using System.Text.RegularExpressions;
public static void Main()
string text=@"""firstName"": ""AClinician"",
""lastName"": ""Password\"": \""shouldbe \""secret\"": \""Hello ""
""MyPassword"":""860-234-1234"", ""MySecreta"": ""860-234-1234""
""Authorization"": ""bearer"",
""Cookie"": ""session-id=abcd"", ""Set-Cookie"": ""session-id=12345""
""lastName"" : ""My last name \""Password\"" : \""Will Stay unmask\"" ""SendResetPassword"": true
string prefix = @"""[a-zA-Z]*";
string suffix = @"[a-zA-Z]*""";
var terms = string.Join( "|",
(new string[] { "password", "secret", "authorization", "Cookie", "Set-Cookie" })
.Select(s => prefix + s + suffix).ToList());
string pattern= @"(?im)(" + terms + @")\s?(:[=""\s]*)""(?:(.*[\\][""].*?)|(.*?[\\].*?)|(.*?))(?:"")";
string replace = @"$1$2""***""";
Console.WriteLine( Regex.Replace(text, pattern, replace) );
Console.WriteLine( Regex.Replace(
@"""Headers"":{""Set-Cookie"":""session-id=\""EAAAAI8vcVykYpGJ1J2NmziPU % 2fuz4R\\"" \\''\\""inasl % 2fpmS % 2bYUCXMYxQBfqvDOtTFBi9kzRbKR66wkQOZtjLlRhNdgEp % 2fMHk % 2f5M % 3d; expires = Wed, 16 Nov 2016 09:34:23 GMT; domain = cognigramdevci1api.azurewebsites.net; path =/; secure; httponly"", ""Not-Cookie"": ""Hello""},"