keywords to look for while white-box source code analysis

wordlist.txt

api
api_key
api_secret_key
secret_key
secret
BEGIN
PRIVATE
private
PRIVATE_KEY
private_key
key
token
CSRF
Arrays.equals
HMAC
random
mt_rand
rand
random.org
iv
encrypt
crypt
MCRYPT
RIJNDAEL
MCRYPT_RIJNDAEL_256
ECB
ecb
password
passwd
pass
hash
hashlib
hashed
md5
sha1
sha-1
sha2
sha-2
salt
bcrypt
PBKDF2
blake2
CVE
vulnerable
stackoverflow
SO
base64
Base64
admin
rot13
tmp
system
exec
popen
backtick operator
pcntl_exec
eval
preg_replace
create_function
exec
passthru
system
shell_exec
popen
proc_open
pcntl_exec
assert
preg_replace('/.*/e',
create_function
include
include_once
require
require_once
$_GET
phpinfo
posix_mkfifo
posix_getlogin
posix_ttyname
getenv
get_current_user
proc_get_status
get_cfg_var
disk_free_space
disk_total_space
diskfreespace
getcwd
getlastmo
getmygid
getmyinode
getmypid
getmyuid
extract
parse_str
putenv
ini_set
mail
header
proc_nice
proc_terminate
proc_close
pfsockopen
fsockopen
apache_child_terminate
posix_kill
posix_mkfifo
posix_setpgid
posix_setsid
posix_setuid
chmod
chown
shell=True
pickle.loads
yaml.load