
1738 |     pattern: (?:roaring).{0,40}\b([0-9A-Za-z_-]{28})\b
1739 |   - id: Rocketreach secret 
1740 |     enabled: true
1741 |     pattern: (?:rocketreach).{0,40}\b([a-z0-9-]{39})\b
1742 |   - id: Roninapp - 2 secret 
1743 |     enabled: true
1744 |     pattern: (?:ronin).{0,40}\b([0-9a-zA-Z]{26})\b
1745 |   - id: Route4me secret 
1746 |     enabled: true
1747 |     pattern: (?:route4me).{0,40}\b([0-9A-Z]{32})\b
1748 |   - id: Rownd - 1 secret 
1749 |     enabled: true
1750 |     pattern: (?:rownd).{0,40}\b([a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12})\b
1751 |   - id: Rownd - 2 secret 
1752 |     enabled: true
1753 |     pattern: (?:rownd).{0,40}\b([a-z0-9]{48})\b
1754 |   - id: Rownd - 3 secret 
1755 |     enabled: true
1756 |     pattern: (?:rownd).{0,40}\b([0-9]{18})\b
1757 |   - id: Rubygems secret 
1758 |     enabled: true
1759 |     pattern: \b(rubygems_[a-zA0-9]{48})\b
1760 |   - id: Runrunit - 1 secret 
1761 |     enabled: true
1762 |     pattern: (?:runrunit).{0,40}\b([0-9a-f]{32})\b
1763 |   - id: Runrunit - 2 secret 
1764 |     enabled: true
1765 |     pattern: (?:runrunit).{0,40}\b([0-9A-Za-z]{18,20})\b
1766 |   - id: SSH secret 
1767 |     enabled: true
1768 |     pattern: -----BEGIN OPENSSH PRIVATE KEY-----
1769 |   - id: SSH (DSA) private key secret 
1770 |     enabled: true
1771 |     pattern: -----BEGIN DSA PRIVATE KEY-----
1772 |   - id: Salesblink secret 
1773 |     enabled: true
1774 |     pattern: (?:salesblink).{0,40}\b([a-zA-Z]{16})\b
1775 |   - id: Salescookie secret 
1776 |     enabled: true
1777 |     pattern: (?:salescookie).{0,40}\b([a-zA-z0-9]{32})\b
1778 |   - id: Salesflare secret 
1779 |     enabled: true
1780 |     pattern: (?:salesflare).{0,40}\b([a-zA-Z0-9_]{45})\b
1781 |   - id: Satismeterprojectkey - 1 secret 
1782 |     enabled: true
1783 |     pattern: (?:satismeter).{0,40}\b([a-zA-Z0-9]{4,20}@[a-zA-Z0-9]{2,12}.[a-zA-Z0-9]{2,12})\b
1784 |   - id: Satismeterprojectkey - 2 secret 
1785 |     enabled: true
1786 |     pattern: (?:satismeter).{0,40}\b([a-zA-Z0-9]{24})\b
1787 |   - id: Satismeterprojectkey - 3 secret 
1788 |     enabled: true
1789 |     pattern: (?:satismeter).{0,40}\b([a-zA-Z0-9!=@#$%^]{6,32})
1790 |   - id: Satismeterwritekey secret 
1791 |     enabled: true
1792 |     pattern: (?:satismeter).{0,40}\b([a-z0-9A-Z]{16})\b
1793 |   - id: Saucelabs - 1 secret 
1794 |     enabled: true
1795 |     pattern: \b(oauth\-[a-z0-9]{8,}\-[a-z0-9]{5})\b
1796 |   - id: Saucelabs - 2 secret 
1797 |     enabled: true
1798 |     pattern: (?:saucelabs).{0,40}\b([a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12})\b
1799 |   - id: Scalewaykey secret 
1800 |     enabled: true
1801 |     pattern: (?:scaleway).{0,40}\b([0-9a-z]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
1802 |   - id: Scrapeowl secret 
1803 |     enabled: true
1804 |     pattern: (?:scrapeowl).{0,40}\b([0-9a-z]{30})\b
1805 |   - id: Scraperapi secret 
1806 |     enabled: true
1807 |     pattern: (?:scraperapi).{0,40}\b([a-z0-9]{32})\b
1808 |   - id: Scraperbox secret 
1809 |     enabled: true
1810 |     pattern: (?:scraperbox).{0,40}\b([A-Z0-9]{32})\b
1811 |   - id: Scrapersite secret 
1812 |     enabled: true
1813 |     pattern: (?:scrapersite).{0,40}\b([a-zA-Z0-9]{45})\b
1814 |   - id: Scrapestack secret 
1815 |     enabled: true
1816 |     pattern: (?:scrapestack).{0,40}\b([a-z0-9]{32})\b
1817 |   - id: Scrapfly secret 
1818 |     enabled: true
1819 |     pattern: (?:scrapfly).{0,40}\b([a-z0-9]{32})\b
1820 |   - id: Scrapingant secret 
1821 |     enabled: true
1822 |     pattern: (?:scrapingant).{0,40}\b([a-z0-9]{32})\b
1823 |   - id: Scrapingbee secret 
1824 |     enabled: true
1825 |     pattern: (?:scrapingbee).{0,40}\b([A-Z0-9]{80})\b
1826 |   - id: Screenshotapi secret 
1827 |     enabled: true
1828 |     pattern: (?:screenshotapi).{0,40}\b([0-9A-Z]{7}\-[0-9A-Z]{7}\-[0-9A-Z]{7}\-[0-9A-Z]{7})\b
1829 |   - id: Screenshotlayer secret 
1830 |     enabled: true
1831 |     pattern: (?:screenshotlayer).{0,40}\b([a-zA-Z0-9_]{32})\b
1832 |   - id: Securitytrails secret 
1833 |     enabled: true
1834 |     pattern: (?:securitytrails).{0,40}\b([a-zA-Z0-9]{32})\b
1835 |   - id: Segmentapikey secret 
1836 |     enabled: true
1837 |     pattern: (?:segment).{0,40}\b([A-Za-z0-9_\-a-zA-Z]{43}\.[A-Za-z0-9_\-a-zA-Z]{43})\b
1838 |   - id: Selectpdf secret 
1839 |     enabled: true
1840 |     pattern: (?:selectpdf).{0,40}\b([a-z0-9-]{36})\b
1841 |   - id: Semaphore secret 
1842 |     enabled: true
1843 |     pattern: (?:semaphore).{0,40}\b([0-9a-z]{32})\b
1844 |   - id: SendGrid API Key secret 
1845 |     enabled: true
1846 |     pattern: SG\.[\w_]{16,32}\.[\w_]{16,64}
1847 |   - id: Sendbird - 1 secret 
1848 |     enabled: true
1849 |     pattern: (?:sendbird).{0,40}\b([0-9a-f]{40})\b
1850 |   - id: Sendbird - 2 secret 
1851 |     enabled: true
1852 |     pattern: (?:sendbird).{0,40}\b([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})\b
1853 |   - id: Sendbirdorganizationapi secret 
1854 |     enabled: true
1855 |     pattern: (?:sendbird).{0,40}\b([0-9a-f]{24})\b
1856 |   - id: Sendgrid secret 
1857 |     enabled: true
1858 |     pattern: (?:sendgrid).{0,40}(SG\.[\w\-_]{20,24}\.[\w\-_]{39,50})\b
1859 |   - id: Sendinbluev2 secret 
1860 |     enabled: true
1861 |     pattern: \b(xkeysib\-[A-Za-z0-9_-]{81})\b
1862 |   - id: Sentiment - 1 secret 
1863 |     enabled: true
1864 |     pattern: (?:sentiment).{0,40}\b([0-9]{17})\b
1865 |   - id: Sentiment - 2 secret 
1866 |     enabled: true
1867 |     pattern: (?:sentiment).{0,40}\b([a-zA-Z0-9]{20})\b
1868 |   - id: Sentrytoken secret 
1869 |     enabled: true
1870 |     pattern: (?:sentry).{0,40}\b([a-f0-9]{64})\b
1871 |   - id: Serphouse secret 
1872 |     enabled: true
1873 |     pattern: (?:serphouse).{0,40}\b([0-9A-Za-z]{60})\b
1874 |   - id: Serpstack secret 
1875 |     enabled: true
1876 |     pattern: (?:serpstack).{0,40}\b([a-z0-9]{32})\b
1877 |   - id: Sheety - 1 secret 
1878 |     enabled: true
1879 |     pattern: (?:sheety).{0,40}\b([0-9a-z]{32})\b
1880 |   - id: Sheety - 2 secret 
1881 |     enabled: true
1882 |     pattern: (?:sheety).{0,40}\b([0-9a-z]{64})\b
1883 |   - id: Sherpadesk secret 
1884 |     enabled: true
1885 |     pattern: (?:sherpadesk).{0,40}\b([0-9a-z]{32})\b
1886 |   - id: Shipday secret 
1887 |     enabled: true
1888 |     pattern: (?:shipday).{0,40}\b([a-zA-Z0-9.]{11}[a-zA-Z0-9]{20})\b
1889 |   - id: Shodankey secret 
1890 |     enabled: true
1891 |     pattern: (?:shodan).{0,40}\b([a-zA-Z0-9]{32})\b
1892 |   - id: Shopify access token secret 
1893 |     enabled: true
1894 |     pattern: shpat_[a-fA-F0-9]{32}
1895 |   - id: Shopify custom app access token secret 
1896 |     enabled: true
1897 |     pattern: shpca_[a-fA-F0-9]{32}
1898 |   - id: Shopify private app access token secret 
1899 |     enabled: true
1900 |     pattern: shppa_[a-fA-F0-9]{32}
1901 |   - id: Shopify shared secret secret 
1902 |     enabled: true
1903 |     pattern: shpss_[a-fA-F0-9]{32}
1904 |   - id: Shortcut secret 
1905 |     enabled: true
1906 |     pattern: (?:shortcut).{0,40}\b([0-9a-f-]{36})\b
1907 |   - id: Shotstack secret 
1908 |     enabled: true
1909 |     pattern: (?:shotstack).{0,40}\b([a-zA-Z0-9]{40})\b
1910 |   - id: Shutterstockoauth secret 
1911 |     enabled: true
1912 |     pattern: (?:shutterstock).{0,40}\b(v2/[0-9A-Za-z]{388})\b
1913 |   - id: Signalwire - 1 secret 
1914 |     enabled: true
1915 |     pattern: \b([0-9a-z-]{3,64}.signalwire.com)\b
1916 |   - id: Signalwire - 2 secret 
1917 |     enabled: true
1918 |     pattern: (?:signalwire).{0,40}\b([0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
1919 |   - id: Signalwire - 3 secret 
1920 |     enabled: true
1921 |     pattern: (?:signalwire).{0,40}\b([0-9A-Za-z]{50})\b
1922 |   - id: Signaturit secret 
1923 |     enabled: true
1924 |     pattern: (?:signaturit).{0,40}\b([0-9A-Za-z]{86})\b
1925 |   - id: Signupgenius secret 
1926 |     enabled: true
1927 |     pattern: (?:signupgenius).{0,40}\b([0-9A-Za-z]{32})\b
1928 |   - id: Sigopt secret 
1929 |     enabled: true
1930 |     pattern: (?:sigopt).{0,40}\b([A-Z0-9]{48})\b
1931 |   - id: Simplesat secret 
1932 |     enabled: true
1933 |     pattern: (?:simplesat).{0,40}\b([a-z0-9]{40})
1934 |   - id: Simplynoted secret 
1935 |     enabled: true
1936 |     pattern: (?:simplynoted).{0,40}\b([a-zA-Z0-9\S]{340,360})\b
1937 |   - id: Simvoly secret 
1938 |     enabled: true
1939 |     pattern: (?:simvoly).{0,40}\b([a-z0-9]{33})\b
1940 |   - id: Sinchmessage secret 
1941 |     enabled: true
1942 |     pattern: (?:sinch).{0,40}\b([a-z0-9]{32})\b
1943 |   - id: Sirv - 1 secret 
1944 |     enabled: true
1945 |     pattern: (?:sirv).{0,40}\b([a-zA-Z0-9\S]{88})
1946 |   - id: Sirv - 2 secret 
1947 |     enabled: true
1948 |     pattern: (?:sirv).{0,40}\b([a-zA-Z0-9]{26})\b
1949 |   - id: Siteleaf secret 
1950 |     enabled: true
1951 |     pattern: (?:siteleaf).{0,40}\b([0-9Aa-z]{32})\b
1952 |   - id: Skrappio secret 
1953 |     enabled: true
1954 |     pattern: (?:skrapp).{0,40}\b([a-z0-9A-Z]{42})\b
1955 |   - id: Skybiometry secret 
1956 |     enabled: true
1957 |     pattern: (?:skybiometry).{0,40}\b([0-9a-z]{25,26})\b
1958 |   - id: Slack secret 
1959 |     enabled: true
1960 |     pattern: xox[baprs]-[0-9a-zA-Z]{10,48}
1961 |   - id: Slack Token secret 
1962 |     enabled: true
1963 |     pattern: (xox[pborsa]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})
1964 |   - id: Slack Webhook secret 
1965 |     enabled: true
1966 |     pattern: https://hooks.slack.com/services/T[a-zA-Z0-9_]{8,10}/B[a-zA-Z0-9_]{8,12}/[a-zA-Z0-9_]{23,24}
1967 |   - id: Slack access token secret 
1968 |     enabled: true
1969 |     pattern: xoxb-[0-9A-Za-z\-]{51}
1970 |   - id: Slackwebhook secret 
1971 |     enabled: true
1972 |     pattern: (https:\/\/hooks.slack.com\/services\/[A-Za-z0-9+\/]{44,46})
1973 |   - id: Smartsheets secret 
1974 |     enabled: true
1975 |     pattern: (?:smartsheets).{0,40}\b([a-zA-Z0-9]{37})\b
1976 |   - id: Smartystreets - 1 secret 
1977 |     enabled: true
1978 |     pattern: (?:smartystreets).{0,40}\b([a-zA-Z0-9]{20})\b
1979 |   - id: Smartystreets - 2 secret 
1980 |     enabled: true
1981 |     pattern: (?:smartystreets).{0,40}\b([a-z0-9-]{36})\b
1982 |   - id: Smooch - 1 secret 
1983 |     enabled: true
1984 |     pattern: (?:smooch).{0,40}\b(act_[0-9a-z]{24})\b
1985 |   - id: Smooch - 2 secret 
1986 |     enabled: true
1987 |     pattern: (?:smooch).{0,40}\b([0-9a-zA-Z_-]{86})\b
1988 |   - id: Snipcart secret 
1989 |     enabled: true
1990 |     pattern: (?:snipcart).{0,40}\b([0-9A-Za-z_]{75})\b
1991 |   - id: Snykkey secret 
1992 |     enabled: true
1993 |     pattern: (?:snyk).{0,40}\b([0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12})\b
1994 |   - id: Splunkobservabilitytoken secret 
1995 |     enabled: true
1996 |     pattern: (?:splunk).{0,40}\b([a-z0-9A-Z]{22})\b
1997 |   - id: Spoonacular secret 
1998 |     enabled: true
1999 |     pattern: (?:spoonacular).{0,40}\b([0-9a-z]{32})\b
2000 |   - id: Sportsmonk secret 
2001 |     enabled: true
2002 |     pattern: (?:sportsmonk).{0,40}\b([0-9a-zA-Z]{60})\b
2003 |   - id: Square secret 
2004 |     enabled: true
2005 |     pattern: (?:square).{0,40}(EAAA[a-zA-Z0-9\-\+\=]{60})
2006 |   - id: Square OAuth Secret secret 
2007 |     enabled: true
2008 |     pattern: sq0csp-[0-9A-Za-z\-_]{43}
2009 |   - id: Square access token secret 
2010 |     enabled: true
2011 |     pattern: sq0atp-[0-9A-Za-z\-_]{22}
2012 |   - id: Squarespace secret 
2013 |     enabled: true
2014 |     pattern: (?:squarespace).{0,40}\b([0-9Aa-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})\b
2015 |   - id: Squareup secret 
2016 |     enabled: true
2017 |     pattern: \b(sq0idp-[0-9A-Za-z]{22})\b
2018 |   - id: Sslmate secret 
2019 |     enabled: true
2020 |     pattern: (?:sslmate).{0,40}\b([a-zA-Z0-9]{36})\b
2021 |   - id: Stitchdata secret 
2022 |     enabled: true
2023 |     pattern: (?:stitchdata).{0,40}\b([0-9a-z_]{35})\b
2024 |   - id: Stockdata secret 
2025 |     enabled: true
2026 |     pattern: (?:stockdata).{0,40}\b([0-9A-Za-z]{40})\b
2027 |   - id: Storecove secret 
2028 |     enabled: true
2029 |     pattern: (?:storecove).{0,40}\b([a-zA-Z0-9_-]{43})\b
2030 |   - id: Stormglass secret 
2031 |     enabled: true
2032 |     pattern: (?:stormglass).{0,40}\b([0-9Aa-z-]{73})\b
2033 |   - id: Storyblok secret 
2034 |     enabled: true
2035 |     pattern: (?:storyblok).{0,40}\b([0-9A-Za-z]{22}t{2})\b
2036 |   - id: Storychief secret 
2037 |     enabled: true
2038 |     pattern: (?:storychief).{0,40}\b([a-zA-Z0-9_\-.]{940,1000})
2039 |   - id: Strava - 1 secret 
2040 |     enabled: true
2041 |     pattern: (?:strava).{0,40}\b([0-9]{5})\b
2042 |   - id: Strava - 2 secret 
2043 |     enabled: true
2044 |     pattern: (?:strava).{0,40}\b([0-9a-z]{40})\b
2045 |   - id: Streak secret 
2046 |     enabled: true
2047 |     pattern: (?:streak).{0,40}\b([0-9Aa-f]{32})\b
2048 |   - id: Stripe API Key - 1 secret 
2049 |     enabled: true
2050 |     pattern: sk_live_[0-9a-zA-Z]{24}
2051 |   - id: Stripe API key - 2 secret 
2052 |     enabled: true
2053 |     pattern: stripe[sr]k_live_[0-9a-zA-Z]{24}
2054 |   - id: Stripe API key - 3 secret 
2055 |     enabled: true
2056 |     pattern: stripe[sk|rk]_live_[0-9a-zA-Z]{24}
2057 |   - id: Stripe Public Live Key secret 
2058 |     enabled: true
2059 |     pattern: pk_live_[0-9a-z]{24}
2060 |   - id: Stripe Public Test Key secret 
2061 |     enabled: true
2062 |     pattern: pk_test_[0-9a-z]{24}
2063 |   - id: Stripe Restriced Key secret 
2064 |     enabled: true
2065 |     pattern: rk_(?:live|test)_[0-9a-zA-Z]{24}
2066 |   - id: Stripe Restricted API Key secret 
2067 |     enabled: true
2068 |     pattern: rk_live_[0-9a-zA-Z]{24}
2069 |   - id: Stripe Secret Key secret 
2070 |     enabled: true
2071 |     pattern: sk_(?:live|test)_[0-9a-zA-Z]{24}
2072 |   - id: Stripe Secret Live Key secret 
2073 |     enabled: true
2074 |     pattern: (sk|rk)_live_[0-9a-z]{24}
2075 |   - id: Stripe Secret Test Key secret 
2076 |     enabled: true
2077 |     pattern: (sk|rk)_test_[0-9a-z]{24}
2078 |   - id: Stytch - 1 secret 
2079 |     enabled: true
2080 |     pattern: (?:stytch).{0,40}\b([a-zA-Z0-9-_]{47}=)
2081 |   - id: Stytch - 2 secret 
2082 |     enabled: true
2083 |     pattern: (?:stytch).{0,40}\b([a-z0-9-]{49})\b
2084 |   - id: Sugester - 1 secret 
2085 |     enabled: true
2086 |     pattern: (?:sugester).{0,40}\b([a-zA-Z0-9_.!+$#^*%]{3,32})\b
2087 |   - id: Sugester - 2 secret 
2088 |     enabled: true
2089 |     pattern: (?:sugester).{0,40}\b([a-zA-Z0-9]{32})\b
2090 |   - id: Sumologickey - 1 secret 
2091 |     enabled: true
2092 |     pattern: (?:sumo).{0,40}\b([A-Za-z0-9]{14})\b
2093 |   - id: Sumologickey - 2 secret 
2094 |     enabled: true
2095 |     pattern: (?:sumo).{0,40}\b([A-Za-z0-9]{64})\b
2096 |   - id: Supernotesapi secret 
2097 |     enabled: true
2098 |     pattern: (?:supernotes).{0,40}(r\n]{0,1}[0-9A-Za-z\-_]{43}r\n]{1})
2099 |   - id: Surveybot secret 
2100 |     enabled: true
2101 |     pattern: (?:surveybot).{0,40}\b([A-Za-z0-9-]{80})\b
2102 |   - id: Surveysparrow secret 
2103 |     enabled: true
2104 |     pattern: (?:surveysparrow).{0,40}\b([a-zA-Z0-9-_]{88})\b
2105 |   - id: Survicate secret 
2106 |     enabled: true
2107 |     pattern: (?:survicate).{0,40}\b([a-z0-9]{32})\b
2108 |   - id: Swell - 2 secret 
2109 |     enabled: true
2110 |     pattern: (?:swell).{0,40}\b([a-zA-Z0-9]{32})\b
2111 |   - id: Swiftype secret 
2112 |     enabled: true
2113 |     pattern: (?:swiftype).{0,40}\b([a-zA-z-0-9]{6}\_[a-zA-z-0-9]{6}\-[a-zA-z-0-9]{6})\b
2114 |   - id: Tallyfy secret 
2115 |     enabled: true
2116 |     pattern: (?:tallyfy).{0,40}\b([0-9A-Za-z]{36}\.[0-9A-Za-z]{264}\.[0-9A-Za-z\-\_]{683})\b
2117 |   - id: Tatumio secret 
2118 |     enabled: true
2119 |     pattern: (?:tatum).{0,40}\b([0-9a-z-]{36})\b
2120 |   - id: Taxjar secret 
2121 |     enabled: true
2122 |     pattern: (?:taxjar).{0,40}\b([a-z0-9]{32})\b
2123 |   - id: Teamgate - 1 secret 
2124 |     enabled: true
2125 |     pattern: (?:teamgate).{0,40}\b([a-z0-9]{40})\b
2126 |   - id: Teamgate - 2 secret 
2127 |     enabled: true
2128 |     pattern: (?:teamgate).{0,40}\b([a-zA-Z0-9]{80})\b
2129 |   - id: Teamworkcrm secret 
2130 |     enabled: true
2131 |     pattern: (?:teamwork|teamworkcrm).{0,40}\b(tkn\.v1_[0-9A-Za-z]{71}=r\n]{1})
2132 |   - id: Teamworkdesk secret 
2133 |     enabled: true
2134 |     pattern: (?:teamwork|teamworkdesk).{0,40}\b(tkn\.v1_[0-9A-Za-z]{71}=r\n]{1})
2135 |   - id: Teamworkspaces secret 
2136 |     enabled: true
2137 |     pattern: (?:teamwork|teamworkspaces).{0,40}\b(tkn\.v1_[0-9A-Za-z]{71}=r\n]{1})
2138 |   - id: Technicalanalysisapi secret 
2139 |     enabled: true
2140 |     pattern: (?:technicalanalysisapi).{0,40}\b([A-Z0-9]{48})\b
2141 |   - id: Telegram Secret secret 
2142 |     enabled: true
2143 |     pattern: d{5,}:A[0-9a-z_-]{34,34}
2144 |   - id: Telegrambottoken secret 
2145 |     enabled: true
2146 |     pattern: (?:telegram).{0,40}\b([0-9]{8,10}:[a-zA-Z0-9_-]{35})\b
2147 |   - id: Telnyx secret 
2148 |     enabled: true
2149 |     pattern: (?:telnyx).{0,40}\b(KEY[0-9A-Za-z_-]{55})\b
2150 |   - id: Terraformcloudpersonaltoken secret 
2151 |     enabled: true
2152 |     pattern: \b([A-Za-z0-9]{14}.atlasv1.[A-Za-z0-9]{67})\b
2153 |   - id: Text2data secret 
2154 |     enabled: true
2155 |     pattern: (?:text2data).{0,40}\b([0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{4}-[0-9A-F]{12})\b
2156 |   - id: Textmagic - 1 secret 
2157 |     enabled: true
2158 |     pattern: (?:textmagic).{0,40}\b([0-9A-Za-z]{30})\b
2159 |   - id: Textmagic - 2 secret 
2160 |     enabled: true
2161 |     pattern: (?:textmagic).{0,40}\b([0-9A-Za-z]{1,25})\b
2162 |   - id: Theoddsapi secret 
2163 |     enabled: true
2164 |     pattern: (?:theoddsapi|the-odds-api).{0,40}\b([0-9a-f]{32})\b
2165 |   - id: Thinkific - 1 secret 
2166 |     enabled: true
2167 |     pattern: (?:thinkific).{0,40}\b([0-9a-f]{32})\b
2168 |   - id: Thinkific - 2 secret 
2169 |     enabled: true
2170 |     pattern: (?:thinkific).{0,40}\b([0-9A-Za-z]{4,40})\b
2171 |   - id: Thousandeyes - 1 secret 
2172 |     enabled: true
2173 |     pattern: (?:thousandeyes).{0,40}\b([a-zA-Z0-9]{32})\b
2174 |   - id: Thousandeyes - 2 secret 
2175 |     enabled: true
2176 |     pattern: (?:thousandeyes).{0,40}\b([a-zA-Z0-9]{3,20}@[a-zA-Z0-9]{2,12}.[a-zA-Z0-9]{2,5})\b
2177 |   - id: Ticketmaster secret 
2178 |     enabled: true
2179 |     pattern: (?:ticketmaster).{0,40}\b([a-zA-Z0-9]{32})\b
2180 |   - id: Tiingo secret 
2181 |     enabled: true
2182 |     pattern: (?:tiingo).{0,40}\b([0-9a-z]{40})\b
2183 |   - id: Timezoneapi secret 
2184 |     enabled: true
2185 |     pattern: (?:timezoneapi).{0,40}\b([a-zA-Z0-9]{20})\b
2186 |   - id: Tly secret 
2187 |     enabled: true
2188 |     pattern: (?:tly).{0,40}\b([0-9A-Za-z]{60})\b
2189 |   - id: Tmetric secret 
2190 |     enabled: true
2191 |     pattern: (?:tmetric).{0,40}\b([0-9A-Z]{64})\b
2192 |   - id: Todoist secret 
2193 |     enabled: true
2194 |     pattern: (?:todoist).{0,40}\b([0-9a-z]{40})\b
2195 |   - id: Toggltrack secret 
2196 |     enabled: true
2197 |     pattern: (?:toggl).{0,40}\b([0-9Aa-z]{32})\b


--------------------------------------------------------------------------------
/internal/key/key.go:
--------------------------------------------------------------------------------
  1 | package key
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"os"
  6 | 	"path/filepath"
  7 | 
  8 | 	"gopkg.in/yaml.v3"
  9 | )
 10 | 
 11 | type Rule struct {
 12 | 	Id      string `yaml:"id"`
 13 | 	Enabled bool   `yaml:"enabled"`
 14 | 	Pattern string `yaml:"pattern"`
 15 | }
 16 | 
 17 | type Rules struct {
 18 | 	Rules []Rule `yaml:"rules"`
 19 | }
 20 | 
 21 | func init() {
 22 | 	configDir := "config"
 23 | 	configFile := filepath.Join(configDir, "rule.yaml")
 24 | 
 25 | 	if _, err := os.Stat(configFile); os.IsNotExist(err) {
 26 | 		if err := os.MkdirAll(configDir, 0755); err != nil {
 27 | 			fmt.Printf("Error creating config directory: %v\n", err)
 28 | 			return
 29 | 		}
 30 | 		CreateConfigFile()
 31 | 	}
 32 | }
 33 | 
 34 | func ReadRuleFile() (*Rules, error) {
 35 | 	configFile := filepath.Join("config", "rule.yaml")
 36 | 	file, err := os.ReadFile(configFile)
 37 | 	if err != nil {
 38 | 		return nil, fmt.Errorf("error reading rule file: %v", err)
 39 | 	}
 40 | 
 41 | 	var rules Rules
 42 | 	if err := yaml.Unmarshal(file, &rules); err != nil {
 43 | 		return nil, fmt.Errorf("error unmarshalling rule file: %v", err)
 44 | 	}
 45 | 
 46 | 	return &rules, nil
 47 | }
 48 | 
 49 | func CreateConfigFile() {
 50 | 	configFile := filepath.Join("config", "rule.yaml")
 51 | 	defaultRules := Rules{
 52 | 		Rules: []Rule{
 53 | 			{Id: "domain", Enabled: false, Pattern: ""},
 54 | 			{Id: "path", Enabled: false, Pattern: ""},
 55 | 			{Id: "domain_url", Enabled: false, Pattern: ""},
 56 | 			{Id: "ip", Enabled: false, Pattern: ""},
 57 | 			{Id: "ip_url", Enabled: false, Pattern: `\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}`},
 58 | 			{Id: "email", Enabled: true, Pattern: `\b[A-Za-z0-9._\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,61}\b`},
 59 | 			{Id: "id_card", Enabled: true, Pattern: `\b([1-9]\d{5}(19|20)\d{2}((0[1-9])|(1[0-2]))(([0-2][1-9])|10|20|30|31)\d{3}[0-9Xx])\b`},
 60 | 			{Id: "phone", Enabled: true, Pattern: `\b1[3-9]\d{9}\b`},
 61 | 			{Id: "jwt_token", Enabled: true, Pattern: `eyJ[A-Za-z0-9_/+\-]{10,}={0,2}\.[A-Za-z0-9_/+\-\\]{15,}={0,2}\.[A-Za-z0-9_/+\-\\]{10,}={0,2}`},
 62 | 			{Id: "Aliyun_AK_ID", Enabled: true, Pattern: `\bLTAI[A-Za-z\d]{12,30}\b`},
 63 | 			{Id: "QCloud_AK_ID", Enabled: true, Pattern: `\bAKID[A-Za-z\d]{13,40}\b`},
 64 | 			{Id: "JDCloud_AK_ID", Enabled: true, Pattern: `\bJDC_[0-9A-Z]{25,40}\b`},
 65 | 			{Id: "AWS_AK_ID", Enabled: true, Pattern: `["''](?:A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}["'']`},
 66 | 			{Id: "VolcanoEngine_AK_ID", Enabled: true, Pattern: `\b(?:AKLT|AKTP)[a-zA-Z0-9]{35,50}\b`},
 67 | 			{Id: "Kingsoft_AK_ID", Enabled: true, Pattern: `\bAKLT[a-zA-Z0-9-_]{16,28}\b`},
 68 | 			{Id: "GCP_AK_ID", Enabled: true, Pattern: `\bAIza[0-9A-Za-z_\-]{35}\b`},
 69 | 			{Id: "secret_key", Enabled: true, Pattern: ""},
 70 | 			{Id: "bearer_token", Enabled: true, Pattern: `\b[Bb]earer\s+[a-zA-Z0-9\-=._+/\\]{20,500}\b`},
 71 | 			{Id: "basic_token", Enabled: true, Pattern: `\b[Bb]asic\s+[A-Za-z0-9+/]{18,}={0,2}\b`},
 72 | 			{Id: "auth_token", Enabled: true, Pattern: `["''\[]*[Aa]uthorization["''\]]*\s*[:=]\s*[''"]?\b(?:[Tt]oken\s+)?[a-zA-Z0-9\-_+/]{20,500}[''"]?`},
 73 | 			{Id: "private_key", Enabled: true, Pattern: `-----\s*?BEGIN[ A-Z0-9_-]*?PRIVATE KEY\s*?-----[a-zA-Z0-9\/\n\r=+]*-----\s*?END[ A-Z0-9_-]*? PRIVATE KEY\s*?-----`},
 74 | 			{Id: "gitlab_v2_token", Enabled: true, Pattern: `\b(glpat-[a-zA-Z0-9\-=_]{20,22})\b`},
 75 | 			{Id: "github_token", Enabled: true, Pattern: `\b((?:ghp|gho|ghu|ghs|ghr|github_pat)_[a-zA-Z0-9_]{36,255})\b`},
 76 | 			{Id: "qcloud_api_gateway_appkey", Enabled: true, Pattern: `\bAPID[a-zA-Z0-9]{32,42}\b`},
 77 | 			{Id: "wechat_appid", Enabled: true, Pattern: `["''](wx[a-z0-9]{15,18})["'']`},
 78 | 			{Id: "wechat_corpid", Enabled: true, Pattern: `["''](ww[a-z0-9]{15,18})["'']`},
 79 | 			{Id: "wechat_id", Enabled: true, Pattern: `["''](gh_[a-z0-9]{11,13})["'']`},
 80 | 			{Id: "password", Enabled: true, Pattern: `(?i)(?:admin_?pass|password|[a-z]{3,15}_?password|user_?pass|user_?pwd|admin_?pwd)\\?['"]*\s*[:=]\s*\\?['"][a-z0-9!@#$%&*]{5,50}\\?['"]`},
 81 | 			{Id: "wechat_webhookurl", Enabled: true, Pattern: `\bhttps://qyapi.weixin.qq.com/cgi-bin/webhook/send\?key=[a-zA-Z0-9\-]{25,50}\b`},
 82 | 			{Id: "dingtalk_webhookurl", Enabled: true, Pattern: `\bhttps://oapi.dingtalk.com/robot/send\?access_token=[a-z0-9]{50,80}\b`},
 83 | 			{Id: "feishu_webhookurl", Enabled: true, Pattern: `\bhttps://open.feishu.cn/open-apis/bot/v2/hook/[a-z0-9\-]{25,50}\b`},
 84 | 			{Id: "slack_webhookurl", Enabled: true, Pattern: `\bhttps://hooks.slack.com/services/[a-zA-Z0-9\-_]{6,12}/[a-zA-Z0-9\-_]{6,12}/[a-zA-Z0-9\-_]{15,24}\b`},
 85 | 			{Id: "grafana_api_key", Enabled: true, Pattern: `\beyJrIjoi[a-zA-Z0-9\-_+/]{50,100}={0,2}\b`},
 86 | 			{Id: "grafana_cloud_api_token", Enabled: true, Pattern: `\bglc_[A-Za-z0-9\-_+/]{32,200}={0,2}\b`},
 87 | 			{Id: "grafana_service_account_token", Enabled: true, Pattern: `\bglsa_[A-Za-z0-9]{32}_[A-Fa-f0-9]{8}\b`},
 88 | 			{Id: "app_key", Enabled: true, Pattern: `\b(?:VUE|APP|REACT)_[A-Z_0-9]{1,15}_(?:KEY|PASS|PASSWORD|TOKEN|APIKEY)['"]*[:=]"(?:[A-Za-z0-9_\-]{15,50}|[a-z0-9/+]{50,100}==?)"`},
 89 | 			{Id: "腾讯文档", Enabled: true, Pattern: `\bhttps://docs.qq.com/[a-z0-9\-]*/+[a-zA-Z0-9\-_]*`},
 90 | 		},
 91 | 	}
 92 | 
 93 | 	data, err := yaml.Marshal(&defaultRules)
 94 | 	if err != nil {
 95 | 		fmt.Printf("Error marshalling default rules: %v\n", err)
 96 | 		return
 97 | 	}
 98 | 
 99 | 	if err := os.WriteFile(configFile, data, 0755); err != nil {
100 | 		fmt.Printf("Error writing default rule file: %v\n", err)
101 | 	}
102 | }
103 | 


--------------------------------------------------------------------------------
/internal/key/match.go:
--------------------------------------------------------------------------------
 1 | package key
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"github.com/Ackites/KillWxapkg/api"
 6 | 	"regexp"
 7 | 	"strings"
 8 | 	"sync"
 9 | )
10 | 
11 | var (
12 | 	rulesInstance *Rules
13 | 	once          sync.Once
14 | 	jsonMutex     sync.Mutex
15 | )
16 | 
17 | func getRulesInstance() (*Rules, error) {
18 | 	var err error
19 | 	once.Do(func() {
20 | 		rulesInstance, err = ReadRuleFile()
21 | 	})
22 | 	return rulesInstance, err
23 | }
24 | 
25 | func MatchRules(input string) error {
26 | 	rules, err := getRulesInstance()
27 | 	if err != nil {
28 | 		return fmt.Errorf("%v", err)
29 | 	}
30 | 
31 | 	for _, rule := range rules.Rules {
32 | 		if rule.Enabled {
33 | 			re, err := regexp.Compile(rule.Pattern)
34 | 			if err != nil {
35 | 				return fmt.Errorf("failed to compile regex for rule %s: %v", rule.Id, err)
36 | 			}
37 | 			matches := re.FindAllStringSubmatch(input, -1)
38 | 			for _, match := range matches {
39 | 				if len(match) > 0 {
40 | 					if strings.TrimSpace(match[0]) == "" {
41 | 						continue
42 | 					}
43 | 					err := api.LogHtml(rule.Id + ":" + match[0])
44 | 					if err != nil {
45 | 						return fmt.Errorf("failed to append to JSON: %v", err)
46 | 					}
47 | 				}
48 | 			}
49 | 		}
50 | 	}
51 | 
52 | 	return nil
53 | }
54 | 


--------------------------------------------------------------------------------
/internal/pack/pack.go:
--------------------------------------------------------------------------------
  1 | package pack
  2 | 
  3 | import (
  4 | 	"encoding/binary"
  5 | 	"fmt"
  6 | 	"io"
  7 | 	"log"
  8 | 	"os"
  9 | 	"path/filepath"
 10 | 	"strings"
 11 | 
 12 | 	"github.com/fsnotify/fsnotify"
 13 | )
 14 | 
 15 | func Repack(path string, watch bool, outputDir string) {
 16 | 	// 过滤空白字符
 17 | 	path = strings.TrimSpace(path)
 18 | 	outputDir = strings.TrimSpace(outputDir)
 19 | 
 20 | 	// 如果是目录，则打包目录
 21 | 	if fileInfo, err := os.Stat(path); err != nil || !fileInfo.IsDir() {
 22 | 		log.Printf("错误: %s 不是一个有效的目录\n", path)
 23 | 		return
 24 | 	}
 25 | 
 26 | 	// 打包目录
 27 | 	err := packWxapkg(path, outputDir)
 28 | 	if err != nil {
 29 | 		log.Printf("错误: %v\n", err)
 30 | 		return
 31 | 	}
 32 | 
 33 | 	if watch {
 34 | 		watchDir(path, outputDir)
 35 | 	}
 36 | 
 37 | 	return
 38 | }
 39 | 
 40 | type WxapkgFile struct {
 41 | 	NameLen uint32
 42 | 	Name    string
 43 | 	Offset  uint32
 44 | 	Size    uint32
 45 | }
 46 | 
 47 | // 打包文件到 wxapkg 格式
 48 | func packWxapkg(inputDir string, outputDir string) error {
 49 | 	var files []WxapkgFile
 50 | 	var totalSize uint32
 51 | 
 52 | 	// 检查 outputDir 是否存在及其类型
 53 | 	outputInfo, err := os.Stat(outputDir)
 54 | 	outputFile := ""
 55 | 	if err != nil {
 56 | 		if os.IsNotExist(err) {
 57 | 			// 如果 outputDir 不存在，假设它是一个文件路径或一个需要创建的目录
 58 | 			if filepath.Ext(outputDir) == "" {
 59 | 				// 创建目录
 60 | 				if err := os.MkdirAll(outputDir, 0755); err != nil {
 61 | 					return fmt.Errorf("无法创建输出目录: %w", err)
 62 | 				}
 63 | 				outputFile = filepath.Join(outputDir, "output.wxapkg")
 64 | 			} else {
 65 | 				outputFile = outputDir
 66 | 			}
 67 | 		} else {
 68 | 			return fmt.Errorf("无法访问输出目录: %w", err)
 69 | 		}
 70 | 	} else {
 71 | 		if outputInfo.IsDir() {
 72 | 			outputFile = filepath.Join(outputDir, "output.wxapkg")
 73 | 		} else {
 74 | 			outputFile = outputDir
 75 | 		}
 76 | 	}
 77 | 
 78 | 	// 计算文件列表
 79 | 	err = filepath.Walk(inputDir, func(path string, info os.FileInfo, err error) error {
 80 | 		if err != nil {
 81 | 			return err
 82 | 		}
 83 | 
 84 | 		// 排除目录
 85 | 		if info.IsDir() {
 86 | 			return nil
 87 | 		}
 88 | 
 89 | 		// 排除 .wxapkg 文件
 90 | 		if filepath.Ext(path) == ".wxapkg" {
 91 | 			return nil
 92 | 		}
 93 | 
 94 | 		relPath, _ := filepath.Rel(inputDir, path)
 95 | 		relPath = "/" + filepath.ToSlash(relPath) // 确保路径以 '/' 开头，并且使用 Unix 风格的路径分隔符
 96 | 		size := uint32(info.Size())
 97 | 
 98 | 		files = append(files, WxapkgFile{
 99 | 			NameLen: uint32(len(relPath)),
100 | 			Name:    relPath,
101 | 			Offset:  totalSize, // 预计算文件偏移量
102 | 			Size:    size,
103 | 		})
104 | 
105 | 		totalSize += size
106 | 		return nil
107 | 	})
108 | 	if err != nil {
109 | 		return fmt.Errorf("计算文件列表失败: %w", err)
110 | 	}
111 | 
112 | 	// 创建输出文件
113 | 	outFile, err := os.Create(outputFile)
114 | 	if err != nil {
115 | 		return fmt.Errorf("创建输出文件失败: %w", err)
116 | 	}
117 | 	defer func(outFile *os.File) {
118 | 		err := outFile.Close()
119 | 		if err != nil {
120 | 			log.Printf("关闭输出文件失败: %v\n", err)
121 | 		}
122 | 	}(outFile)
123 | 
124 | 	// 写入文件头
125 | 	if err := binary.Write(outFile, binary.BigEndian, byte(0xBE)); err != nil {
126 | 		return fmt.Errorf("写入文件头标记失败: %w", err)
127 | 	}
128 | 
129 | 	info1 := uint32(0) // 示例值
130 | 	if err := binary.Write(outFile, binary.BigEndian, info1); err != nil {
131 | 		return fmt.Errorf("写入 info1 失败: %w", err)
132 | 	}
133 | 
134 | 	// 计算索引段长度，包含每个文件的元数据长度和文件名长度
135 | 	var indexInfoLength uint32
136 | 	for _, file := range files {
137 | 		indexInfoLength += 4 + uint32(len(file.Name)) + 4 + 4 // NameLen + Name + Offset + Size
138 | 	}
139 | 
140 | 	if err := binary.Write(outFile, binary.BigEndian, indexInfoLength); err != nil {
141 | 		return fmt.Errorf("写入索引段长度失败: %w", err)
142 | 	}
143 | 
144 | 	bodyInfoLength := totalSize
145 | 	if err := binary.Write(outFile, binary.BigEndian, bodyInfoLength); err != nil {
146 | 		return fmt.Errorf("写入数据段长度失败: %w", err)
147 | 	}
148 | 
149 | 	if err := binary.Write(outFile, binary.BigEndian, byte(0xED)); err != nil {
150 | 		return fmt.Errorf("写入文件尾标记失败: %w", err)
151 | 	}
152 | 
153 | 	// 写入文件数量
154 | 	fileCount := uint32(len(files))
155 | 	if err := binary.Write(outFile, binary.BigEndian, fileCount); err != nil {
156 | 		return fmt.Errorf("写入文件数量失败: %w", err)
157 | 	}
158 | 
159 | 	// 写入索引段
160 | 	for _, file := range files {
161 | 		if err := binary.Write(outFile, binary.BigEndian, file.NameLen); err != nil {
162 | 			return fmt.Errorf("写入文件名长度失败: %w", err)
163 | 		}
164 | 		if _, err := outFile.Write([]byte(file.Name)); err != nil {
165 | 			return fmt.Errorf("写入文件名失败: %w", err)
166 | 		}
167 | 		// 加上 18 字节文件头长度和索引段长度
168 | 		if err := binary.Write(outFile, binary.BigEndian, file.Offset+indexInfoLength+18); err != nil {
169 | 			return fmt.Errorf("写入文件偏移量失败: %w", err)
170 | 		}
171 | 		if err := binary.Write(outFile, binary.BigEndian, file.Size); err != nil {
172 | 			return fmt.Errorf("写入文件大小失败: %w", err)
173 | 		}
174 | 	}
175 | 
176 | 	// 写入数据段
177 | 	for _, file := range files {
178 | 		func() {
179 | 			f, err := os.Open(filepath.Join(inputDir, file.Name[1:])) // 去掉路径开头的 '/' 以正确打开文件
180 | 			if err != nil {
181 | 				log.Printf("打开文件失败: %v\n", err)
182 | 				return
183 | 			}
184 | 			defer func(f *os.File) {
185 | 				err := f.Close()
186 | 				if err != nil {
187 | 					log.Printf("关闭文件失败: %v\n", err)
188 | 				}
189 | 			}(f)
190 | 
191 | 			if _, err = io.Copy(outFile, f); err != nil {
192 | 				log.Printf("写入文件内容失败: %v\n", err)
193 | 			}
194 | 		}()
195 | 	}
196 | 
197 | 	return nil
198 | }
199 | 
200 | func watchDir(inputDir string, outputDir string) {
201 | 	watcher, err := fsnotify.NewWatcher()
202 | 	if err != nil {
203 | 		log.Println("ERROR: ", err)
204 | 		return
205 | 	}
206 | 	defer func(watcher *fsnotify.Watcher) {
207 | 		err := watcher.Close()
208 | 		if err != nil {
209 | 			log.Println("ERROR: ", err)
210 | 		}
211 | 	}(watcher)
212 | 
213 | 	done := make(chan bool)
214 | 	go func() {
215 | 		for {
216 | 			select {
217 | 			case event := <-watcher.Events:
218 | 				if event.Op&fsnotify.Write == fsnotify.Write || event.Op&fsnotify.Create == fsnotify.Create || event.Op&fsnotify.Remove == fsnotify.Remove {
219 | 					log.Println("检测到文件变化: ", event.Name)
220 | 					if err := packWxapkg(inputDir, outputDir); err != nil {
221 | 						log.Println("打包失败: ", err)
222 | 					} else {
223 | 						log.Println("打包成功")
224 | 					}
225 | 				}
226 | 			case err := <-watcher.Errors:
227 | 				log.Println("ERROR: ", err)
228 | 			}
229 | 		}
230 | 	}()
231 | 
232 | 	err = watcher.Add(inputDir)
233 | 	if err != nil {
234 | 		log.Println("ERROR: ", err)
235 | 	}
236 | 	<-done
237 | }
238 | 


--------------------------------------------------------------------------------
/internal/restore/decompiler.go:
--------------------------------------------------------------------------------
  1 | package restore
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"log"
  6 | 	"path/filepath"
  7 | 
  8 | 	"github.com/Ackites/KillWxapkg/internal/unpack"
  9 | 
 10 | 	"github.com/Ackites/KillWxapkg/internal/util"
 11 | 
 12 | 	"github.com/Ackites/KillWxapkg/internal/config"
 13 | 	"github.com/Ackites/KillWxapkg/internal/enum"
 14 | )
 15 | 
 16 | type WxapkgDecompiler struct {
 17 | }
 18 | 
 19 | func isParserV1(wxapkg *config.WxapkgInfo) bool {
 20 | 	switch wxapkg.WxapkgType {
 21 | 	case enum.App_V1, enum.App_V2, enum.APP_SUBPACKAGE_V1:
 22 | 		return true
 23 | 	default:
 24 | 		return false
 25 | 	}
 26 | }
 27 | 
 28 | func isParserV2(wxapkg *config.WxapkgInfo) bool {
 29 | 	switch wxapkg.WxapkgType {
 30 | 	case enum.App_V3, enum.App_V4, enum.APP_SUBPACKAGE_V2, enum.APP_PLUGIN_V1:
 31 | 		return true
 32 | 	default:
 33 | 		return false
 34 | 	}
 35 | }
 36 | 
 37 | // IsMainPackage 是否主包
 38 | func IsMainPackage(wxapkg *config.WxapkgInfo) bool {
 39 | 	switch wxapkg.WxapkgType {
 40 | 	case enum.App_V1, enum.App_V2, enum.App_V3, enum.App_V4, enum.GAME:
 41 | 		return true
 42 | 	default:
 43 | 		return false
 44 | 	}
 45 | }
 46 | 
 47 | // IsSubpackage 是否分包
 48 | func IsSubpackage(wxapkg *config.WxapkgInfo) bool {
 49 | 	switch wxapkg.WxapkgType {
 50 | 	case enum.APP_SUBPACKAGE_V1, enum.APP_SUBPACKAGE_V2, enum.GAME_SUBPACKAGE:
 51 | 		return true
 52 | 	default:
 53 | 		return false
 54 | 	}
 55 | }
 56 | 
 57 | // 是否小程序插件
 58 | func isAppPlugin(wxapkg *config.WxapkgInfo) bool {
 59 | 	switch wxapkg.WxapkgType {
 60 | 	case enum.APP_PLUGIN_V1:
 61 | 		return true
 62 | 	default:
 63 | 		return false
 64 | 	}
 65 | 
 66 | }
 67 | 
 68 | // 是否游戏插件
 69 | func isGamePlugin(wxapkg *config.WxapkgInfo) bool {
 70 | 	switch wxapkg.WxapkgType {
 71 | 	case enum.GAME_PLUGIN:
 72 | 		return true
 73 | 	default:
 74 | 		return false
 75 | 	}
 76 | }
 77 | 
 78 | // 是否插件
 79 | func isPlugin(wxapkg *config.WxapkgInfo) bool {
 80 | 	return isAppPlugin(wxapkg) || isGamePlugin(wxapkg)
 81 | }
 82 | 
 83 | // OutputDir 输出目录
 84 | var OutputDir string
 85 | 
 86 | func (d *WxapkgDecompiler) Decompile(outputDir string) {
 87 | 	// 设置输出目录
 88 | 	OutputDir = outputDir
 89 | 
 90 | 	wxapkgManager := config.GetWxapkgManager()
 91 | 	for _, wxapkg := range wxapkgManager.Packages {
 92 | 		log.Println(wxapkg.WxapkgType)
 93 | 		switch wxapkg.WxapkgType {
 94 | 		case enum.App_V1, enum.App_V4:
 95 | 			wxapkg.Option = &config.WxapkgOption{
 96 | 				ViewSource:   filepath.Join(wxapkg.SourcePath, enum.PageFrameHtml),
 97 | 				SetAppConfig: true,
 98 | 			}
 99 | 			setApp(wxapkg)
100 | 		case enum.App_V2, enum.App_V3:
101 | 			wxapkg.Option = &config.WxapkgOption{
102 | 				SetAppConfig: true,
103 | 			}
104 | 			setApp(wxapkg)
105 | 		case enum.APP_SUBPACKAGE_V1, enum.APP_SUBPACKAGE_V2:
106 | 			wxapkg.Option = &config.WxapkgOption{
107 | 				ViewSource:   filepath.Join(wxapkg.SourcePath, enum.Page_Frame),
108 | 				SetAppConfig: false,
109 | 			}
110 | 			setApp(wxapkg)
111 | 		case enum.APP_PLUGIN_V1:
112 | 			wxapkg.Option = &config.WxapkgOption{
113 | 				ViewSource:    filepath.Join(wxapkg.SourcePath, enum.PageFrame),
114 | 				ServiceSource: filepath.Join(wxapkg.SourcePath, enum.AppService),
115 | 				SetAppConfig:  false,
116 | 			}
117 | 			setApp(wxapkg)
118 | 		case enum.GAME:
119 | 		case enum.GAME_SUBPACKAGE:
120 | 		case enum.GAME_PLUGIN:
121 | 		}
122 | 	}
123 | }
124 | 
125 | func setApp(wxapkg *config.WxapkgInfo) {
126 | 	// 如果未解压，则不进行解析
127 | 	if !wxapkg.IsExtracted {
128 | 		return
129 | 	}
130 | 
131 | 	if wxapkg.Option == nil {
132 | 		wxapkg.Option = &config.WxapkgOption{}
133 | 	}
134 | 
135 | 	if wxapkg.Option.ServiceSource == "" {
136 | 		wxapkg.Option.ServiceSource = filepath.Join(wxapkg.SourcePath, enum.App_Service)
137 | 	}
138 | 
139 | 	if wxapkg.Option.ViewSource == "" {
140 | 		wxapkg.Option.ViewSource = filepath.Join(wxapkg.SourcePath, enum.AppWxss)
141 | 	}
142 | 
143 | 	wccVersion := util.GetWccVersion(wxapkg.Option.ViewSource)
144 | 	if wccVersion != "" {
145 | 		log.Printf(fmt.Sprintf("The package %s wcc version is: [%s]", wxapkg.SourcePath, wccVersion))
146 | 	}
147 | 
148 | 	if wxapkg.Option.SetAppConfig {
149 | 		if wxapkg.Option.AppConfigSource == "" {
150 | 			wxapkg.Option.AppConfigSource = filepath.Join(wxapkg.SourcePath, enum.App_Config)
151 | 		}
152 | 		wxapkg.Parsers = append(wxapkg.Parsers, &unpack.ConfigParser{})
153 | 	}
154 | 
155 | 	wxapkg.Parsers = append(wxapkg.Parsers, &unpack.JavaScriptParser{OutputDir: OutputDir})
156 | 	wxapkg.Parsers = append(wxapkg.Parsers, &unpack.XssParser{OutputDir: OutputDir})
157 | 	if isParserV1(wxapkg) {
158 | 		wxapkg.Parsers = append(wxapkg.Parsers, &unpack.XmlParser{OutputDir: OutputDir, Version: "v1"})
159 | 	} else if isParserV2(wxapkg) {
160 | 		wxapkg.Parsers = append(wxapkg.Parsers, &unpack.XmlParser{OutputDir: OutputDir, Version: "v2"})
161 | 	}
162 | 
163 | 	// 清除无用文件
164 | 	cleanApp(wxapkg.SourcePath)
165 | }
166 | 
167 | func cleanApp(path string) {
168 | 	// 创建文件删除管理器
169 | 	manager := config.NewFileDeletionManager()
170 | 
171 | 	// 删除相关的JS文件, unlinks
172 | 	unlinks := []string{
173 | 		//".appservice.js",
174 | 		"appservice.js",
175 | 		"app-config.json",
176 | 		"app-service.js",
177 | 		"app-wxss.js",
178 | 		"appservice.app.js",
179 | 		"common.app.js",
180 | 		"page-frame.js",
181 | 		"page-frame.html",
182 | 		"pageframe.js",
183 | 		"webview.app.js",
184 | 		"subContext.js",
185 | 		"plugin.js",
186 | 	}
187 | 
188 | 	for _, unlink := range unlinks {
189 | 		manager.AddFile(filepath.Join(path, unlink))
190 | 	}
191 | }
192 | 


--------------------------------------------------------------------------------
/internal/restore/parser.go:
--------------------------------------------------------------------------------
 1 | package restore
 2 | 
 3 | import (
 4 | 	"log"
 5 | 	"sync"
 6 | 
 7 | 	"github.com/Ackites/KillWxapkg/internal/config"
 8 | )
 9 | 
10 | type CommandExecutor struct {
11 | 	manager *config.WxapkgManager
12 | }
13 | 
14 | func NewCommandExecutor(manager *config.WxapkgManager) *CommandExecutor {
15 | 	return &CommandExecutor{manager: manager}
16 | }
17 | 
18 | func (executor *CommandExecutor) ExecuteAll() {
19 | 	var wg sync.WaitGroup
20 | 	errCh := make(chan error, len(executor.manager.Packages))
21 | 
22 | 	for _, wxapkg := range executor.manager.Packages {
23 | 		for _, parser := range wxapkg.Parsers {
24 | 			wg.Add(1)
25 | 			go func(wxapkg *config.WxapkgInfo, parser config.Parser) {
26 | 				defer wg.Done()
27 | 				if err := parser.Parse(*wxapkg); err != nil {
28 | 					errCh <- err
29 | 				}
30 | 			}(wxapkg, parser)
31 | 		}
32 | 	}
33 | 
34 | 	// 等待所有任务完成, 关闭错误通道
35 | 	go func() {
36 | 		wg.Wait()
37 | 		close(errCh)
38 | 	}()
39 | 
40 | 	for err := range errCh {
41 | 		if err != nil {
42 | 			log.Printf("%v", err)
43 | 		}
44 | 	}
45 | }
46 | 


--------------------------------------------------------------------------------
/internal/restore/restore.go:
--------------------------------------------------------------------------------
 1 | package restore
 2 | 
 3 | import (
 4 | 	"encoding/json"
 5 | 	"os"
 6 | 	"path/filepath"
 7 | 	"strings"
 8 | 
 9 | 	"github.com/Ackites/KillWxapkg/internal/enum"
10 | 
11 | 	"github.com/Ackites/KillWxapkg/internal/config"
12 | 	"github.com/Ackites/KillWxapkg/internal/unpack"
13 | )
14 | 
15 | // fixSubpackageDir 修正子包目录
16 | func fixSubpackageDir(wxapkg *config.WxapkgInfo, outputDir string) string {
17 | 	var e struct {
18 | 		SubPackages []unpack.SubPackage `json:"subPackages"`
19 | 	}
20 | 	content, _ := os.ReadFile(filepath.Join(outputDir, enum.App_Config))
21 | 	_ = json.Unmarshal(content, &e)
22 | 
23 | 	for _, subPackage := range e.SubPackages {
24 | 		root := subPackage.Root
25 | 		if !strings.HasPrefix(root, "/") {
26 | 			root = "/" + root
27 | 		}
28 | 		if strings.HasPrefix(wxapkg.SourcePath, root) {
29 | 			return filepath.Join(outputDir, root)
30 | 		}
31 | 	}
32 | 
33 | 	return ""
34 | }
35 | 
36 | // ProjectStructure 是否还原工程目录结构
37 | func ProjectStructure(outputDir string, restoreDir bool) {
38 | 	if !restoreDir {
39 | 		return
40 | 	}
41 | 
42 | 	configManager := config.NewSharedConfigManager()
43 | 
44 | 	// 创建文件删除管理器
45 | 	manager := config.NewFileDeletionManager()
46 | 
47 | 	defer func() {
48 | 		if noClean, ok := configManager.Get("noClean"); ok {
49 | 			if !noClean.(bool) {
50 | 				// 执行删除文件操作
51 | 				manager.DeleteFiles()
52 | 			}
53 | 		}
54 | 	}()
55 | 
56 | 	// 包管理器
57 | 	wxakpgManager := config.GetWxapkgManager()
58 | 
59 | 	// 修正子包目录
60 | 	for _, wxapkg := range wxakpgManager.Packages {
61 | 		if IsSubpackage(wxapkg) {
62 | 			wxapkg.SourcePath = fixSubpackageDir(wxapkg, outputDir)
63 | 		}
64 | 	}
65 | 
66 | 	// 反编译
67 | 	decompiler := new(WxapkgDecompiler)
68 | 	// 执行反编译操作
69 | 	decompiler.Decompile(outputDir)
70 | 
71 | 	// 创建命令执行器, 执行解析器
72 | 	executor := NewCommandExecutor(wxakpgManager)
73 | 	executor.ExecuteAll()
74 | }
75 | 


--------------------------------------------------------------------------------
/internal/unpack/uconfig.go:
--------------------------------------------------------------------------------
  1 | package unpack
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"crypto/md5"
  6 | 	"encoding/json"
  7 | 	"fmt"
  8 | 	"log"
  9 | 	"os"
 10 | 	"path/filepath"
 11 | 	"regexp"
 12 | 	"strings"
 13 | 
 14 | 	"github.com/Ackites/KillWxapkg/internal/enum"
 15 | 
 16 | 	"github.com/Ackites/KillWxapkg/internal/config"
 17 | 
 18 | 	"github.com/dop251/goja"
 19 | )
 20 | 
 21 | // ConfigParser 具体的配置文件解析器
 22 | type ConfigParser struct {
 23 | 	OutputDir string
 24 | }
 25 | 
 26 | // PageConfig 存储页面配置
 27 | type PageConfig struct {
 28 | 	Window map[string]interface{} `json:"window,omitempty"`
 29 | }
 30 | 
 31 | // AppConfig 存储应用配置
 32 | type AppConfig struct {
 33 | 	Pages                          []string               `json:"pages"`
 34 | 	Window                         map[string]interface{} `json:"window,omitempty"`
 35 | 	TabBar                         map[string]interface{} `json:"tabBar,omitempty"`
 36 | 	NetworkTimeout                 map[string]interface{} `json:"networkTimeout,omitempty"`
 37 | 	SubPackages                    []SubPackage           `json:"subPackages,omitempty"`
 38 | 	NavigateToMiniProgramAppIdList []string               `json:"navigateToMiniProgramAppIdList,omitempty"`
 39 | 	Workers                        string                 `json:"workers,omitempty"`
 40 | 	Debug                          bool                   `json:"debug,omitempty"`
 41 | }
 42 | 
 43 | // SubPackage 存储子包配置
 44 | type SubPackage struct {
 45 | 	Root  string   `json:"root"`
 46 | 	Pages []string `json:"pages"`
 47 | }
 48 | 
 49 | // changeExt 更改文件扩展名
 50 | func changeExt(filename, newExt string) string {
 51 | 	ext := filepath.Ext(filename)
 52 | 	return filename[:len(filename)-len(ext)] + newExt
 53 | }
 54 | 
 55 | // save 保存内容到文件
 56 | func save(filename string, content []byte) error {
 57 | 	// 处理文件路径
 58 | 	filename = filepath.ToSlash(filename)
 59 | 	if idx := strings.Index(filename, ":"); idx != -1 {
 60 | 		filename = filename[:idx+1] + strings.ReplaceAll(filename[idx+1:], ":", "")
 61 | 	}
 62 | 
 63 | 	// 判断目录是否存在
 64 | 	dir := filepath.Dir(filename)
 65 | 	if _, err := os.Stat(dir); os.IsNotExist(err) {
 66 | 		err := os.MkdirAll(dir, 0755)
 67 | 		if err != nil {
 68 | 			return fmt.Errorf("unable to create directory %s: %v", dir, err)
 69 | 		}
 70 | 	}
 71 | 	err := os.WriteFile(filename, content, 0755)
 72 | 	if err != nil {
 73 | 		return fmt.Errorf("unable to save file %s: %v", filename, err)
 74 | 	}
 75 | 	return nil
 76 | }
 77 | 
 78 | // Parse 解析和处理配置文件
 79 | func (p *ConfigParser) Parse(option config.WxapkgInfo) error {
 80 | 	dir := filepath.Dir(option.Option.AppConfigSource)
 81 | 	content, err := os.ReadFile(option.Option.AppConfigSource)
 82 | 	if err != nil {
 83 | 		return err
 84 | 	}
 85 | 
 86 | 	// 定义结构体以解析 JSON 内容
 87 | 	var e struct {
 88 | 		Pages                          []string               `json:"pages"`
 89 | 		EntryPagePath                  string                 `json:"entryPagePath"`
 90 | 		Global                         map[string]interface{} `json:"global"`
 91 | 		TabBar                         map[string]interface{} `json:"tabBar"`
 92 | 		NetworkTimeout                 map[string]interface{} `json:"networkTimeout"`
 93 | 		SubPackages                    []SubPackage           `json:"subPackages"`
 94 | 		NavigateToMiniProgramAppIdList []string               `json:"navigateToMiniProgramAppIdList"`
 95 | 		ExtAppid                       string                 `json:"extAppid"`
 96 | 		Ext                            map[string]interface{} `json:"ext"`
 97 | 		Debug                          bool                   `json:"debug"`
 98 | 		Page                           map[string]PageConfig  `json:"page"`
 99 | 	}
100 | 
101 | 	err = json.Unmarshal(content, &e)
102 | 	if err != nil {
103 | 		return err
104 | 	}
105 | 
106 | 	// 处理页面路径，将 entryPagePath 放在首位
107 | 	k := e.Pages
108 | 	entryIndex := indexOf(k, changeExt(e.EntryPagePath, ""))
109 | 	k = append(k[:entryIndex], k[entryIndex+1:]...)
110 | 	k = append([]string{changeExt(e.EntryPagePath, "")}, k...)
111 | 
112 | 	// 构建应用配置
113 | 	app := AppConfig{
114 | 		Pages:          k,
115 | 		Window:         e.Global["window"].(map[string]interface{}),
116 | 		TabBar:         e.TabBar,
117 | 		NetworkTimeout: e.NetworkTimeout,
118 | 	}
119 | 
120 | 	// 处理子包
121 | 	if len(e.SubPackages) > 0 {
122 | 		var subPackages []SubPackage
123 | 		for _, subPackage := range e.SubPackages {
124 | 			root := subPackage.Root
125 | 			if !strings.HasSuffix(root, "/") {
126 | 				root += "/"
127 | 			}
128 | 			root = strings.TrimPrefix(root, "/")
129 | 
130 | 			var newPages []string
131 | 			for i := 0; i < len(app.Pages); {
132 | 				page := app.Pages[i]
133 | 				if strings.HasPrefix(page, root) {
134 | 					newPage := strings.TrimPrefix(page, root)
135 | 					newPages = append(newPages, newPage)
136 | 					app.Pages = append(app.Pages[:i], app.Pages[i+1:]...)
137 | 				} else {
138 | 					i++
139 | 				}
140 | 			}
141 | 
142 | 			// 去除重复的页面
143 | 			pageSet := make(map[string]struct{})
144 | 			var uniquePages []string
145 | 			for _, page := range newPages {
146 | 				if _, exists := pageSet[page]; !exists {
147 | 					pageSet[page] = struct{}{}
148 | 					uniquePages = append(uniquePages, page)
149 | 				}
150 | 			}
151 | 			newPages = uniquePages
152 | 
153 | 			subPackage.Root = root
154 | 			if len(newPages) == 0 {
155 | 				subPackage.Pages = []string{}
156 | 			} else {
157 | 				subPackage.Pages = newPages
158 | 			}
159 | 			subPackages = append(subPackages, subPackage)
160 | 		}
161 | 		app.SubPackages = subPackages
162 | 		fmt.Printf("=======================================================\n这个小程序采用了分包\n子包个数为: %d\n=======================================================\n", len(app.SubPackages))
163 | 	}
164 | 
165 | 	// 处理 navigateToMiniProgramAppIdList
166 | 	if len(e.NavigateToMiniProgramAppIdList) > 0 {
167 | 		app.NavigateToMiniProgramAppIdList = e.NavigateToMiniProgramAppIdList
168 | 	}
169 | 
170 | 	// 处理 extAppid
171 | 	if len(e.ExtAppid) > 0 {
172 | 		extContent, _ := json.MarshalIndent(map[string]interface{}{
173 | 			"extEnable": true,
174 | 			"extAppid":  e.ExtAppid,
175 | 			"ext":       e.Ext,
176 | 		}, "", "    ")
177 | 		err := save(filepath.Join(dir, "ext.json"), extContent)
178 | 		if err != nil {
179 | 			return err
180 | 		}
181 | 	}
182 | 
183 | 	// 处理调试模式
184 | 	if e.Debug {
185 | 		app.Debug = e.Debug
186 | 	}
187 | 
188 | 	// 处理页面中的组件路径
189 | 	cur := "./file"
190 | 	for a, page := range e.Page {
191 | 		if page.Window != nil && page.Window["usingComponents"] != nil {
192 | 			for _, componentPath := range page.Window["usingComponents"].(map[string]interface{}) {
193 | 				componentPath := componentPath.(string) + ".html"
194 | 				file := componentPath
195 | 				if filepath.IsAbs(componentPath) {
196 | 					file = componentPath[1:]
197 | 				} else {
198 | 					file = toDir(filepath.Join(filepath.Dir(a), componentPath), cur)
199 | 				}
200 | 				if _, ok := e.Page[file]; !ok {
201 | 					e.Page[file] = PageConfig{}
202 | 				}
203 | 				if e.Page[file].Window == nil {
204 | 					e.Page[file] = PageConfig{Window: map[string]interface{}{"component": true}}
205 | 				}
206 | 			}
207 | 		}
208 | 	}
209 | 
210 | 	// 处理 app-service.js 文件, 主包及子包
211 | 	if fileExists(filepath.Join(dir, enum.App_Service)) {
212 | 		serviceContent, _ := os.ReadFile(filepath.Join(dir, enum.App_Service))
213 | 		matches := findMatches(`__wxAppCode__\['[^']+\.json'\]\s*=\s*({[^;]*});`, string(serviceContent))
214 | 		if len(matches) > 0 {
215 | 			attachInfo := make(map[string]interface{})
216 | 			vm := goja.New()
217 | 			err = vm.Set("__wxAppCode__", attachInfo)
218 | 			if err != nil {
219 | 				return err
220 | 			}
221 | 			_, err = vm.RunString(strings.Join(matches, ""))
222 | 			if err != nil {
223 | 				return err
224 | 			}
225 | 			for name, info := range attachInfo {
226 | 				e.Page[changeExt(name, ".html")] = PageConfig{Window: info.(map[string]interface{})}
227 | 			}
228 | 		}
229 | 
230 | 		// 子包配置 app-service.js
231 | 		for _, subPackage := range app.SubPackages {
232 | 			root := subPackage.Root
233 | 			subServiceFile := filepath.Join(dir, root, enum.App_Service)
234 | 			if !fileExists(subServiceFile) {
235 | 				continue
236 | 			}
237 | 			serviceContent, _ = os.ReadFile(subServiceFile)
238 | 			matches = findMatches(`__wxAppCode__\['[^']+\.json'\]\s*=\s*({[^;]*});`, string(serviceContent))
239 | 			if len(matches) > 0 {
240 | 				attachInfo := make(map[string]interface{})
241 | 				vm := goja.New()
242 | 				err := vm.Set("__wxAppCode__", attachInfo)
243 | 				if err != nil {
244 | 					return err
245 | 				}
246 | 				_, err = vm.RunString(strings.Join(matches, ""))
247 | 				if err != nil {
248 | 					return err
249 | 				}
250 | 				for name, info := range attachInfo {
251 | 					e.Page[changeExt(name, ".html")] = PageConfig{Window: info.(map[string]interface{})}
252 | 				}
253 | 			}
254 | 		}
255 | 	}
256 | 
257 | 	// 保存页面 JSON 文件
258 | 	for a := range e.Page {
259 | 		aFile := changeExt(a, ".json")
260 | 		fileName := filepath.Join(dir, aFile)
261 | 		if aFile != "app.json" {
262 | 			windowContent, _ := json.MarshalIndent(e.Page[a].Window, "", "    ")
263 | 			err = save(fileName, windowContent)
264 | 			if err != nil {
265 | 				log.Printf("Error saving file %s: %v\n", fileName, err)
266 | 			}
267 | 		}
268 | 	}
269 | 
270 | 	// 处理子包中的文件
271 | 	if len(app.SubPackages) > 0 {
272 | 		for _, subPackage := range app.SubPackages {
273 | 			for _, item := range subPackage.Pages {
274 | 				a := subPackage.Root + item + ".xx"
275 | 				err := save(filepath.Join(dir, changeExt(a, ".js")), []byte("// "+changeExt(a, ".js")+"\nPage({data: {}})"))
276 | 				if err != nil {
277 | 					return err
278 | 				}
279 | 				err = save(filepath.Join(dir, changeExt(a, ".wxml")), []byte("<!--"+changeExt(a, ".wxml")+"--><text>"+changeExt(a, ".wxml")+"</text>"))
280 | 				if err != nil {
281 | 					return err
282 | 				}
283 | 				err = save(filepath.Join(dir, changeExt(a, ".wxss")), []byte("/* "+changeExt(a, ".wxss")+" */"))
284 | 				if err != nil {
285 | 					return err
286 | 				}
287 | 			}
288 | 		}
289 | 	}
290 | 
291 | 	// 处理 TabBar 图标路径
292 | 	if app.TabBar != nil && app.TabBar["list"] != nil {
293 | 		var digests [][2]interface{}
294 | 		for _, file := range scanDirByExt(dir, "") {
295 | 			data, _ := os.ReadFile(file)
296 | 			digests = append(digests, [2]interface{}{md5.Sum(data), file})
297 | 		}
298 | 
299 | 		for _, e := range app.TabBar["list"].([]interface{}) {
300 | 			pagePath := e.(map[string]interface{})["pagePath"].(string)
301 | 			e.(map[string]interface{})["pagePath"] = changeExt(pagePath, "")
302 | 			if iconData, ok := e.(map[string]interface{})["iconData"].(string); ok {
303 | 				hash := md5.Sum([]byte(iconData))
304 | 				for _, digest := range digests {
305 | 					digestByte, _ := digest[0].([16]byte)
306 | 					if bytes.Equal(hash[:], digestByte[:]) {
307 | 						delete(e.(map[string]interface{}), "iconData")
308 | 						e.(map[string]interface{})["iconPath"] = fixDir(digest[1].(string), dir)
309 | 						break
310 | 					}
311 | 				}
312 | 			}
313 | 			if selectedIconData, ok := e.(map[string]interface{})["selectedIconData"].(string); ok {
314 | 				hash := md5.Sum([]byte(selectedIconData))
315 | 				for _, digest := range digests {
316 | 					digestByte, _ := digest[0].([16]byte)
317 | 					if bytes.Equal(hash[:], digestByte[:]) {
318 | 						delete(e.(map[string]interface{}), "selectedIconData")
319 | 						e.(map[string]interface{})["selectedIconPath"] = fixDir(digest[1].(string), dir)
320 | 						break
321 | 					}
322 | 				}
323 | 			}
324 | 		}
325 | 	}
326 | 
327 | 	// 保存应用配置到 app.json
328 | 	appContent, _ := json.MarshalIndent(app, "", "    ")
329 | 	err = save(filepath.Join(dir, "app.json"), appContent)
330 | 	if err != nil {
331 | 		return err
332 | 	}
333 | 	log.Printf("Config file processed: %s\n", option.Option.AppConfigSource)
334 | 	return nil
335 | }
336 | 
337 | // indexOf 返回字符串切片中项的索引
338 | func indexOf(slice []string, item string) int {
339 | 	for i, v := range slice {
340 | 		if v == item {
341 | 			return i
342 | 		}
343 | 	}
344 | 	return -1
345 | }
346 | 
347 | // fileExists 检查文件是否存在
348 | func fileExists(filename string) bool {
349 | 	info, err := os.Stat(filename)
350 | 	if os.IsNotExist(err) {
351 | 		return false
352 | 	}
353 | 	return !info.IsDir()
354 | }
355 | 
356 | // toDir 将文件路径转换为相对路径
357 | func toDir(file, base string) string {
358 | 	relative, err := filepath.Rel(base, file)
359 | 	if err != nil {
360 | 		return file
361 | 	}
362 | 	return relative
363 | }
364 | 
365 | // findMatches 查找所有匹配模式的字符串
366 | func findMatches(pattern, text string) []string {
367 | 	re := regexp.MustCompile(pattern)
368 | 	return re.FindAllString(text, -1)
369 | }
370 | 
371 | // scanDirByExt 扫描目录中的文件并返回指定扩展名的文件列表
372 | func scanDirByExt(dir, ext string) []string {
373 | 	var files []string
374 | 	err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
375 | 		if !info.IsDir() && strings.HasSuffix(info.Name(), ext) {
376 | 			files = append(files, path)
377 | 		}
378 | 		return nil
379 | 	})
380 | 	if err != nil {
381 | 		return nil
382 | 	}
383 | 	return files
384 | }
385 | 
386 | // fixDir 修复文件路径为相对路径
387 | func fixDir(file, base string) string {
388 | 	rel, err := filepath.Rel(base, file)
389 | 	if err != nil {
390 | 		return file
391 | 	}
392 | 	return filepath.ToSlash(rel)
393 | }
394 | 


--------------------------------------------------------------------------------
/internal/unpack/ujs.go:
--------------------------------------------------------------------------------
  1 | package unpack
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"log"
  6 | 	"os"
  7 | 	"path/filepath"
  8 | 	"regexp"
  9 | 	"strings"
 10 | 
 11 | 	"github.com/dop251/goja"
 12 | 
 13 | 	"github.com/Ackites/KillWxapkg/internal/enum"
 14 | 
 15 | 	"github.com/Ackites/KillWxapkg/internal/config"
 16 | )
 17 | 
 18 | // JavaScriptParser JavaScript 解析器
 19 | type JavaScriptParser struct {
 20 | 	OutputDir string
 21 | }
 22 | 
 23 | // DefineParams 存储从 define 函数中提取的参数
 24 | type DefineParams struct {
 25 | 	ModuleName string
 26 | 	FuncBody   string
 27 | }
 28 | 
 29 | func cleanDefineFunc(jsCode string) string {
 30 | 	// 正则表达式匹配 define 函数的头部
 31 | 	reHead := regexp.MustCompile(`^define\s*\(\s*["'].*?["']\s*,\s*function\s*\([^)]*\)\s*\{`)
 32 | 
 33 | 	// 正则表达式匹配 define 函数的尾部
 34 | 	reTail := regexp.MustCompile(`\}\s*,\s*\{[^}]*isPage\s*:\s*[^}]*\}\s*\)\s*;$`)
 35 | 
 36 | 	// 移除头部
 37 | 	cleanedCode := reHead.ReplaceAllString(jsCode, "")
 38 | 
 39 | 	// 移除尾部
 40 | 	cleanedCode = reTail.ReplaceAllString(cleanedCode, "")
 41 | 
 42 | 	// 去除开头和结尾的空白字符
 43 | 	cleanedCode = strings.TrimSpace(cleanedCode)
 44 | 
 45 | 	// 去除"严格模式"声明
 46 | 	if strings.HasPrefix(cleanedCode, `"use strict";`) || strings.HasPrefix(cleanedCode, `'use strict';`) {
 47 | 		cleanedCode = cleanedCode[13:]
 48 | 		cleanedCode = strings.TrimSpace(cleanedCode)
 49 | 	}
 50 | 
 51 | 	return cleanedCode
 52 | }
 53 | 
 54 | // extractDefineParams 提取所有 define 函数的第一个和第二个参数
 55 | func extractDefineParams(jsCode string) ([]DefineParams, error) {
 56 | 	// 正则表达式提取 define 函数的第一个和第二个参数
 57 | 	re := regexp.MustCompile(`define\s*\(\s*["']([^"']+)["']\s*,\s*function\s*\(([^)]*)\)\s*\{([\s\S]*?)\}\s*,\s*\{[^}]*isPage\s*:\s*[^}]*\}\s*\)\s*;`)
 58 | 	matches := re.FindAllStringSubmatch(jsCode, -1)
 59 | 
 60 | 	if len(matches) == 0 {
 61 | 		results, err := run(jsCode)
 62 | 		if err != nil {
 63 | 			return nil, err
 64 | 		}
 65 | 		return results, nil
 66 | 	}
 67 | 
 68 | 	var results = make([]DefineParams, 0)
 69 | 	for _, match := range matches {
 70 | 		if len(match) >= 3 {
 71 | 			params := DefineParams{
 72 | 				ModuleName: match[1],
 73 | 				FuncBody:   cleanDefineFunc(match[0]),
 74 | 			}
 75 | 			results = append(results, params)
 76 | 		}
 77 | 	}
 78 | 	return results, nil
 79 | }
 80 | 
 81 | func run(code string) ([]DefineParams, error) {
 82 | 	var results = make([]DefineParams, 0)
 83 | 	// 防止报错
 84 | 	patch := `var window={};var navigator={};navigator.userAgent="iPhone";window.screen={};
 85 | document={getElementsByTagName:()=>{}};function require(){};var global={};var __wxAppCode__={};var __wxConfig={};
 86 | var __vd_version_info__={};var $gwx=function(){};var __g={};`
 87 | 
 88 | 	scriptcode := patch + code
 89 | 
 90 | 	// 包裹 try...catch 语句以捕获 JavaScript 错误
 91 | 	safeScript := `
 92 | 	try {
 93 | 		` + string(scriptcode) + `
 94 | 	} catch (e) {
 95 | 		//console.error(e);
 96 | 	}
 97 | 	`
 98 | 
 99 | 	vm := goja.New()
100 | 
101 | 	// 定义 console 对象
102 | 	console := vm.NewObject()
103 | 	_ = console.Set("log", func(call goja.FunctionCall) goja.Value {
104 | 		// 使用 call.Arguments 获取传递给 console.log 的参数
105 | 		args := call.Arguments
106 | 		for _, arg := range args {
107 | 			fmt.Println(arg.String())
108 | 		}
109 | 		return goja.Undefined()
110 | 	})
111 | 	_ = console.Set("error", func(call goja.FunctionCall) goja.Value {
112 | 		args := call.Arguments
113 | 		for _, arg := range args {
114 | 			fmt.Println("ERROR:", arg.String())
115 | 		}
116 | 		return goja.Undefined()
117 | 	})
118 | 	_ = console.Set("warn", func(call goja.FunctionCall) goja.Value {
119 | 		args := call.Arguments
120 | 		for _, arg := range args {
121 | 			fmt.Println("WARN:", arg.String())
122 | 		}
123 | 		return goja.Undefined()
124 | 	})
125 | 	_ = vm.Set("console", console)
126 | 
127 | 	// 设置 define 函数和 require 函数的行为
128 | 	err := vm.Set("define", func(call goja.FunctionCall) goja.Value {
129 | 		moduleName := call.Argument(0).String()
130 | 		funcBody := call.Argument(1).String()
131 | 
132 | 		cleanedCode, err := removeWrapper(funcBody)
133 | 		if err != nil {
134 | 			log.Printf("Error removing wrapper: %v\n", err)
135 | 			cleanedCode = funcBody
136 | 		}
137 | 
138 | 		//检查是否包含 "use strict" 并处理
139 | 		if strings.HasPrefix(cleanedCode, `"use strict";`) || strings.HasPrefix(cleanedCode, `'use strict';`) {
140 | 			cleanedCode = cleanedCode[13:]
141 | 		} else if (strings.HasPrefix(cleanedCode, `(function(){"use strict";`) || strings.HasPrefix(cleanedCode, `(function(){'use strict';`)) &&
142 | 			strings.HasSuffix(cleanedCode, `})();`) {
143 | 			cleanedCode = cleanedCode[25 : len(cleanedCode)-5]
144 | 		}
145 | 
146 | 		params := DefineParams{
147 | 			ModuleName: moduleName,
148 | 			FuncBody:   cleanedCode,
149 | 		}
150 | 		results = append(results, params)
151 | 
152 | 		return goja.Undefined()
153 | 	})
154 | 	if err != nil {
155 | 		return nil, err
156 | 	}
157 | 
158 | 	_, err = vm.RunString(safeScript)
159 | 	if err != nil {
160 | 		return nil, fmt.Errorf("failed to run JavaScript: %w", err)
161 | 	}
162 | 
163 | 	return results, nil
164 | }
165 | 
166 | // removeWrapper 移除函数包装器
167 | func removeWrapper(jsCode string) (string, error) {
168 | 	vm := goja.New()
169 | 	script := `
170 | 		(function(code) {
171 | 			let match = code.match(/^function\s*\(.*?\)\s*\{([\s\S]*)\}$/);
172 | 			if (match && match[1]) {
173 | 				// 每一行缩进减少一个空格
174 | 				match[1] = match[1].trim();
175 | 				code = match[1].replace(/^\s{4}/gm, '');
176 | 			}
177 | 			return code;
178 | 		})(code);
179 | 	`
180 | 	// 设置 JavaScript 变量
181 | 	err := vm.Set("code", jsCode)
182 | 	if err != nil {
183 | 		return "", err
184 | 	}
185 | 	value, err := vm.RunString(script)
186 | 	if err != nil {
187 | 		return "", fmt.Errorf("JavaScript execution error: %w", err)
188 | 	}
189 | 	return value.String(), nil
190 | }
191 | 
192 | // 是否为分包
193 | func isSubpackage(wxapkg *config.WxapkgInfo) bool {
194 | 	switch wxapkg.WxapkgType {
195 | 	case enum.APP_SUBPACKAGE_V1, enum.APP_SUBPACKAGE_V2, enum.GAME_SUBPACKAGE:
196 | 		return true
197 | 	default:
198 | 		return false
199 | 	}
200 | }
201 | 
202 | // Parse 解析和分割 JavaScript 文件
203 | func (p *JavaScriptParser) Parse(option config.WxapkgInfo) error {
204 | 
205 | 	dir := option.SourcePath
206 | 	if isSubpackage(&option) {
207 | 		dir = p.OutputDir
208 | 	}
209 | 
210 | 	code, err := os.ReadFile(option.Option.ServiceSource)
211 | 	if err != nil {
212 | 		return fmt.Errorf("failed to read file: %w", err)
213 | 	}
214 | 
215 | 	params, err := extractDefineParams(string(code))
216 | 	if err != nil {
217 | 		return err
218 | 	}
219 | 
220 | 	for _, param := range params {
221 | 		err = save(filepath.Join(dir, param.ModuleName), []byte(param.FuncBody))
222 | 		if err != nil {
223 | 			log.Printf("Error saving file: %v\n", err)
224 | 		}
225 | 	}
226 | 
227 | 	log.Printf("Splitting \"%s\" done.", option.Option.ServiceSource)
228 | 	return nil
229 | }
230 | 


--------------------------------------------------------------------------------
/internal/unpack/unpack.go:
--------------------------------------------------------------------------------
  1 | package unpack
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"encoding/binary"
  6 | 	"fmt"
  7 | 	"io"
  8 | 	"log"
  9 | 	"os"
 10 | 	"path/filepath"
 11 | 	"sync"
 12 | 
 13 | 	"github.com/Ackites/KillWxapkg/internal/key"
 14 | 
 15 | 	"github.com/Ackites/KillWxapkg/internal/config"
 16 | 
 17 | 	formatter2 "github.com/Ackites/KillWxapkg/internal/formatter"
 18 | )
 19 | 
 20 | type WxapkgFile struct {
 21 | 	NameLen uint32
 22 | 	Name    string
 23 | 	Offset  uint32
 24 | 	Size    uint32
 25 | }
 26 | 
 27 | // UnpackWxapkg 解包 wxapkg 文件并将内容保存到指定目录
 28 | func UnpackWxapkg(data []byte, outputDir string) ([]string, error) {
 29 | 	reader := bytes.NewReader(data)
 30 | 
 31 | 	// 读取文件头
 32 | 	var firstMark byte
 33 | 	if err := binary.Read(reader, binary.BigEndian, &firstMark); err != nil {
 34 | 		return nil, fmt.Errorf("读取首标记失败: %v", err)
 35 | 	}
 36 | 	if firstMark != 0xBE {
 37 | 		return nil, fmt.Errorf("无效的wxapkg文件: 首标记不正确")
 38 | 	}
 39 | 
 40 | 	var info1, indexInfoLength, bodyInfoLength uint32
 41 | 	if err := binary.Read(reader, binary.BigEndian, &info1); err != nil {
 42 | 		return nil, fmt.Errorf("读取info1失败: %v", err)
 43 | 	}
 44 | 	if err := binary.Read(reader, binary.BigEndian, &indexInfoLength); err != nil {
 45 | 		return nil, fmt.Errorf("读取索引段长度失败: %v", err)
 46 | 	}
 47 | 	if err := binary.Read(reader, binary.BigEndian, &bodyInfoLength); err != nil {
 48 | 		return nil, fmt.Errorf("读取数据段长度失败: %v", err)
 49 | 	}
 50 | 
 51 | 	// 验证长度的合理性
 52 | 	totalLength := uint64(indexInfoLength) + uint64(bodyInfoLength)
 53 | 	if totalLength > uint64(len(data)) {
 54 | 		return nil, fmt.Errorf("文件长度不足, 文件损坏: 索引段(%d) + 数据段(%d) > 文件总长度(%d)", indexInfoLength, bodyInfoLength, len(data))
 55 | 	}
 56 | 	totalLength = uint64(len(data))
 57 | 
 58 | 	var lastMark byte
 59 | 	if err := binary.Read(reader, binary.BigEndian, &lastMark); err != nil {
 60 | 		return nil, fmt.Errorf("读取尾标记失败: %v", err)
 61 | 	}
 62 | 	if lastMark != 0xED {
 63 | 		return nil, fmt.Errorf("无效的wxapkg文件: 尾标记不正确")
 64 | 	}
 65 | 
 66 | 	var fileCount uint32
 67 | 	if err := binary.Read(reader, binary.BigEndian, &fileCount); err != nil {
 68 | 		return nil, fmt.Errorf("读取文件数量失败: %v", err)
 69 | 	}
 70 | 
 71 | 	// 计算索引段的预期结束位置
 72 | 	expectedIndexEnd := uint64(reader.Size()) - uint64(bodyInfoLength)
 73 | 
 74 | 	// 读取索引
 75 | 	fileList := make([]WxapkgFile, fileCount)
 76 | 	var filelistNames []string
 77 | 	for i := range fileList {
 78 | 		if err := binary.Read(reader, binary.BigEndian, &fileList[i].NameLen); err != nil {
 79 | 			return nil, fmt.Errorf("读取文件名长度失败: %v", err)
 80 | 		}
 81 | 
 82 | 		if fileList[i].NameLen == 0 || fileList[i].NameLen > 1024 {
 83 | 			return nil, fmt.Errorf("文件名长度 %d 不合理", fileList[i].NameLen)
 84 | 		}
 85 | 
 86 | 		nameBytes := make([]byte, fileList[i].NameLen)
 87 | 		if _, err := io.ReadAtLeast(reader, nameBytes, int(fileList[i].NameLen)); err != nil {
 88 | 			return nil, fmt.Errorf("读取文件名失败: %v", err)
 89 | 		}
 90 | 
 91 | 		fileList[i].Name = string(nameBytes)
 92 | 
 93 | 		filelistNames = append(filelistNames, fileList[i].Name)
 94 | 
 95 | 		if err := binary.Read(reader, binary.BigEndian, &fileList[i].Offset); err != nil {
 96 | 			return nil, fmt.Errorf("读取文件偏移量失败: %v", err)
 97 | 		}
 98 | 
 99 | 		if err := binary.Read(reader, binary.BigEndian, &fileList[i].Size); err != nil {
100 | 			return nil, fmt.Errorf("读取文件大小失败: %v", err)
101 | 		}
102 | 
103 | 		// 验证文件偏移量和大小
104 | 		fileEnd := uint64(fileList[i].Offset) + uint64(fileList[i].Size)
105 | 		if fileEnd > totalLength {
106 | 			return nil, fmt.Errorf("文件 %s 的结束位置 (%d) 超出了文件总长度 (%d)", fileList[i].Name, fileEnd, totalLength)
107 | 		}
108 | 
109 | 		// 验证我们是否仍在索引段内
110 | 		currentPos := uint64(reader.Size()) - uint64(reader.Len())
111 | 		if currentPos > expectedIndexEnd {
112 | 			return nil, fmt.Errorf("索引读取超出预期范围: 当前位置 %d, 预期索引结束位置 %d", currentPos, expectedIndexEnd)
113 | 		}
114 | 	}
115 | 
116 | 	// 验证是否正确读完了整个索引段
117 | 	currentPos := uint64(reader.Size()) - uint64(reader.Len())
118 | 	if currentPos != expectedIndexEnd {
119 | 		return nil, fmt.Errorf("索引段长度不符: 读取到位置 %d, 预期结束位置 %d", currentPos, expectedIndexEnd)
120 | 	}
121 | 
122 | 	// 控制并发数
123 | 	const workerCount = 10
124 | 	var wg sync.WaitGroup
125 | 	fileChan := make(chan WxapkgFile, workerCount)
126 | 	errChan := make(chan error, workerCount)
127 | 
128 | 	// 使用 sync.Pool 来复用缓冲区，减少内存分配和 GC 开销
129 | 	var bufferPool = sync.Pool{
130 | 		New: func() interface{} {
131 | 			return new(bytes.Buffer)
132 | 		},
133 | 	}
134 | 
135 | 	for i := 0; i < workerCount; i++ {
136 | 		wg.Add(1)
137 | 		go func() {
138 | 			defer wg.Done()
139 | 			for file := range fileChan {
140 | 				if err := processFile(outputDir, file, reader, &bufferPool); err != nil {
141 | 					errChan <- fmt.Errorf("保存文件 %s 失败: %w", file.Name, err)
142 | 				}
143 | 			}
144 | 		}()
145 | 	}
146 | 
147 | 	for _, file := range fileList {
148 | 		fileChan <- file
149 | 	}
150 | 	close(fileChan)
151 | 
152 | 	// 等待所有 goroutine 完成
153 | 	wg.Wait()
154 | 	close(errChan)
155 | 
156 | 	// 检查是否有错误
157 | 	if len(errChan) > 0 {
158 | 		return nil, <-errChan
159 | 	}
160 | 
161 | 	//const configJSON = `{
162 | 	//    "description": "See https://developers.weixin.qq.com/miniprogram/dev/devtools/projectconfig.html",
163 | 	//    "setting": {
164 | 	//      "urlCheck": false
165 | 	//    }
166 | 	//  }`
167 | 
168 | 	// 保存 project.private.config.json
169 | 	//configFile := filepath.Join(outputDir, "project.private.config.json")
170 | 	//if err := os.WriteFile(configFile, []byte(configJSON), 0755); err != nil {
171 | 	//	return nil, fmt.Errorf("保存文件 %s 失败: %w", configFile, err)
172 | 	//}
173 | 
174 | 	return filelistNames, nil
175 | }
176 | 
177 | // processFile 处理单个文件的读取、格式化和保存
178 | func processFile(outputDir string, file WxapkgFile, reader io.ReaderAt, bufferPool *sync.Pool) error {
179 | 	fullPath := filepath.Join(outputDir, file.Name)
180 | 	dir := filepath.Dir(fullPath)
181 | 
182 | 	// 创建目录
183 | 	if err := os.MkdirAll(dir, 0755); err != nil && !os.IsExist(err) {
184 | 		return fmt.Errorf("创建目录失败: %w", err)
185 | 	}
186 | 
187 | 	// 创建文件
188 | 	f, err := os.OpenFile(fullPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0755)
189 | 	if err != nil {
190 | 		return fmt.Errorf("创建文件失败: %w", err)
191 | 	}
192 | 	defer func(f *os.File) {
193 | 		err := f.Close()
194 | 		if err != nil {
195 | 			log.Printf("关闭文件 %s 失败: %v\n", file.Name, err)
196 | 		}
197 | 	}(f)
198 | 
199 | 	// 使用 io.NewSectionReader 创建一个只读取指定部分的 Reader
200 | 	sectionReader := io.NewSectionReader(reader, int64(file.Offset), int64(file.Size))
201 | 
202 | 	// 从 bufferPool 获取缓冲区
203 | 	buf := bufferPool.Get().(*bytes.Buffer)
204 | 	defer bufferPool.Put(buf)
205 | 	buf.Reset()
206 | 
207 | 	// 读取文件内容
208 | 	if _, err := io.Copy(buf, sectionReader); err != nil {
209 | 		return fmt.Errorf("读取文件内容失败: %w", err)
210 | 	}
211 | 	content := buf.Bytes()
212 | 
213 | 	// 获取文件格式化器
214 | 	ext := filepath.Ext(file.Name)
215 | 	formatter, err := formatter2.GetFormatter(ext)
216 | 	if err == nil {
217 | 		content, err = formatter.Format(content)
218 | 		if err != nil {
219 | 			return fmt.Errorf("格式化文件失败: %w", err)
220 | 		}
221 | 	}
222 | 
223 | 	// 写入文件内容
224 | 	if _, err := f.Write(content); err != nil {
225 | 		return fmt.Errorf("写入文件失败: %w", err)
226 | 	}
227 | 
228 | 	configManager := config.NewSharedConfigManager()
229 | 	if sensitive, ok := configManager.Get("sensitive"); ok {
230 | 		if p, o := sensitive.(bool); o {
231 | 			if p {
232 | 				// 查找敏感信息
233 | 				if err := key.MatchRules(string(content)); err != nil {
234 | 					return fmt.Errorf("%v", err)
235 | 				}
236 | 			}
237 | 		}
238 | 	}
239 | 
240 | 	return nil
241 | }
242 | 


--------------------------------------------------------------------------------
/internal/unpack/uxml.go:
--------------------------------------------------------------------------------
  1 | package unpack
  2 | 
  3 | import (
  4 | 	"errors"
  5 | 	"fmt"
  6 | 	"log"
  7 | 	"os"
  8 | 	"path/filepath"
  9 | 	"reflect"
 10 | 	"regexp"
 11 | 	"strings"
 12 | 	"sync"
 13 | 
 14 | 	"github.com/Ackites/KillWxapkg/internal/config"
 15 | 	"github.com/dop251/goja"
 16 | )
 17 | 
 18 | type XmlParser struct {
 19 | 	OutputDir string
 20 | 	// 解析器版本
 21 | 	Version string
 22 | }
 23 | 
 24 | // 获取生成函数
 25 | func getFuc(code string, gwx map[string]interface{}) {
 26 | 	re := regexp.MustCompile(`else\s+__wxAppCode__\['([^']+\.wxml)'\]\s*=\s*(\$[^;]+;)`)
 27 | 
 28 | 	matches := re.FindAllStringSubmatch(code, -1)
 29 | 	if len(matches) > 0 {
 30 | 		for _, match := range matches {
 31 | 			gwx[match[1]] = match[2]
 32 | 		}
 33 | 	}
 34 | }
 35 | 
 36 | // 提取函数名和参数
 37 | func extractFuncNameAndArgs(gencode string) (string, []interface{}) {
 38 | 	re := regexp.MustCompile(`(\$\w+)\s*\(\s*'(.*?)'\s*\)`)
 39 | 	matches := re.FindStringSubmatch(gencode)
 40 | 	if len(matches) < 3 {
 41 | 		return "", nil
 42 | 	}
 43 | 
 44 | 	funcName := matches[1]
 45 | 	arg := matches[2]
 46 | 
 47 | 	return funcName, []interface{}{arg}
 48 | }
 49 | 
 50 | // 递归调用函数直到获得非函数结果
 51 | func getFinalResult(vm *goja.Runtime, value goja.Value) (goja.Value, error) {
 52 | 	for value.ExportType().Kind() == reflect.Func {
 53 | 		fn, ok := goja.AssertFunction(value)
 54 | 		if !ok {
 55 | 			return nil, fmt.Errorf("expected function, got %T", value.Export())
 56 | 		}
 57 | 
 58 | 		var err error
 59 | 		value, err = fn(goja.Undefined())
 60 | 		if err != nil {
 61 | 			return nil, err
 62 | 		}
 63 | 	}
 64 | 	return value, nil
 65 | }
 66 | 
 67 | // 生成视图代码
 68 | func getDomTree(node interface{}) string {
 69 | 	// 用于构建 XML 字符串的函数
 70 | 	var processNodes func(node map[string]interface{}, indentLevel int, isRoot bool) string
 71 | 	processNodes = func(node map[string]interface{}, indentLevel int, isRoot bool) string {
 72 | 		var sb strings.Builder
 73 | 
 74 | 		// 生成缩进
 75 | 		indent := strings.Repeat("\t", indentLevel)
 76 | 
 77 | 		// 获取标签名称
 78 | 		tag, ok := node["tag"].(string)
 79 | 		if !ok {
 80 | 			return ""
 81 | 		}
 82 | 		tag = strings.TrimPrefix(tag, "wx-") // 去除前缀 wx-
 83 | 
 84 | 		// 如果是根节点，不添加开始标签
 85 | 		if !isRoot {
 86 | 			// 开始标签
 87 | 			sb.WriteString(indent)
 88 | 			sb.WriteString("<")
 89 | 			sb.WriteString(tag)
 90 | 
 91 | 			// 处理属性
 92 | 			if attr, ok := node["attr"].(map[string]interface{}); ok {
 93 | 				for key, value := range attr {
 94 | 					key = strings.TrimPrefix(key, "$wxs:")
 95 | 					if strings.HasPrefix(key, "$") {
 96 | 						continue
 97 | 					}
 98 | 					if value == nil {
 99 | 						sb.WriteString(fmt.Sprintf(" %s=\"\"", key))
100 | 					} else {
101 | 						sb.WriteString(fmt.Sprintf(" %s=\"%v\"", key, value))
102 | 					}
103 | 				}
104 | 			}
105 | 
106 | 			// 结束标签
107 | 			sb.WriteString(">")
108 | 		}
109 | 
110 | 		// 处理子节点
111 | 		if children, ok := node["children"].([]interface{}); ok {
112 | 			if len(children) > 0 && !isRoot {
113 | 				sb.WriteString("\n")
114 | 			}
115 | 			for _, child := range children {
116 | 				if childMap, ok := child.(map[string]interface{}); ok {
117 | 					sb.WriteString(processNodes(childMap, indentLevel+1, false))
118 | 				} else {
119 | 					// 如果 children 是字符串且字符串为空，则不换行
120 | 					if str, ok := child.(string); ok {
121 | 						if str != "" {
122 | 							sb.WriteString(strings.Repeat("\t", indentLevel+1))
123 | 							sb.WriteString(str + "\n")
124 | 						}
125 | 					}
126 | 				}
127 | 			}
128 | 		}
129 | 
130 | 		// 结束标签（如果不是根节点）
131 | 		if !isRoot {
132 | 			sb.WriteString(indent)
133 | 			sb.WriteString("</")
134 | 			sb.WriteString(tag)
135 | 			sb.WriteString(">\n")
136 | 		}
137 | 
138 | 		return sb.String()
139 | 	}
140 | 
141 | 	// 将根节点转换为 map
142 | 	rootNode, ok := node.(map[string]interface{})
143 | 	if !ok {
144 | 		return ""
145 | 	}
146 | 
147 | 	// 生成并返回最终的 XML 字符串，不包括根标签
148 | 	return processNodes(rootNode, 0, true)
149 | }
150 | 
151 | func getXml(path string, scriptCode, gencode string, results chan<- map[string]interface{}, wg *sync.WaitGroup, version string, sem chan struct{}) {
152 | 	defer wg.Done()
153 | 
154 | 	// 限制并发数
155 | 	sem <- struct{}{}
156 | 	// 释放信号量
157 | 	defer func() { <-sem }()
158 | 
159 | 	// 提取函数名和参数
160 | 	funcName, params := extractFuncNameAndArgs(gencode)
161 | 	if funcName == "" {
162 | 		log.Printf("Error extracting function name and arguments from gencode: %s\n", gencode)
163 | 		return
164 | 	}
165 | 
166 | 	vm := goja.New()
167 | 
168 | 	// 包裹 try...catch 语句以捕获 JavaScript 错误
169 | 	safeScript := `
170 | 	try {
171 | 		` + scriptCode + `
172 | 	} catch (e) {
173 | 		//console.error(e);
174 | 	}
175 | 	`
176 | 
177 | 	// 定义 console 对象
178 | 	console := vm.NewObject()
179 | 	_ = console.Set("log", func(call goja.FunctionCall) goja.Value {
180 | 		// 使用 call.Arguments 获取传递给 console.log 的参数
181 | 		args := call.Arguments
182 | 		for _, arg := range args {
183 | 			fmt.Println(arg.String())
184 | 		}
185 | 		return goja.Undefined()
186 | 	})
187 | 	_ = console.Set("error", func(call goja.FunctionCall) goja.Value {
188 | 		args := call.Arguments
189 | 		for _, arg := range args {
190 | 			fmt.Println("ERROR:", arg.String())
191 | 		}
192 | 		return goja.Undefined()
193 | 	})
194 | 	_ = console.Set("warn", func(call goja.FunctionCall) goja.Value {
195 | 		args := call.Arguments
196 | 		for _, arg := range args {
197 | 			fmt.Println("WARN:", arg.String())
198 | 		}
199 | 		return goja.Undefined()
200 | 	})
201 | 	_ = vm.Set("console", console)
202 | 
203 | 	// 运行脚本代码，定义所有函数
204 | 	_, err := vm.RunString(safeScript)
205 | 	if err != nil {
206 | 		var gojaErr *goja.Exception
207 | 		if errors.As(err, &gojaErr) {
208 | 			log.Println("JavaScript error:", gojaErr.String())
209 | 		} else {
210 | 			log.Println("Error running script:", err)
211 | 		}
212 | 		return
213 | 	}
214 | 
215 | 	// 获取函数对象
216 | 	fn, ok := goja.AssertFunction(vm.Get(funcName))
217 | 	if !ok {
218 | 		log.Printf("Error asserting function for %s\n", funcName)
219 | 		return
220 | 	}
221 | 
222 | 	// 准备参数列表
223 | 	args := make([]goja.Value, len(params))
224 | 	for i, param := range params {
225 | 		args[i] = vm.ToValue(param)
226 | 	}
227 | 
228 | 	// 调用函数并获取结果
229 | 	result, err := fn(goja.Undefined(), args...)
230 | 	if err != nil {
231 | 		log.Printf("Error calling function: %v\n", err)
232 | 		return
233 | 	}
234 | 
235 | 	// 递归调用函数直到获得非函数结果
236 | 	finalResult, err := getFinalResult(vm, result)
237 | 	if err != nil {
238 | 		log.Printf("Error getting final result: %v\n", err)
239 | 		return
240 | 	}
241 | 
242 | 	// 保存结果
243 | 	results <- map[string]interface{}{path: finalResult.Export()}
244 | }
245 | 
246 | func (p *XmlParser) Parse(option config.WxapkgInfo) error {
247 | 	saveDir := p.OutputDir
248 | 
249 | 	var frameFile = option.Option.ViewSource
250 | 	// 存放生成函数代码
251 | 	var gwx = make(map[string]interface{})
252 | 	results := make(chan map[string]interface{})
253 | 	var wg sync.WaitGroup
254 | 
255 | 	// 最大并发数
256 | 	const maxConcurrent = 5
257 | 	sem := make(chan struct{}, maxConcurrent)
258 | 
259 | 	code, err := os.ReadFile(frameFile)
260 | 	if err != nil {
261 | 		log.Printf("Error reading file: %v\n", err)
262 | 		return err
263 | 	}
264 | 
265 | 	codeStr := string(code)
266 | 	scriptCode := codeStr
267 | 
268 | 	// 防止报错
269 | 	patch := `var noCss=true;var window={};var navigator={};navigator.userAgent="iPhone";window.screen={};
270 | document={getElementsByTagName:()=>{}};function define(){};function require(){};
271 | var setCssToHead=function(file,_xcInvalid,info){return ()=>{}};`
272 | 
273 | 	// 如果是 html 文件，提取 script 代码
274 | 	if strings.HasSuffix(frameFile, ".html") {
275 | 		scriptCode = matchScripts(codeStr)
276 | 	}
277 | 
278 | 	scriptCode = strings.Replace(scriptCode, "var setCssToHead =", "var setCssToHead2 =", -1)
279 | 	scriptCode = strings.Replace(scriptCode, "var noCss", "var noCss2", -1)
280 | 	// 如果是子包
281 | 	if isSubpackage(&option) {
282 | 		scriptCode = strings.Replace(scriptCode, "$gwx('init', global);", "", 1)
283 | 	}
284 | 
285 | 	// 正则匹配生成函数
286 | 	getFuc(scriptCode, gwx)
287 | 
288 | 	scriptCode = patch + scriptCode
289 | 
290 | 	// 运行生成函数
291 | 	for path, gencode := range gwx {
292 | 		wg.Add(1)
293 | 		go getXml(path, scriptCode, gencode.(string), results, &wg, p.Version, sem)
294 | 	}
295 | 
296 | 	go func() {
297 | 		wg.Wait()
298 | 		close(results)
299 | 	}()
300 | 
301 | 	finalResults := make(map[string]string)
302 | 	for result := range results {
303 | 		for k, v := range result {
304 | 			finalResults[k] = getDomTree(v)
305 | 		}
306 | 	}
307 | 
308 | 	for name, content := range finalResults {
309 | 		name = filepath.Join(saveDir, name)
310 | 		err = save(name, []byte(content))
311 | 		if err != nil {
312 | 			log.Printf("Error saving file: %v\n", err)
313 | 		}
314 | 		log.Printf("Saved file: %s\n", name)
315 | 	}
316 | 
317 | 	return nil
318 | }
319 | 


--------------------------------------------------------------------------------
/internal/unpack/uxss.go:
--------------------------------------------------------------------------------
  1 | package unpack
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"log"
  6 | 	"os"
  7 | 	"path/filepath"
  8 | 	"regexp"
  9 | 	"strings"
 10 | 
 11 | 	"github.com/Ackites/KillWxapkg/internal/enum"
 12 | 
 13 | 	"github.com/Ackites/KillWxapkg/internal/config"
 14 | 
 15 | 	"github.com/Ackites/KillWxapkg/internal/util"
 16 | 	"github.com/dop251/goja"
 17 | 	"golang.org/x/net/html"
 18 | )
 19 | 
 20 | // XssParser 结构体定义
 21 | type XssParser struct {
 22 | 	OutputDir string
 23 | }
 24 | 
 25 | // 相对路径转换
 26 | func makeRelativePath(base, target string) (string, error) {
 27 | 	relPath, err := filepath.Rel(filepath.Dir(base), target)
 28 | 	if err != nil {
 29 | 		return "", err
 30 | 	}
 31 | 	// 转换为 Unix 风格的路径以保持一致性
 32 | 	return filepath.ToSlash(relPath), nil
 33 | }
 34 | 
 35 | func handleEl(el interface{}, k string) string {
 36 | 	if elArr, ok := el.([]interface{}); ok {
 37 | 		if len(elArr) == 1 && elArr[0].(int64) == 1 {
 38 | 			return ""
 39 | 		}
 40 | 
 41 | 		switch elArr[0].(int64) {
 42 | 		case 0:
 43 | 			return fmt.Sprintf("%vrpx", elArr[1])
 44 | 		case 2:
 45 | 			_el := elArr[1]
 46 | 			var path string
 47 | 
 48 | 			switch v := _el.(type) {
 49 | 			case int64:
 50 | 				//path = makeCStyleName(v)
 51 | 				return ""
 52 | 			case string:
 53 | 				path = v
 54 | 			case []interface{}:
 55 | 				return handleEl(_el, k)
 56 | 			default:
 57 | 				log.Printf("Unprocessed element found: %v\n", elArr)
 58 | 				return ""
 59 | 			}
 60 | 
 61 | 			if path == "" {
 62 | 				return ""
 63 | 			}
 64 | 
 65 | 			target, err := makeRelativePath(k, path)
 66 | 			if err != nil {
 67 | 				log.Printf("Error making relative path: %v\n", err)
 68 | 				return ""
 69 | 			}
 70 | 			if target != "" {
 71 | 				return fmt.Sprintf(`@import "%s";`+"\n", target)
 72 | 			}
 73 | 
 74 | 			return ""
 75 | 		default:
 76 | 			log.Printf("Unprocessed data found: %v\n", elArr)
 77 | 			return ""
 78 | 		}
 79 | 	}
 80 | 
 81 | 	return fmt.Sprintf("%v", el)
 82 | }
 83 | 
 84 | func styleConversion(path string, content []interface{}) string {
 85 | 	var newData strings.Builder
 86 | 	for _, el := range content {
 87 | 		newData.WriteString(handleEl(el, path))
 88 | 	}
 89 | 
 90 | 	return newData.String()
 91 | }
 92 | 
 93 | func matchScripts(code string) string {
 94 | 	doc, err := html.Parse(strings.NewReader(code))
 95 | 	if err != nil {
 96 | 		log.Printf("Error parsing HTML: %v\n", err)
 97 | 		return ""
 98 | 	}
 99 | 	var scriptBuilder strings.Builder
100 | 	var f func(*html.Node)
101 | 	f = func(n *html.Node) {
102 | 		if n.Type == html.ElementNode && n.Data == "script" {
103 | 			for c := n.FirstChild; c != nil; c = c.NextSibling {
104 | 				if c.Type == html.TextNode {
105 | 					scriptBuilder.WriteString(c.Data)
106 | 				}
107 | 			}
108 | 		}
109 | 		for c := n.FirstChild; c != nil; c = c.NextSibling {
110 | 			f(c)
111 | 		}
112 | 	}
113 | 	f(doc)
114 | 	return scriptBuilder.String()
115 | }
116 | 
117 | func getCss(mainCode string) string {
118 | 	setRe := regexp.MustCompile(`setCssToHead\(([\s\S]*?)\.wxss"\s*\}\)`)
119 | 	comRe := regexp.MustCompile(`__COMMON_STYLESHEETS__\['([^']*\.wxss)'\]\s*=\s*\[(.*?)\];`)
120 | 
121 | 	var scriptBuilder strings.Builder
122 | 
123 | 	// 查找所有匹配的子字符串
124 | 	matches := setRe.FindAllString(mainCode, -1)
125 | 	if len(matches) > 0 {
126 | 		for _, match := range matches {
127 | 			res := match[strings.LastIndex(match, "setCssToHead("):]
128 | 			scriptBuilder.WriteString(res)
129 | 			scriptBuilder.WriteString(";\n")
130 | 		}
131 | 	}
132 | 	matches = comRe.FindAllString(mainCode, -1)
133 | 	if len(matches) > 0 {
134 | 		for _, match := range matches {
135 | 			scriptBuilder.WriteString(match)
136 | 			scriptBuilder.WriteString(";\n")
137 | 		}
138 | 	}
139 | 	return scriptBuilder.String()
140 | }
141 | 
142 | // 运行 JavaScript 代码
143 | func runVM(name, code string, results map[string]string) {
144 | 	vm := goja.New()
145 | 
146 | 	// 设置 __COMMON_STYLESHEETS__
147 | 	commonStylesheets := make(map[string][]interface{})
148 | 	err := vm.Set("__COMMON_STYLESHEETS__", commonStylesheets)
149 | 	if err != nil {
150 | 		log.Printf("Error setting __COMMON_STYLESHEETS__: %v\n", err)
151 | 		return
152 | 	}
153 | 
154 | 	// 设置 setCssToHead 函数
155 | 	err = vm.Set("setCssToHead", func(call goja.FunctionCall) goja.Value {
156 | 		if len(call.Arguments) == 0 || (len(call.Arguments) == 1 && len(call.Argument(0).Export().([]interface{})) == 0) {
157 | 			return goja.Undefined()
158 | 		}
159 | 
160 | 		args := call.Arguments
161 | 
162 | 		if len(call.Arguments) == 3 {
163 | 			args = append(args[:1], args[2:]...)
164 | 		}
165 | 
166 | 		var sources = args[0].Export().([]interface{})
167 | 		var path = args[1].Export().(map[string]interface{})["path"].(string)
168 | 
169 | 		result := styleConversion(path, sources)
170 | 		results[path] += result
171 | 		return goja.Undefined()
172 | 	})
173 | 	if err != nil {
174 | 		log.Printf("Error setting setCssToHead: %v\n", err)
175 | 		return
176 | 	}
177 | 
178 | 	// 运行 JavaScript 代码
179 | 	_, err = vm.RunString(code)
180 | 	if err != nil {
181 | 		log.Printf("Error running JavaScript code: %v\n", err)
182 | 		return
183 | 	}
184 | 
185 | 	// 处理 __COMMON_STYLESHEETS__
186 | 	for path, sources := range commonStylesheets {
187 | 		result := styleConversion(path, sources)
188 | 		results[path] += result
189 | 	}
190 | }
191 | 
192 | // Parse 处理 WXSS 文件
193 | func (p *XssParser) Parse(option config.WxapkgInfo) error {
194 | 	saveDir := option.SourcePath
195 | 	if isSubpackage(&option) {
196 | 		saveDir = p.OutputDir
197 | 	}
198 | 
199 | 	// 创建文件删除管理器
200 | 	manager := config.NewFileDeletionManager()
201 | 
202 | 	var runList = make(map[string]string)
203 | 	var result = make(map[string]string)
204 | 
205 | 	// 预运行，读取所有相关文件
206 | 	preRun := func(dir, mainCode string, files []string, cb func()) {
207 | 		mainCode = getCss(mainCode)
208 | 		if isSubpackage(&option) {
209 | 			runList[filepath.Join(option.SourcePath, "./app.wxss")] = mainCode
210 | 		} else {
211 | 			runList[filepath.Join(dir, "./app.wxss")] = mainCode
212 | 		}
213 | 
214 | 		for _, name := range files {
215 | 			code, err := os.ReadFile(name)
216 | 			if err != nil {
217 | 				log.Printf("Error reading file: %v\n", err)
218 | 				continue
219 | 			}
220 | 			codeStr := matchScripts(string(code))
221 | 
222 | 			// 正则表达式：匹配 setCssToHead 函数调用及其内容
223 | 			re := regexp.MustCompile(`setCssToHead\(([\s\S]*?\.wxss"[\s\S]*?)\s*\)`)
224 | 
225 | 			// 查找匹配的子字符串
226 | 			match := re.FindStringSubmatch(codeStr)
227 | 			if len(match) > 0 {
228 | 				runList[name] = match[0]
229 | 			}
230 | 		}
231 | 
232 | 		cb()
233 | 	}
234 | 
235 | 	// 一次性运行所有 JavaScript 代码
236 | 	runOnce := func() {
237 | 		for name, code := range runList {
238 | 			runVM(name, code, result)
239 | 		}
240 | 	}
241 | 
242 | 	// 扫描目录中的所有 HTML 文件
243 | 	scanHtml(saveDir, manager, func(files []string) {
244 | 		var frameFile = option.Option.ViewSource
245 | 
246 | 		code, err := os.ReadFile(frameFile)
247 | 		if err != nil {
248 | 			log.Printf("Error reading file: %v\n", err)
249 | 			return
250 | 		}
251 | 
252 | 		codeStr := string(code)
253 | 		scriptCode := codeStr
254 | 
255 | 		if strings.HasSuffix(frameFile, ".html") {
256 | 			scriptCode = matchScripts(codeStr)
257 | 		}
258 | 
259 | 		preRun(saveDir, scriptCode, files, func() {
260 | 			runOnce()
261 | 			for name, content := range result {
262 | 				name = filepath.Join(saveDir, changeExt(name, ".wxss"))
263 | 				err = save(name, []byte(util.TransformCSS(content)))
264 | 				if err != nil {
265 | 					log.Printf("Error saving file: %v\n", err)
266 | 				}
267 | 				log.Printf("Saved file: %s\n", name)
268 | 			}
269 | 		})
270 | 	})
271 | 
272 | 	return nil
273 | }
274 | 
275 | // scanHtml 扫描目录中的Html文件并返回文件列表
276 | func scanHtml(dir string, manager *config.FileDeletionManager, cb func([]string)) {
277 | 	var files []string
278 | 	// 删除相关的JS文件
279 | 	suffixes := []string{".appservice.js", ".common.js", ".webview.js"}
280 | 	err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
281 | 		if !info.IsDir() && strings.HasSuffix(info.Name(), ".html") {
282 | 			if info.Name() != enum.PageFrameHtml {
283 | 				files = append(files, path)
284 | 				for _, suffix := range suffixes {
285 | 					jsFile := strings.TrimSuffix(path, ".html") + suffix
286 | 					manager.AddFile(jsFile)
287 | 				}
288 | 				manager.AddFile(path)
289 | 			}
290 | 		}
291 | 		return nil
292 | 	})
293 | 	if err != nil {
294 | 		return
295 | 	}
296 | 	cb(files)
297 | }
298 | 


--------------------------------------------------------------------------------
/internal/util/getWccVersion.go:
--------------------------------------------------------------------------------
 1 | package util
 2 | 
 3 | import (
 4 | 	"os"
 5 | 	"regexp"
 6 | )
 7 | 
 8 | // GetWccVersion 从源代码字符串中提取 __wcc_version__ 的值
 9 | func GetWccVersion(source string) string {
10 | 	if source == "" {
11 | 		return ""
12 | 	}
13 | 
14 | 	// 读取source文件内容
15 | 	content, _ := os.ReadFile(source)
16 | 
17 | 	// 定义正则表达式，用于匹配 __wcc_version__ 的值
18 | 	regex := regexp.MustCompile(`__wcc_version__\s*=\s*['"]([^'"]+)['"]`)
19 | 
20 | 	// 查找匹配项
21 | 	matches := regex.FindStringSubmatch(string(content))
22 | 
23 | 	// 如果匹配成功并捕获到版本号，则返回版本号
24 | 	if len(matches) > 1 {
25 | 		return matches[1]
26 | 	}
27 | 
28 | 	// 未找到匹配项，返回空字符串
29 | 	return ""
30 | }
31 | 


--------------------------------------------------------------------------------
/internal/util/getWxapkgType.go:
--------------------------------------------------------------------------------
 1 | package util
 2 | 
 3 | import (
 4 | 	"path/filepath"
 5 | 	"strings"
 6 | 
 7 | 	. "github.com/Ackites/KillWxapkg/internal/enum"
 8 | )
 9 | 
10 | // GetWxapkgType 根据文件列表判断微信小程序包的类型
11 | func GetWxapkgType(fileList []string) WxapkgType {
12 | 	allFilesStartWithWA := true
13 | 	for _, filename := range fileList {
14 | 		if !strings.HasPrefix(filepath.Base(filename), "WA") {
15 | 			allFilesStartWithWA = false
16 | 			break
17 | 		}
18 | 	}
19 | 
20 | 	if allFilesStartWithWA {
21 | 		return FRAMEWORK
22 | 	}
23 | 
24 | 	if containsFile(fileList, PageFrameHtml) {
25 | 		if containsFile(fileList, CommonApp) {
26 | 			return App_V4
27 | 		}
28 | 		return App_V1
29 | 	}
30 | 
31 | 	if containsFile(fileList, CommonApp) {
32 | 		if containsFile(fileList, AppWxss) {
33 | 			return App_V3
34 | 		}
35 | 		return APP_SUBPACKAGE_V2
36 | 	}
37 | 
38 | 	if containsFile(fileList, Page_Frame) {
39 | 		if containsFile(fileList, AppWxss) {
40 | 			return App_V2
41 | 		}
42 | 		return APP_SUBPACKAGE_V1
43 | 	}
44 | 
45 | 	if containsFile(fileList, Game) {
46 | 		if containsFile(fileList, App_Config) {
47 | 			return GAME
48 | 		}
49 | 		return GAME_SUBPACKAGE
50 | 	}
51 | 
52 | 	if containsFile(fileList, PluginJson) {
53 | 		if containsFile(fileList, AppService) {
54 | 			return APP_PLUGIN_V1
55 | 		}
56 | 		if containsFile(fileList, Plugin) {
57 | 			return GAME_PLUGIN
58 | 		}
59 | 	}
60 | 
61 | 	return ""
62 | }
63 | 
64 | // containsFile 检查切片中是否包含特定文件名
65 | func containsFile(slice []string, filename string) bool {
66 | 	for _, element := range slice {
67 | 		if filepath.Base(element) == filename {
68 | 			return true
69 | 		}
70 | 	}
71 | 	return false
72 | }
73 | 


--------------------------------------------------------------------------------
/internal/util/humanReadableSize.go:
--------------------------------------------------------------------------------
 1 | package util
 2 | 
 3 | import "fmt"
 4 | 
 5 | // HumanReadableSize 转换为人类可读的文件大小
 6 | func HumanReadableSize(size uint64) string {
 7 | 	if size < 1024 {
 8 | 		return fmt.Sprintf("%d B", size)
 9 | 	}
10 | 	if size < 1024*1024 {
11 | 		return fmt.Sprintf("%.2f KB", float64(size)/1024)
12 | 	}
13 | 	if size < 1024*1024*1024 {
14 | 		return fmt.Sprintf("%.2f MB", float64(size)/(1024*1024))
15 | 	}
16 | 	return fmt.Sprintf("%.2f GB", float64(size)/(1024*1024*1024))
17 | }
18 | 


--------------------------------------------------------------------------------
/internal/util/transformCSS.go:
--------------------------------------------------------------------------------
  1 | package util
  2 | 
  3 | import (
  4 | 	"bytes"
  5 | 	"fmt"
  6 | 	"io"
  7 | 	"strings"
  8 | 
  9 | 	"github.com/tdewolff/parse/v2"
 10 | 	"github.com/tdewolff/parse/v2/css"
 11 | )
 12 | 
 13 | // 定义需要移除的供应商前缀
 14 | var removeTypes = []string{"webkit", "moz", "ms", "o"}
 15 | 
 16 | // TransformCSS 函数用于转换 CSS
 17 | func TransformCSS(style string) string {
 18 | 	l := css.NewLexer(parse.NewInputString(style))
 19 | 	var sb strings.Builder
 20 | 	var inDeclarationBlock *bool = new(bool)
 21 | 
 22 | 	for {
 23 | 		tokenType, token := l.Next()
 24 | 		if tokenType == css.ErrorToken {
 25 | 			if l.Err() == io.EOF {
 26 | 				break
 27 | 			} else {
 28 | 				fmt.Println("Error:", l.Err())
 29 | 				return ""
 30 | 			}
 31 | 		}
 32 | 
 33 | 		switch tokenType {
 34 | 		case css.CommentToken:
 35 | 			sb.WriteString(fmt.Sprintf("\n%s\n", token))
 36 | 		case css.IdentToken:
 37 | 			if *inDeclarationBlock {
 38 | 				handleProperty(l, &sb, token, inDeclarationBlock)
 39 | 			} else {
 40 | 				handleSelector(&sb, token)
 41 | 			}
 42 | 		case css.LeftBraceToken:
 43 | 			sb.WriteString(" {\n")
 44 | 			*inDeclarationBlock = true
 45 | 		case css.RightBraceToken:
 46 | 			sb.WriteString("}\n")
 47 | 			*inDeclarationBlock = false
 48 | 		default:
 49 | 			sb.WriteString(string(token))
 50 | 		}
 51 | 	}
 52 | 
 53 | 	return sb.String()
 54 | }
 55 | 
 56 | // 处理选择器
 57 | func handleSelector(sb *strings.Builder, token []byte) {
 58 | 	selector := strings.TrimSpace(string(token))
 59 | 	if strings.HasPrefix(selector, "wx-") {
 60 | 		selector = selector[3:]
 61 | 	} else if selector == "body" {
 62 | 		selector = "page"
 63 | 	}
 64 | 	sb.WriteString(selector)
 65 | }
 66 | 
 67 | // 处理属性名和值
 68 | func handleProperty(l *css.Lexer, sb *strings.Builder, token []byte, inDeclarationBlock *bool) {
 69 | 	property := string(token)
 70 | 	if skipProperty(property) {
 71 | 		skipValue(l, sb, inDeclarationBlock)
 72 | 		return
 73 | 	}
 74 | 	initialContent := sb.String() // 获取当前内容的拷贝
 75 | 	sb.WriteString(fmt.Sprintf("    %s", property))
 76 | 	readValue(l, sb, initialContent, inDeclarationBlock)
 77 | }
 78 | 
 79 | // 判断是否跳过属性
 80 | func skipProperty(prop string) bool {
 81 | 	for _, prefix := range removeTypes {
 82 | 		if strings.HasPrefix(prop, "-"+prefix+"-") {
 83 | 			return true
 84 | 		}
 85 | 	}
 86 | 	return false
 87 | }
 88 | 
 89 | // 跳过属性值
 90 | func skipValue(l *css.Lexer, sb *strings.Builder, inDeclarationBlock *bool) {
 91 | 	for {
 92 | 		tokenType, _ := l.Next()
 93 | 		if tokenType == css.SemicolonToken {
 94 | 			break
 95 | 		}
 96 | 		if tokenType == css.RightBraceToken {
 97 | 			sb.WriteString("\n}\n")
 98 | 			*inDeclarationBlock = false
 99 | 			break
100 | 		}
101 | 	}
102 | }
103 | 
104 | // 读取属性值
105 | func readValue(l *css.Lexer, sb *strings.Builder, initialContent string, inDeclarationBlock *bool) {
106 | 	// 第一个冒号
107 | 	var colon int64 = 1
108 | 	var isLeftBrace bool = false
109 | 	var isRightBrace bool = false
110 | 
111 | 	var value bytes.Buffer
112 | 	for {
113 | 		tokenType, token := l.Next()
114 | 		if tokenType == css.ColonToken && colon == 1 {
115 | 			colon++
116 | 			continue
117 | 		}
118 | 		if tokenType == css.SemicolonToken {
119 | 			break
120 | 		}
121 | 		if tokenType == css.LeftBraceToken {
122 | 			isLeftBrace = true
123 | 			break
124 | 		}
125 | 		if tokenType == css.RightBraceToken {
126 | 			isRightBrace = true
127 | 			break
128 | 		}
129 | 		value.Write(token)
130 | 	}
131 | 	if shouldRemoveValue(value.String()) {
132 | 		resetStringBuilder(sb, initialContent)
133 | 	} else {
134 | 		if isLeftBrace {
135 | 			sb.WriteString(" {\n")
136 | 			*inDeclarationBlock = true
137 | 			return
138 | 		} else {
139 | 			sb.WriteString(": " + value.String() + ";\n")
140 | 		}
141 | 		if isRightBrace {
142 | 			sb.WriteString("}\n")
143 | 			*inDeclarationBlock = false
144 | 		}
145 | 	}
146 | }
147 | 
148 | // 重置 strings.Builder 的内容到指定长度
149 | func resetStringBuilder(sb *strings.Builder, initialContent string) {
150 | 	sb.Reset()
151 | 	sb.WriteString(initialContent)
152 | }
153 | 
154 | // 判断是否移除属性值
155 | func shouldRemoveValue(value string) bool {
156 | 	if strings.HasPrefix(value, "progid:DXImageTransform") {
157 | 		return true
158 | 	}
159 | 	return false
160 | }
161 | 


--------------------------------------------------------------------------------
/main.go:
--------------------------------------------------------------------------------
  1 | package main
  2 | 
  3 | import (
  4 | 	"encoding/json"
  5 | 	"flag"
  6 | 	"fmt"
  7 | 	"github.com/Ackites/KillWxapkg/api"
  8 | 	"github.com/Ackites/KillWxapkg/cmd"
  9 | 	hook2 "github.com/Ackites/KillWxapkg/internal/hook"
 10 | 	"github.com/Ackites/KillWxapkg/internal/pack"
 11 | 	"log"
 12 | 	"path/filepath"
 13 | 	"time"
 14 | )
 15 | 
 16 | func test() {
 17 | 	config, err := api.LoadConfig("config/config.yaml")
 18 | 	if err != nil {
 19 | 		return
 20 | 	}
 21 | 	// 定义要监控的目录
 22 | 	directory := config.WxAppletPath // 请确保该目录存在
 23 | 
 24 | 	// 创建一个通道用于接收文件名
 25 | 	fileChan := make(chan string)
 26 | 	fmt.Printf("监视目录：%s\n", directory)
 27 | 	// 启动一个goroutine进行文件监控
 28 | 	go func() {
 29 | 		err := api.WatchNewFiles(directory, fileChan)
 30 | 		if err != nil {
 31 | 			log.Fatalf("无法启动文件监控: %v", err)
 32 | 		}
 33 | 	}()
 34 | 
 35 | 	// 主线程持续接收新增文件名并打印
 36 | 	for {
 37 | 		newFile := <-fileChan
 38 | 		fmt.Printf("接收新增文件: %s\n", newFile)
 39 | 		// 等待目录加载时间
 40 | 		time.Sleep(10 * time.Second)
 41 | 		//fmt.Println("等待加载目录.")
 42 | 		subdirs, err := api.ListSubdirectories(newFile)
 43 | 		if err != nil {
 44 | 			log.Fatalf("错误: %v", err)
 45 | 		}
 46 | 
 47 | 		// 发送请求获取appid信息，不一定成功，需要判断
 48 | 		body, err := api.SendRequest(filepath.Base(newFile))
 49 | 		if err != nil {
 50 | 			fmt.Println(err)
 51 | 			return
 52 | 		}
 53 | 
 54 | 		// 输出状态码
 55 | 		//fmt.Println("响应内容:", string(body))
 56 | 
 57 | 		// 解析JSON响应
 58 | 		var responseData api.ResponseData
 59 | 		if err := json.Unmarshal(body, &responseData); err != nil {
 60 | 			fmt.Println("解析JSON失败:", err)
 61 | 			return
 62 | 		}
 63 | 
 64 | 		appID := filepath.Base(newFile)
 65 | 		input := newFile + "\\" + subdirs[0] + "\\__APP__.wxapkg"
 66 | 		outputDir := "output\\"
 67 | 		if responseData.Data.Nickname != "" {
 68 | 			outputDir += responseData.Data.Nickname
 69 | 		} else {
 70 | 			outputDir += appID
 71 | 		}
 72 | 		//fmt.Println("准备输出目录:", outputDir)
 73 | 		err = api.LogHtml(">>>小程序" + outputDir)
 74 | 		if err != nil {
 75 | 			return
 76 | 		}
 77 | 		fileExt := ""
 78 | 		restoreDir := false
 79 | 		pretty := false
 80 | 		noClean := true
 81 | 		save := false
 82 | 		sensitive := true
 83 | 		cmd.Execute(appID, input, outputDir, fileExt, restoreDir, pretty, noClean, save, sensitive)
 84 | 		//fmt.Println(">>> 完成逆向编译<-" + responseData.Data.Nickname)
 85 | 		fmt.Println(">>> 等待下一任务->")
 86 | 	}
 87 | 	//cmd.Execute(appID, input, outputDir, fileExt, restoreDir, pretty, noClean, save, sensitive)
 88 | 
 89 | }
 90 | 
 91 | var (
 92 | 	auto       bool
 93 | 	appID      string
 94 | 	input      string
 95 | 	outputDir  string
 96 | 	fileExt    string
 97 | 	restoreDir bool
 98 | 	pretty     bool
 99 | 	noClean    bool
100 | 	hook       bool
101 | 	save       bool
102 | 	repack     string
103 | 	watch      bool
104 | 	sensitive  bool
105 | )
106 | 
107 | func init() {
108 | 	flag.BoolVar(&auto, "auto", false, "是否目录监控自动反编译，点击即是反编译")
109 | 	flag.StringVar(&appID, "id", "", "微信小程序的AppID")
110 | 	flag.StringVar(&input, "in", "", "输入文件路径（多个文件用逗号分隔）或输入目录路径")
111 | 	flag.StringVar(&outputDir, "out", "", "输出目录路径（如果未指定，则默认保存到输入目录下以AppID命名的文件夹）")
112 | 	flag.StringVar(&fileExt, "ext", ".wxapkg", "处理的文件后缀")
113 | 	flag.BoolVar(&restoreDir, "restore", false, "是否还原工程目录结构")
114 | 	flag.BoolVar(&pretty, "pretty", false, "是否美化输出")
115 | 	flag.BoolVar(&noClean, "noClean", false, "是否清理中间文件")
116 | 	flag.BoolVar(&hook, "hook", false, "是否开启动态调试")
117 | 	flag.BoolVar(&save, "save", false, "是否保存解密后的文件")
118 | 	flag.StringVar(&repack, "repack", "", "重新打包wxapkg文件")
119 | 	flag.BoolVar(&watch, "watch", false, "是否监听将要打包的文件夹，并自动打包")
120 | 	flag.BoolVar(&sensitive, "sensitive", false, "是否获取敏感数据")
121 | }
122 | 
123 | func main() {
124 | 	// 解析命令行参数
125 | 	flag.Parse()
126 | 
127 | 	banner := `
128 | 
129 |  ____  __.__.______   _________          __          
130 | |    |/ _|__|  \   \ /   /  _  \  __ ___/  |_  ____  
131 | |      < |  |  |\   Y   /  /_\  \|  |  \   __\/  _ \ 
132 | |    |  \|  |  |_\     /    |    \  |  /|  | (  <_> )
133 | |____|__ \__|____/\___/\____|__  /____/ |__|  \____/ 
134 |         \/                     \/
135 |                                                     
136 |              Wxapkg Decompiler Tool v1.0.0
137 |     `
138 | 	fmt.Println(banner)
139 | 	// 自动处理
140 | 	if auto {
141 | 		test()
142 | 		return
143 | 	}
144 | 	// 动态调试
145 | 	if hook {
146 | 		hook2.Hook()
147 | 		return
148 | 	}
149 | 
150 | 	// 重新打包
151 | 	if repack != "" {
152 | 		pack.Repack(repack, watch, outputDir)
153 | 		return
154 | 	}
155 | 
156 | 	// 参数检查
157 | 	if appID == "" || input == "" {
158 | 		fmt.Println("使用方法: program -id=<AppID> -in=<输入文件1,输入文件2> 或 -in=<输入目录> -out=<输出目录> [-ext=<文件后缀>] [-restore] [-pretty] [-noClean] [-hook] [-save] [-repack=<输入目录>] [-watch] [-sensitive]")
159 | 		flag.PrintDefaults()
160 | 		fmt.Println()
161 | 		return
162 | 	}
163 | 
164 | 	// 执行命令
165 | 	cmd.Execute(appID, input, outputDir, fileExt, restoreDir, pretty, noClean, save, sensitive)
166 | 	//cmd.Execute("wxd4185d00bf7e08ac", "D:\\appdata\\tencent\\WeChat\\documents\\WeChat Files\\Applet\\wxd4185d00bf7e08ac\\551\\__APP__.wxapkg", "output", fileExt, restoreDir, pretty, noClean, save, sensitive)
167 | }
168 | 


--------------------------------------------------------------------------------