Skip to content

Instantly share code, notes, and snippets.

View rwaddin's full-sized avatar
🖥️
Freelance Full-stack web developer

addin rwaddin

🖥️
Freelance Full-stack web developer
View GitHub Profile

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

@rwaddin
rwaddin / BOX adminLTE .html
Last active July 7, 2020 15:56
For adminLTE 2.4.8
<div class="box box-primary">
<div class="box-header with-border">
<div class="box-title">Just title </div>
<div class="box-tools pull-right">
<a href="" class="btn btn-primary btn-sm"><i class="fa fa-plus-circle"></i> add</a>
</div>
</div>
<div class="box-body">
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod
tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam,
@seanpianka
seanpianka / intellij-vuejs-module-not-installed-error.txt
Last active March 12, 2022 08:05
JetBrains WebStorm vue.js, "Module is not installed", fix "@" in imports
https://intellij-support.jetbrains.com/hc/en-us/community/posts/115000556284/comments/360000146344
Specify the absolute path to `node_modules/@vue/cli-service/webpack.config.js` as a webpack config under `Languages & Frameworks / Javascript / Webpack`.
@subfuzion
subfuzion / curl.md
Last active November 11, 2024 03:27
curl POST examples

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

@J2TEAM
J2TEAM / sublime-text-scopes.md
Last active January 17, 2024 22:44 — forked from iambibhas/scopes.txt
Sublime Text 2/3: Snippet scopes

Here is a list of scopes to use in Sublime Text 2/3 snippets -

ActionScript: source.actionscript.2
AppleScript: source.applescript
ASP: source.asp
Batch FIle: source.dosbatch
C#: source.cs
C++: source.c++
Clojure: source.clojure
@mrtns
mrtns / gist:78d15e3263b2f6a231fe
Last active September 20, 2024 17:28
Upgrade Chrome from Command Line on Ubuntu
# Install
# via http://askubuntu.com/questions/510056/how-to-install-google-chrome
wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
sudo sh -c 'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google-chrome.list'
sudo apt-get update
sudo apt-get install google-chrome-stable
# Update
@lovasoa
lovasoa / add_google_contact.php
Created March 14, 2014 13:27
Add contact using google contact api
<?php
require_once("google_api_info.php");
//TODO
$redirect_uri = "http://localhost/D%C3%A9veloppement/HISTU/ajout_contact.php";
$group_id = "6"; // Used as the default 'My Contacts' group.
require_once ('Google/Client.php');
require_once ('Google/Http/Request.php');