diff --git a/tests/fixtures/gitkeys.yml b/tests/fixtures/gitkeys.yml
index 0b3c15e..756e023 100644
--- a/tests/fixtures/gitkeys.yml
+++ b/tests/fixtures/gitkeys.yml
@@ -1,5 +1,11 @@
+# https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/about-authentication-to-github#githubs-token-formats
+
 compliant:
   name: GHP_THISISASTRINGTHATHASTHESAMELENASTOKE
 
 noncompliant:
-  name: ghp_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
+  personal: ghp_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
+  oauth: gho_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
+  user: ghu_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
+  server: ghs_fK8UXjzPM1Lzf356hwgGym4JAfnHARDcoded
+  refresh: ghr_1B4a2e77838347a7E420ce178F2E7c6912E169246c34E1ccbF66C46812d16D5B1A9HARDcoded
diff --git a/tests/unit/test_secrets.py b/tests/unit/test_secrets.py
index 5b42782..47530fa 100644
--- a/tests/unit/test_secrets.py
+++ b/tests/unit/test_secrets.py
@@ -92,7 +92,7 @@ def test_detection_by_key(src, expected):
         ("java.properties", 3),
         ("webhooks.yml", 3),
         ("creditcards.yml", 3),
-        ("gitkeys.yml", 1),
+        ("gitkeys.yml", 5),
     ],
 )
 def test_detection_by_value(src, count):
diff --git a/whispers/rules/gitkeys.yml b/whispers/rules/gitkeys.yml
index 3b3e797..2404031 100644
--- a/whispers/rules/gitkeys.yml
+++ b/whispers/rules/gitkeys.yml
@@ -1,7 +1,7 @@
 github:
-  description: Github personal access token
+  description: Github token
   message: Github token
   severity: CRITICAL
   value:
-    regex: ^ghp_[a-zA-Z0-9]{36}$
+    regex: ^(gh[pous]_[a-zA-Z0-9]{36}|ghr_[a-zA-Z0-9]{76})$
     ignorecase: False