diff --git a/src/config/db_search_words.txt b/src/config/db_search_words.txt
index 112b425..56cf0ac 100644
--- a/src/config/db_search_words.txt
+++ b/src/config/db_search_words.txt
@@ -1,18 +1,10 @@
-password|||10|||triggers unwanted classes like password reset, hence the low score
-privatekey|||80
-private_key|||80
-apikey|||75
-http:|||10
-https:|||7
-database_secret|||80
-database_password|||80
-databasepassword|||80
-databasesecret|||80
-(https|http):\/\/.*api.*|||60||| This regex matches any URL containing 'api'
-(https|http):\/\/.*test.*|||60||| This regex matches any URL containing 'test'
-(https|http):\/\/.*uat.*|||60||| This regex matches any URL containing 'uat'
+passw(d|ord)?|||10|||triggers unwanted classes like password reset, hence the low score
+(private|secret|api|aws)[_-]?key|||80
+https?:|||7
+(db|database)[_-]?(passw(d|ord)?|secret)|||80
+https?:\/\/.*(uat|test|api).*|||60||| This regex matches any URL containing 'api|uat|test'
 ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|||40||| Matching IP adresses
 ^[a-f0-9]{32}$|||70||| MD5 hash
 \b([a-f0-9]{40})\b|||70||| SHA1 hash
 ^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})$|||70||| base64 string
-Authorization: Basic|||95||| Basic authentication
\ No newline at end of file
+Authorization: Basic|||95||| Basic authentication
diff --git a/src/config/exclusion_list.txt b/src/config/exclusion_list.txt
index 5504eca..e2d9b5d 100644
--- a/src/config/exclusion_list.txt
+++ b/src/config/exclusion_list.txt
@@ -1,3 +1,3 @@
 http:|||"res","layout"||| Suggested by Adi
-(https|http):\/\/.*api.*|||"res","layout"||| Suggested by Adi
-http:\/\/schemas\.android\.com\/apk\/res\/android||||||
\ No newline at end of file
+https?:\/\/.*api.*|||"res","layout"||| Suggested by Adi
+http:\/\/schemas\.android\.com\/apk\/res\/android||||||
diff --git a/src/config/src_search_words.txt b/src/config/src_search_words.txt
index 8e03daa..3c18b84 100644
--- a/src/config/src_search_words.txt
+++ b/src/config/src_search_words.txt
@@ -1,20 +1,12 @@
-password|||10|||triggers unwanted classes like password reset, hence the low score
-privatekey|||80
-private_key|||80
-apikey|||75
-http:|||10
-https:|||7
-database_secret|||80
-database_password|||80
-databasepassword|||80
-databasesecret|||80
-(https|http):\/\/.*api.*|||60||| This regex matches any URL containing 'api'
-(https|http):\/\/.*test.*|||60||| This regex matches any URL containing 'test'
-(https|http):\/\/.*uat.*|||60||| This regex matches any URL containing 'uat'
+passw(d|ord)?|||10|||triggers unwanted classes like password reset, hence the low score
+(private|secret|api|aws)[_-]?key|||80
+https?:|||7
+(db|database)[_-]?(passw(d|ord)?|secret)|||80
+https?:\/\/.*(uat|test|api).*|||60||| This regex matches any URL containing 'api|uat|test'
 ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|||40||| Matching IP adresses
 ^[a-f0-9]{32}$|||70||| MD5 hash
 \b([a-f0-9]{40})\b|||70||| SHA1 hash
 ^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})$|||70||| base64 string
 Authorization: Basic|||95||| Basic authentication
 SELECT \* FROM|||40||| Intersting SQL transaction
-INSERT INTO .* VALUES|||40||| Intersting SQL transaction
\ No newline at end of file
+INSERT INTO .* VALUES|||40||| Intersting SQL transaction