keyhacks icon indicating copy to clipboard operation
keyhacks copied to clipboard

Published 20 hours ago verified publisher icon streaak

Metadata

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Results 49 keyhacks issues
Sort by recently updated
recently updated
newest added

Adding shodan.io api key

s2b1n0 avatar s2b1n0

GTM-key

2 comment

Hello! Is there any possible exploit scenarios for GTM key... Example of a key: GTM-K9B7VAS

SAGEof6iixPATHS avatar SAGEof6iixPATHS

Added Help Scout OAuth

Xib3rR4dAr avatar Xib3rR4dAr

Update README

Added Bazaarvoice passkey (api key)

Xplo8E avatar Xplo8E

Fork Permission

1 comment

Hello@streaak, I was recently learning about information disclosure on Bug hunting and fortunately for me, I landed on this repo https://github.com/streaak/keyhacks which I find very useful to learn from. Going...

Subw343 avatar Subw343

segment api key?

1 comment

ahmtcnn avatar ahmtcnn

tag: needs more info

Update README.md

wicked-wick avatar wicked-wick

Restricted keys on Stripe live tokens

While it is true that this doesn't work currently, [restricted keys can be restricted to certain endpoints](https://stripe.com/docs/keys#limiting-access-with-restricted-api-keys). It would be really nice not to have to loop through their endpoints...

streaak avatar streaak

tag: enhancement

Google

1 comment

Hey If you can provide a POC about ``` google_client_key: '{}', ``` ``` google_client_id: '{}', ``` Would be appreciated

Sicks3c avatar Sicks3c

tag: question
status: solved

Mapbox api details

Hi there, can you please provide more details regarding Mapbox access token exploit.

OVERPEY avatar OVERPEY

tag: question
status: unanswered

Metadata

4.3k
Stars
938
Forks
Watchers

Owner

verified publisher icon streaak

Metadata

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Back