JxxIT JxxIT

Complete Recent Discord Quest

Note

This no longer works in browser!

This no longer works if you're alone in vc! Somebody else has to join you!

Warning

There are now two quest types ("stream" and "play")! Pay attention to the instructions!

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

	# If you don't remember the exact path/name, search the log for deleted files
	git log --diff-filter=D --summary \| grep delete
	# Find the file you want to get from the ouput, and use the path
	# Find the commits that involved that path
	git log --all -- some/path/to/deleted.file
	# Bring the file back to life to the current repo (sha commit of parent of commit that deleted)
	git checkout shaofthecommitthatdeletedthefile^ -- some/path/to/deleted.file