title: Custom Rules Reference description: All objects available for custom security tests.
Limit depth of table of contents
toc_min_heading_level: 2 toc_max_heading_level: 2
Objects
AlertModel
| Property | Type | Required | Description | Reference |
| severity | SEVERITY | True | Severity of the alert | SEVERITY |
| name | string | True | Name of the alert | |
| context | string | True | Context of the alert | |
| category | CATEGORY | False | Category of the alert | CATEGORY |
| description | string | False | Description of the alert | |
| remediation | string | False | Remediation of the alert | |
| compliance | Compliance | False | Compliance standards violated by this alert | Compliance |
Compliance
| Property | Type | Required | Description | Reference |
| owasp | string | False | | |
| pci-dss | string | False | | |
| gdpr | string | False | | |
| soc2 | string | False | | |
| psd2 | string | False | | |
| iso27001 | string | False | | |
| nist | string | False | | |
| fedramp | string | False | | |
| nis2 | string | False | | |
| hipaa | string | False | | |
| owasp_llm | string | False | | |
| cwe | string | False | | |
CrudDetector
| Property | Type | Required | Description | Reference |
| is | CRUD | False | Condition is the request is this CRUD operation | CRUD |
| is_not | CRUD | False | Condition is the request is not this CRUD operation | CRUD |
| in | CRUD | False | Condition is the request is in this list of CRUD operations (exact match) | CRUD |
| if | Const[helpers.request.crud] | False | Use this to select against the detected CRUD operation of the request. | |
HTTPRAWSeeder
| Property | Type | Required | Description | Reference |
| protocol | Const[http] | False | The HTTP seeder allows you to send a request at the start of the scan. | |
| raw | string | True | The raw HTTP request in nuclei format. | |
| user | string | False | The user to use for the request. If not provided, the request is sent without authentication. | |
LogicalAndDetector
| Property | Type | Required | Description | Reference |
| and | CrudDetector|LogicalAndDetector|LogicalNotDetector|LogicalOrDetector|MethodDetector|RequestBodyJSONDetector|RequestBodyTextDetector|RequestHeadersDetector|RequestIsAuthenticatedDetector|RequestObjectDetector|RequestUserDetector|ResponseBodyJSONDetector|ResponseBodyTextDetector|ResponseDurationDetector|ResponseHeadersDetector|ResponseIsSuccessfulDetector|ResponseObjectDetector|ResponseStatusCodeDetector|ScanTypeDetector|SchemaNeedAuthenticationDetector|SchemaPathRefDetector|SchemaUrlDetector | False | Logical and on a list of detectors | [CrudDetector |
| if | Const[and] | False | Use this to apply a logical and on a list of detectors. | |
LogicalNotDetector
| Property | Type | Required | Description | Reference |
| not | CrudDetector|LogicalAndDetector|LogicalNotDetector|LogicalOrDetector|MethodDetector|RequestBodyJSONDetector|RequestBodyTextDetector|RequestHeadersDetector|RequestIsAuthenticatedDetector|RequestObjectDetector|RequestUserDetector|ResponseBodyJSONDetector|ResponseBodyTextDetector|ResponseDurationDetector|ResponseHeadersDetector|ResponseIsSuccessfulDetector|ResponseObjectDetector|ResponseStatusCodeDetector|ScanTypeDetector|SchemaNeedAuthenticationDetector|SchemaPathRefDetector|SchemaUrlDetector | False | Logical not of a detector | [CrudDetector |
| if | Const[not] | False | Use this to apply a logical not on a detector. | |
LogicalOrDetector
| Property | Type | Required | Description | Reference |
| or | CrudDetector|LogicalAndDetector|LogicalNotDetector|LogicalOrDetector|MethodDetector|RequestBodyJSONDetector|RequestBodyTextDetector|RequestHeadersDetector|RequestIsAuthenticatedDetector|RequestObjectDetector|RequestUserDetector|ResponseBodyJSONDetector|ResponseBodyTextDetector|ResponseDurationDetector|ResponseHeadersDetector|ResponseIsSuccessfulDetector|ResponseObjectDetector|ResponseStatusCodeDetector|ScanTypeDetector|SchemaNeedAuthenticationDetector|SchemaPathRefDetector|SchemaUrlDetector | False | Logical or on a list of detectors | [CrudDetector |
| if | Const[or] | False | Use this to apply a logical or on a list of detectors. | |
MethodDetector
| Property | Type | Required | Description | Reference |
| is | HTTP_METHOD | False | Condition is the request is this CRUD operation | HTTP_METHOD |
| is_not | HTTP_METHOD | False | Condition is the request is not this CRUD operation | HTTP_METHOD |
| in | HTTP_METHOD | False | Condition is the request is in this list of CRUD operations (exact match) | HTTP_METHOD |
| if | Const[request.method] | False | Use this to select against the request HTTP method. | |
MethodMutator
| Property | Type | Required | Description | Reference |
| key | Const[request.method] | False | You can use this mutator to change the HTTP method of the | |
| value | HTTP_METHOD | False | The value to set. | HTTP_METHOD |
| values | HTTP_METHOD | False | The values to set, generates multiple queries. | HTTP_METHOD |
Middleware
| Property | Type | Required | Description | Reference |
| trigger | CrudDetector | LogicalAndDetector | LogicalNotDetector | LogicalOrDetector | MethodDetector | RequestBodyJSONDetector | RequestBodyTextDetector | RequestHeadersDetector | RequestIsAuthenticatedDetector | RequestObjectDetector | RequestUserDetector | ResponseBodyJSONDetector | ResponseBodyTextDetector | ResponseDurationDetector | ResponseHeadersDetector | ResponseIsSuccessfulDetector | ResponseObjectDetector | ResponseStatusCodeDetector | ScanTypeDetector | SchemaNeedAuthenticationDetector | SchemaPathRefDetector | SchemaUrlDetector | True | The detectors to trigger the transform, on the request or response. See Detectors | |
| mutate | MethodMutator | RequestBodyJSONMutator | RequestBodyTextMutator | RequestHeadersMutator | RequestObjectMutator | RequestUserMutator | SchemaPathRefMutator | SchemaUrlMutator | True | The mutations to apply to the request and replay it. See Mutators | |
ObjectMatcher
| Property | Type | Required | Description | Reference |
| type | ObjectTypeMatcher | False | Object scalar type to match | ObjectTypeMatcher |
| name | StringMatcher | False | Object scalar name to match | StringMatcher |
| value | StringMatcher | False | Object scalar value to match | StringMatcher |
ObjectMutate
| Property | Type | Required | Description | Reference |
| value | string | False | The value to set. | |
| values | string | False | The values to set, generates multiple queries. | |
| regex_replace | RegexReplace | False | Regex replace pattern. | RegexReplace |
ObjectTypeMatcher
| Property | Type | Required | Description | Reference |
| is | OBJECT_TYPE | False | Object type is exactly this type | OBJECT_TYPE |
| is_not | OBJECT_TYPE | False | Object type is any this type except this one | OBJECT_TYPE |
| in | OBJECT_TYPE | False | Object type is in the following list | OBJECT_TYPE |
RESTSeeder
| Property | Type | Required | Description | Reference |
| protocol | Const[rest] | False | The REST seeder allows you to send a request that adapts to the host of your current scan. | |
| user | string | False | The user to use for the request. If not provided, the request is sent without authentication. | |
| path | string | False | | |
| method | HTTP_METHOD | False | | HTTP_METHOD |
| headers | Dict[string, string] | False | | |
| body | string | False | | |
| params | Dict[string, string] | False | | |
RegexReplace
| Property | Type | Required | Description | Reference |
| pattern | string | True | The regex pattern to match. | |
| replacement | string | True | The replacement, use \1, \2, ... to refer capture groups. | |
RequestBodyJSONDetector
| Property | Type | Required | Description | Reference |
| is | Any | False | Condition is this exact JSON | |
| is_not | Any | False | Condition is not this exact JSON | |
| in | Any | False | Condition is in this list of JSON | |
| jq | string | False | JQ query to match and use as boolean | |
| if | Const[request.body.json] | False | Use this to select and compare the request body when detected as JSON, using jq-like syntax. | |
RequestBodyJSONMutator
| Property | Type | Required | Description | Reference |
| key | Const[request.body.json] | False | You can use this mutator to change the JSON body of the request before resending it. | |
| jq | string | False | JQ query to apply to the JSON body. Seestedolan.github.io | |
RequestBodyTextDetector
| Property | Type | Required | Description | Reference |
| is | string | False | Condition is this exact string | |
| is_not | string | False | Condition is not this exact string | |
| in | string | False | Condition is in this list (exact match) | |
| contains | string | False | Contains this string | |
| regex | string | False | Condition is matched on this regex with fullmatch | |
| if | Const[request.body.text] | False | Use this to select and compare the request body as text, using string compare. | |
RequestBodyTextMutator
| Property | Type | Required | Description | Reference |
| value | string | False | The value to set. | |
| values | string | False | The values to set, generates multiple queries. | |
| regex_replace | RegexReplace | False | Regex replace pattern. | RegexReplace |
| key | Const[request.body.text] | False | You can use this mutator to change the body (as text) of the request before resending it. | |
| Property | Type | Required | Description | Reference |
| key | StringMatcher | False | Key to match | StringMatcher |
| value | StringMatcher | False | Value to match | StringMatcher |
| if | Const[request.headers] | False | Use that to select and compare the request headers in a key value dictionary. | |
| Property | Type | Required | Description | Reference |
| value | string | False | The value to set. | |
| values | string | False | The values to set, generates multiple queries. | |
| regex_replace | RegexReplace | False | Regex replace pattern. | RegexReplace |
| key | Const[request.headers] | False | You can use this mutator to change the headers of the request before resending it. | |
| name | string | True | The header name to match, supports regex. | |
| delete | boolean | False | Delete the matched headers. | |
RequestIsAuthenticatedDetector
| Property | Type | Required | Description | Reference |
| is | boolean | False | Condition is true | |
| is_not | boolean | False | Condition is false | |
| if | Const[request.is_authenticated] | False | Use this to select whether or not whether the request is authenticated. | |
RequestObjectDetector
| Property | Type | Required | Description | Reference |
| type | ObjectTypeMatcher | False | Object scalar type to match | ObjectTypeMatcher |
| name | StringMatcher | False | Object scalar name to match | StringMatcher |
| value | StringMatcher | False | Object scalar value to match | StringMatcher |
| if | Const[request.object] | False | Use this to select and compare the detected object scalars (including custom scalars) in the request, with their kind, name and value. | |
RequestObjectMutator
| Property | Type | Required | Description | Reference |
| key | Const[request.object] | False | The detected object scalars (including custom scalars) in the request, with their kind, name and value. | |
| select | ObjectMatcher | True | | ObjectMatcher |
| mutate | ObjectMutate | True | | ObjectMutate |
RequestUserDetector
| Property | Type | Required | Description | Reference |
| is | string | False | Condition is this exact string | |
| is_not | string | False | Condition is not this exact string | |
| in | string | False | Condition is in this list (exact match) | |
| contains | string | False | Contains this string | |
| regex | string | False | Condition is matched on this regex with fullmatch | |
| if | Const[request.user] | False | Use this to string compare the configured user for the request. | |
RequestUserMutator
| Property | Type | Required | Description | Reference |
| value | string | False | The value to set. | |
| values | string | False | The values to set, generates multiple queries. | |
| regex_replace | RegexReplace | False | Regex replace pattern. | RegexReplace |
| key | Const[request.user] | False | You can use this mutator to change the user of the request before resending it. | |
| drop_user | boolean | False | Remove the user authentication from the request. | |
ResponseBodyJSONDetector
| Property | Type | Required | Description | Reference |
| is | Any | False | Condition is this exact JSON | |
| is_not | Any | False | Condition is not this exact JSON | |
| in | Any | False | Condition is in this list of JSON | |
| jq | string | False | JQ query to match and use as boolean | |
| if | Const[response.body.json] | False | Use this to select and compare the response body when detected as JSON, using jq-like syntax. | |
ResponseBodyTextDetector
| Property | Type | Required | Description | Reference |
| is | string | False | Condition is this exact string | |
| is_not | string | False | Condition is not this exact string | |
| in | string | False | Condition is in this list (exact match) | |
| contains | string | False | Contains this string | |
| regex | string | False | Condition is matched on this regex with fullmatch | |
| if | Const[response.body.text] | False | Use this to select and compare the response body as text, using string compare. | |
ResponseDurationDetector
| Property | Type | Required | Description | Reference |
| is | integer | False | Condition is this exact integer | |
| is_not | integer | False | Condition is not this exact integer | |
| in | integer | False | Condition is in this list of integers (exact match) | |
| gt | integer | False | Condition is greater than this integer | |
| lt | integer | False | Condition is less than this integer | |
| if | Const[response.duration_ms] | False | Use this to compare the duration of the request in milliseconds. | |
| Property | Type | Required | Description | Reference |
| key | StringMatcher | False | Key to match | StringMatcher |
| value | StringMatcher | False | Value to match | StringMatcher |
| if | Const[response.headers] | False | Use that to select and compare the response headers in a key value dictionary. | |
ResponseIsSuccessfulDetector
| Property | Type | Required | Description | Reference |
| is | boolean | False | Condition is true | |
| is_not | boolean | False | Condition is false | |
| if | Const[helpers.response.is_successful] | False | Use this to check whether the response is successful. | |
ResponseObjectDetector
| Property | Type | Required | Description | Reference |
| type | ObjectTypeMatcher | False | Object scalar type to match | ObjectTypeMatcher |
| name | StringMatcher | False | Object scalar name to match | StringMatcher |
| value | StringMatcher | False | Object scalar value to match | StringMatcher |
| if | Const[response.object] | False | Use this to select and compare the detected object scalars (including custom scalars) in the response, with their kind, name and value. | |
ResponseStatusCodeDetector
| Property | Type | Required | Description | Reference |
| is | integer | False | Condition is this exact integer | |
| is_not | integer | False | Condition is not this exact integer | |
| in | integer | False | Condition is in this list of integers (exact match) | |
| gt | integer | False | Condition is greater than this integer | |
| lt | integer | False | Condition is less than this integer | |
| if | Const[response.status_code] | False | Use this to compare the HTTP status code as an integer. | |
ScanTypeDetector
| Property | Type | Required | Description | Reference |
| is | SCAN_TYPE | False | The scan type is exactly this | SCAN_TYPE |
| is_not | SCAN_TYPE | False | The scan type is not this type | SCAN_TYPE |
| in | SCAN_TYPE | False | The scan type is in this list | SCAN_TYPE |
| if | Const[scan.type] | False | Use this to select against the type of the scan. | |
SchemaNeedAuthenticationDetector
| Property | Type | Required | Description | Reference |
| is | boolean | False | Condition is true | |
| is_not | boolean | False | Condition is false | |
| if | Const[schema.need_authentication] | False | Use this to select whether or not the schema requires authentication. | |
SchemaPathRefDetector
| Property | Type | Required | Description | Reference |
| is | string | False | Condition is this exact string | |
| is_not | string | False | Condition is not this exact string | |
| in | string | False | Condition is in this list (exact match) | |
| contains | string | False | Contains this string | |
| regex | string | False | Condition is matched on this regex with fullmatch | |
| if | Const[schema.path_ref] | False | Use this to string compare the operation name in GraphQL or the path in REST. | |
SchemaPathRefMutator
| Property | Type | Required | Description | Reference |
| value | string | False | The value to set. | |
| values | string | False | The values to set, generates multiple queries. | |
| regex_replace | RegexReplace | False | Regex replace pattern. | RegexReplace |
| key | Const[schema.path_ref] | False | You can use this mutator to change the operation name in GraphQL or the path in REST (keeping the domain) before resending it. | |
SchemaUrlDetector
| Property | Type | Required | Description | Reference |
| is | string | False | Condition is this exact string | |
| is_not | string | False | Condition is not this exact string | |
| in | string | False | Condition is in this list (exact match) | |
| contains | string | False | Contains this string | |
| regex | string | False | Condition is matched on this regex with fullmatch | |
| if | Const[schema.url] | False | Use this to string compare the URL of the request. | |
SchemaUrlMutator
| Property | Type | Required | Description | Reference |
| value | string | False | The value to set. | |
| values | string | False | The values to set, generates multiple queries. | |
| regex_replace | RegexReplace | False | Regex replace pattern. | RegexReplace |
| key | Const[schema.url] | False | You can use this mutator to change the URL of the request before resending it. | |
StringMatcher
| Property | Type | Required | Description | Reference |
| is | string | False | Condition is this exact string | |
| is_not | string | False | Condition is not this exact string | |
| in | string | False | Condition is in this list (exact match) | |
| contains | string | False | Contains this string | |
| regex | string | False | Condition is matched on this regex with fullmatch | |
Enums
CATEGORY
-
ACCESS_CONTROL
-
CONFIGURATION
-
INFORMATION_DISCLOSURE
-
INJECTION
-
PROTOCOL
-
REQUEST_FORGERY
-
RESOURCE_LIMITATION
-
SCHEMA
-
CUSTOM
CRUD
-
CREATE
-
READ
-
UPDATE
-
DELETE
HTTP_METHOD
-
GET
-
POST
-
PUT
-
DELETE
-
HEAD
-
PATCH
-
OPTIONS
-
TRACE
-
CONNECT
OBJECT_TYPE
-
abbysale
-
abstract
-
abuseipdb
-
accuweather
-
adafruit_api_key
-
adobe_client_id
-
adobe_client_secret
-
adzuna_private
-
adzuna_public
-
aeroworkflow_client
-
aeroworkflow_private
-
age_secret_key
-
agora
-
airbrakeproject_private_key
-
airbrakeproject_pub_key
-
airbrakeuserkey
-
airship_private
-
airtable_api_key
-
airvisual
-
alconost
-
alegra
-
aletheiaapi
-
algolia_api_key
-
algoliaadminkey
-
alibaba_access_key_id
-
alibaba_secret_key
-
alienvault
-
allsports
-
amadeus
-
ambee
-
amount
-
amplitudeapikey
-
anypoint
-
apacta
-
api2cart
-
apideck_secret
-
apideck_user
-
apiflash
-
apifonica
-
apify
-
apimatic
-
apiscience
-
apollo
-
appcues
-
appfollow
-
application
-
appsynergy
-
apptivo
-
area_code
-
artifactory_secret
-
artsy
-
asana_client_id
-
asana_client_secret
-
asanaoauth
-
asanapersonalaccesstoken
-
assemblyai
-
atlassian_api_token
-
audd
-
auth0managementapitoken
-
authentication
-
author
-
authorization_code
-
authress_service_client_access_key
-
autodesk
-
autoklose
-
autopilot
-
avazapersonalaccesstoken
-
aviationstack
-
aws_access_token
-
aws_mws_id
-
aws_secret_key
-
axonaut
-
aylien
-
ayrshare
-
bank
-
bank_account
-
bank_card
-
bannerbear
-
baremetrics
-
base64
-
baseapiio
-
bcrypt
-
beamer_api_token
-
bearer
-
bearer_uuid
-
beebole
-
besttime
-
billomat
-
bitbar
-
bitbucket_client_id
-
bitbucket_client_secret
-
bitcoin
-
bitcoinaverage
-
bitfinex
-
bitlyaccesstoken
-
bitmex
-
bittrex_access_key
-
bittrex_secret_key
-
blazemeter
-
blitapp
-
blogger
-
body_type
-
bombbomb
-
boolean
-
boolean_wannabe
-
boostnote
-
borgbase
-
brandfetch
-
browshot
-
buddyns
-
bugherd
-
bugsnag
-
building
-
buildkite
-
bulbul
-
business_type
-
buttercms
-
caflou
-
calendarific
-
calendlyapikey
-
calorieninja
-
campayn
-
cannyio
-
capsulecrm
-
captaindata
-
carboninterface
-
card_type
-
carrier
-
cashboard
-
caspio
-
category
-
censys
-
centralstationcrm
-
cexio
-
chatfule
-
checio
-
checklyhq
-
checkvist
-
cicero
-
circleci
-
city
-
clearbit
-
clickhelp
-
cliengo
-
clinchpad
-
clockify
-
clockworksms
-
clojars_api_token
-
closecrm
-
cloudelements
-
cloudflareapitoken
-
cloudflarecakey
-
cloudflareglobalapikey
-
cloudimage
-
cloudmersive
-
cloudplan
-
cloverly
-
cloze
-
clustdoc
-
codacy
-
codecov_access_token
-
coinapi
-
coinbase_access_token
-
coinlayer
-
coinlib
-
column
-
command
-
commercejs
-
commit_hash
-
commodities
-
companyhub
-
confirmation_code
-
confluent_access_token
-
confluent_secret_key
-
content_type
-
contentful_delivery_api_token
-
contentfulpersonalaccesstoken
-
convertkit
-
convier
-
country
-
country_code
-
countrylayer
-
county
-
coupon_code
-
courier
-
coveralls
-
credit_card_number
-
crowdin
-
cryptocompare
-
cuid
-
currency_code
-
currencycloud
-
currencyfreaks
-
currencylayer
-
currencyscoop
-
currentsapi
-
customerguru
-
customerio
-
cvv
-
d7network
-
dailyco
-
dandelion
-
dash
-
databricks_api_token
-
datadog_access_token
-
datadogtoken
-
datafire
-
datagov
-
date
-
datetime
-
debounce
-
deepai
-
deepgram
-
defined_networking_api_token
-
delighted
-
delivery_method
-
department_name
-
detectlanguage
-
device_name
-
device_type
-
dfuse
-
did
-
diffbot
-
digitalocean_access_token
-
digitalocean_pat
-
digitalocean_refresh_token
-
digitaloceantoken
-
directory
-
discount
-
ditto
-
dnscheck
-
docker_hub_private_access_token
-
document_type
-
documo
-
domain
-
doppler_api_token
-
dotmailer
-
dovico
-
driving_license
-
dronahq
-
droneci_access_token
-
dropbox_api_token
-
dropbox_long_lived_api_token
-
dropbox_short_lived_api_token
-
duffel_api_token
-
duration
-
dwolla
-
dynalist
-
dynatrace_api_token
-
dyspatch
-
e_commerce_indicator
-
eagleeyenetworks
-
easyinsight
-
easypost_api_token
-
easypost_test_api_token
-
edamam
-
edenai
-
eightxeight
-
elasticemail
-
email
-
enablex
-
enigma
-
environment
-
ethereum
-
ethplorer
-
etsy_access_token
-
etsyapikey
-
event_type
-
everhour
-
exchangerateapi
-
exchangeratesapi
-
facebook
-
facebookoauth
-
faceplusplus
-
fakejson
-
fastforex
-
fastly_api_token
-
fastlypersonaltoken
-
fee
-
feedier
-
fetchrss
-
figmapersonalaccesstoken
-
file
-
fileio
-
finage
-
financialmodelingprep
-
findl
-
finicity_api_token
-
finicity_client_secret
-
finnhub_access_token
-
fixerio
-
flatio
-
fleetbase
-
flickr_access_token
-
flightapi
-
flightstats
-
float
-
flowflu
-
flutterwave_encryption_key
-
flutterwave_public_key
-
flutterwave_secret_key
-
fmfw
-
form
-
formbucket
-
formio
-
foursquare
-
frameio_api_token
-
french_phone
-
freshbooks_access_token
-
freshdesk
-
front
-
fulcrum
-
fullstory
-
func
-
fusebill
-
fxmarket
-
gcp_api_key
-
geckoboard
-
gender
-
generic_api_key
-
gengo
-
geoapify
-
geocode
-
geocodify
-
geocodio
-
geoipifi
-
getemail
-
getemails
-
getgeoapi
-
getgist
-
getsandbox
-
github_app_token
-
github_fine_grained_pat
-
github_oauth
-
github_pat
-
github_refresh_token
-
githubapp
-
gitlab_pat
-
gitlab_ptt
-
gitlab_rrt
-
gitlabv2
-
gitter_access_token
-
glassnode
-
gocanvas
-
gocardless_api_token
-
goodday
-
google_api_public_key
-
grafana_api_key
-
grafana_cloud_api_token
-
grafana_service_account_token
-
graphcms
-
graphhopper
-
groovehq
-
guardianapi
-
guru
-
gyazo
-
happi
-
happyscribe
-
harvest
-
hash
-
hashicorp_tf_api_token
-
hellosign
-
helpcrunch
-
helpscout
-
hereapi
-
heroku_api_key
-
hex_color_code
-
hexadecimal
-
hive
-
hiveage
-
holidayapi
-
host
-
house_number
-
hsl
-
hsla
-
html2pdf
-
html_body
-
http_method
-
hubspot_api_key
-
hubspotapikey
-
huggingface_access_token
-
huggingface_organization_api_token
-
humanity
-
hunter
-
hypertrack
-
ibmclouduserkey
-
iconfinder
-
id
-
identity_number
-
iexcloud
-
imagekit
-
imagga
-
impala
-
infracost_api_token
-
injection
-
insightly
-
instagram_oauth
-
integer
-
integer32
-
integer64
-
integromat
-
intercom_api_key
-
intrinio
-
invoiceocean
-
ipapi
-
ipc_patent
-
ipgeolocation
-
ipify
-
ipinfodb
-
ipquality
-
ipstack_token
-
ipv4
-
ipv6
-
isbn
-
item
-
jdbc
-
jfrog_api_key
-
jfrog_identity_token
-
jiratoken
-
join
-
jotform
-
json
-
jumpcloud
-
juro
-
jwt
-
jwt_base64
-
kanban
-
karmacrm
-
keenio
-
key_kms
-
kickbox
-
klipfolio
-
kontent
-
kraken_access_token
-
kucoin_access_token
-
kucoin_secret_key
-
kylas
-
language_iso_639_1
-
language_iso_639_2
-
languagelayer
-
lastfm
-
latitude
-
launchdarkly_access_token
-
leadfeeder
-
legal_name
-
lendflow
-
lessannoyingcrm
-
lexigram
-
limit
-
linear_api_key
-
linear_client_secret
-
linearapi
-
linemessaging
-
linenotify
-
linkedin_client_id
-
linkedin_client_secret
-
liveagent
-
livestorm
-
llm_input
-
lob_api_key
-
lob_pub_api_key
-
locale
-
location
-
locationiq
-
loginradius
-
lokalisetoken
-
long
-
longitude
-
loyverse
-
luno
-
m3o
-
mac
-
macaddress
-
madkudu
-
magnetic
-
mailboxlayer
-
mailchimp_api_key
-
mailerlite
-
mailgun_private_api_token
-
mailgun_pub_key
-
mailgun_signing_key
-
mailjetbasicauth
-
mailjetsms
-
mailmodo
-
mailsac
-
mandrill
-
manifest
-
mapbox_api_token
-
mapquest
-
marketstack
-
mask
-
mattermost_access_token
-
mattermostpersonaltoken
-
mavenlink
-
maxmindlicense
-
md5
-
meaningcloud
-
mediastack
-
meistertask
-
merchant
-
mesibo
-
messagebird_api_token
-
messagebird_client_id
-
metaapi
-
metrilo
-
microsoft_teams_webhook
-
microsoftteamswebhook
-
midise
-
mime_type
-
mindmeister
-
mite
-
mixmax
-
mixpanel
-
moderation
-
monday
-
monero
-
mongo_db_object_id
-
month
-
moonclerck
-
moonclerk
-
moosend
-
mrticktock
-
myfreshworks
-
myintervals
-
nasdaqdatalink
-
navigation
-
nethunt
-
netlify_access_token
-
neutrinoapi
-
new_relic_browser_api_token
-
new_relic_user_api_id
-
new_relic_user_api_key
-
newrelicpersonalapikey
-
newsapi
-
newscatcher
-
nexmoapikey
-
nftport
-
nicereply
-
nimble
-
nitro
-
noticeable
-
notion
-
nozbeteams
-
npm_access_token
-
numverify
-
nutritionix
-
nylas
-
nytimes_access_token
-
oanda
-
offset
-
okta_access_token
-
omnisend
-
onedesk
-
onelogin
-
onepagecrm
-
onwaterio
-
oopspam
-
openai_api_key
-
opencagedata
-
opengraphr
-
openuv
-
openweather
-
optimizely
-
organization
-
owlbot
-
pagerdutyapikey
-
pandadoc
-
pandascore
-
paralleldots
-
partnerstack
-
passbase
-
passport
-
password
-
pastebin
-
paymoapp
-
paymongo
-
paypaloauth
-
paystack
-
pdflayer
-
pdfshift
-
peopledatalabs
-
pepipost
-
permission
-
phone
-
pin_code
-
pipedream
-
pipedrive
-
pivotaltracker
-
pixabay
-
plaid_api_token
-
plaid_client_id
-
plaid_secret_key
-
plaidkey
-
plan
-
planetscale_api_token
-
planetscale_oauth_token
-
planetscale_password
-
planviewleankit
-
planyo
-
plivo
-
policy
-
poloniex
-
polygon
-
port
-
position
-
positionstack
-
postageapp
-
posthog
-
postman_api_token
-
postmark
-
powrbot
-
prefect_api_token
-
price
-
private_key
-
privatekey
-
prospectcrm
-
prospectio
-
protocol
-
protocolsio
-
proxycrawl
-
pubnubpublishkey
-
pulumi_api_token
-
purestake
-
pushbulletapikey
-
pusherchannelkey
-
pypi_upload_token
-
qualaroo
-
qubole
-
quickmetrics
-
rapidapi_access_token
-
raven
-
rawg
-
razorpay
-
readme_api_token
-
reallysimplesystems
-
reason_code
-
rebrandly
-
reference
-
refiner
-
region
-
repairshopr
-
restpack
-
restpackhtmltopdfapi
-
restpackscreenshotapi
-
return_type
-
rev
-
revampcrm
-
rgb
-
rgba
-
ringcentral
-
ritekit
-
roaring
-
rocketreach
-
role
-
roninapp
-
room
-
route4me
-
rownd
-
rubygems_api_token
-
runrunit
-
salesblink
-
salescookie
-
salesflare
-
satismeterprojectkey
-
satismeterwritekey
-
saucelabs
-
scalewaykey
-
scalingo_api_token
-
scrapeowl
-
scraperapi
-
scraperbox
-
scrapersite
-
scrapestack
-
scrapfly
-
scrapingant
-
scrapingbee
-
screenshotapi
-
screenshotlayer
-
search
-
secret
-
securitytrails
-
segmentapikey
-
selectpdf
-
semaphore
-
sendbird_access_id
-
sendbird_access_token
-
sendbirdorganizationapi
-
sendgrid_api_token
-
sendinblue_api_token
-
sendinbluev2
-
sentiment
-
sentry_access_token
-
sentrytoken
-
serial_number
-
serphouse
-
serpstack
-
sha1
-
sha256
-
sheety
-
sherpadesk
-
shipday
-
shipping_method
-
shippo_api_token
-
shodankey
-
shopify_access_token
-
shopify_custom_access_token
-
shopify_private_app_access_token
-
shopify_shared_secret
-
shortcut
-
shotstack
-
shutterstock
-
shutterstockoauth
-
sidekiq_secret
-
sidekiq_sensitive_url
-
signalwire
-
signaturit
-
signupgenius
-
sigopt
-
simplesat
-
simplynoted
-
simvoly
-
sinchmessage
-
sirv
-
siteleaf
-
skrappio
-
skybiometry
-
slack_app_token
-
slack_bot_token
-
slack_config_access_token
-
slack_config_refresh_token
-
slack_legacy_bot_token
-
slack_legacy_token
-
slack_legacy_workspace_token
-
slack_user_token
-
slack_webhook_url
-
slackwebhook
-
slug
-
smartsheets
-
smartystreets
-
smooch
-
snipcart
-
snyk_api_token
-
snykkey
-
social_security_number
-
software_component
-
sparkpost
-
splunkobservabilitytoken
-
spoonacular
-
sportsmonk
-
spotifykey
-
square_access_token
-
squareapp
-
squarespace_access_token
-
squareup
-
ssh_url
-
sslmate
-
status
-
status_code
-
status_message
-
stitchdata
-
stockdata
-
storecove
-
stormglass
-
storyblok
-
storychief
-
strava
-
streak
-
street_address
-
string
-
stripe_access_token
-
stripe_public_access_token
-
stytch
-
sugester
-
sumologic_access_id
-
sumologic_access_token
-
sumologickey
-
supernotesapi
-
surveyanyplace
-
surveybot
-
surveysparrow
-
survicate
-
swell
-
swiftype
-
tallyfy
-
tatumio
-
taxjar
-
teamgate
-
teamworkcrm
-
teamworkdesk
-
teamworkspaces
-
technicalanalysisapi
-
telegram_bot_api_token
-
telegrambottoken
-
telnyx
-
terraformcloudpersonaltoken
-
text2data
-
textmagic
-
theoddsapi
-
thinkific
-
thousandeyes
-
ticketmaster
-
tiingo
-
time
-
timestamp
-
timezoneapi
-
title
-
tmetric
-
todoist
-
toggltrack
-
tomorrowio
-
tomtom
-
tradier
-
travelpayouts
-
travisci_access_token
-
trelloapikey
-
tru
-
twelvedata
-
twilio_api_key
-
twitch_api_token
-
twitter_access_secret
-
twitter_access_token
-
twitter_api_key
-
twitter_api_secret
-
twitter_bearer_token
-
tyntec
-
typeform_api_token
-
ubidots
-
unifyid
-
unplugg
-
unsanitized_payload
-
unsplash
-
upcdatabase
-
uplead
-
uploadcare
-
upwave
-
uri
-
url
-
urlscan
-
us_bank_account_number
-
us_bank_routing_number
-
us_zip_code
-
user_agent
-
username
-
userstack
-
uuid
-
vatlayer
-
vault_batch_token
-
vault_service_token
-
vehicle_type
-
vercel
-
verifier
-
verimail
-
version
-
versioneye
-
view
-
viewneo
-
virustotal
-
visualcrossing
-
voicegain
-
vouchery
-
vpnapi
-
vultrapikey
-
vyte
-
walkscore
-
weatherbit
-
weatherstack
-
webex
-
webflow
-
webscraper
-
webscraping
-
website
-
wepay
-
whoxy
-
worksnaps
-
workstack
-
worldcoinindex
-
worldweather
-
wrike
-
yandex_access_token
-
yandex_api_key
-
yandex_aws_access_token
-
year
-
youneedabudget
-
yousign
-
youtubeapikey
-
zapierwebhook
-
zendesk_secret_key
-
zendeskapi
-
zenkitapi
-
zenscrape
-
zenserp
-
zeplin
-
zerobounce
-
zip_code
-
zipapi
-
zipbooks
-
zipcodeapi
-
zonkafeedback
SCAN_TYPE
SEVERITY