Merge pull request #135 from nizam0906/patch-1

Fixed Broken Links in API Key Leaks
This commit is contained in:
Swissky 2019-12-17 17:39:55 +01:00 committed by GitHub
commit 4588cc2eee
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -7,14 +7,14 @@
- [Tools](#tools) - [Tools](#tools)
- [Exploit](#exploit) - [Exploit](#exploit)
- [Algolia](#algolia) - [Algolia](#algolia)
- [AWS Access Key ID & Secret](#aws-access-key-id-secret) - [AWS Access Key ID & Secret](#aws-access-key-id--secret)
- [Slack API Token](#slack-api-token) - [Slack API Token](#slack-api-token)
- [Facebook Access Token](#facebook-access-token) - [Facebook Access Token](#facebook-access-token)
- [Github client id and client secret](#github-client-id-and-client-secret) - [Github client id and client secret](#github-client-id-and-client-secret)
- [Twilio Account_sid and Auth Token](#twilio-account_sid-and-auth-token) - [Twilio Account_sid and Auth Token](#twilio-account_sid-and-auth-token)
- [Twitter API Secret](#twitter-api-secret) - [Twitter API Secret](#twitter-api-secret)
- [Twitter Bearer Token](#twitter-bearer-token) - [Twitter Bearer Token](#twitter-bearer-token)
- [Gitlab Personal Access Token](#gitlab-personnal-access-token) - [Gitlab Personal Access Token](#gitlab-personal-access-token)
## Tools ## Tools
@ -90,4 +90,4 @@ curl "https://gitlab.example.com/api/v4/projects?private_token=<your_access_toke
## References ## References
* [Finding Hidden API Keys & How to use them - Sumit Jain - August 24, 2019](https://medium.com/@sumitcfe/finding-hidden-api-keys-how-to-use-them-11b1e5d0f01d) * [Finding Hidden API Keys & How to use them - Sumit Jain - August 24, 2019](https://medium.com/@sumitcfe/finding-hidden-api-keys-how-to-use-them-11b1e5d0f01d)
* [Private API key leakage due to lack of access control - yox - August 8, 2018](https://hackerone.com/reports/376060) * [Private API key leakage due to lack of access control - yox - August 8, 2018](https://hackerone.com/reports/376060)