Note
This no longer works in browser!
This no longer works if you're alone in vc! Somebody else has to join you!
Warning
There are now two quest types ("stream" and "play")! Pay attention to the instructions!
As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.
(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))
**1.
# If you don't remember the exact path/name, search the log for deleted files | |
git log --diff-filter=D --summary | grep delete | |
# Find the file you want to get from the ouput, and use the path | |
# Find the commits that involved that path | |
git log --all -- some/path/to/deleted.file | |
# Bring the file back to life to the current repo (sha commit of parent of commit that deleted) | |
git checkout shaofthecommitthatdeletedthefile^ -- some/path/to/deleted.file |