all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How to test Exposed API Keys using Nuclei

Add to bookmarks
Feb. 10, 2023, 7:50 p.m. | Satya Prakash

InfoSec Write-ups - Medium infosecwriteups.com

Hello Guys..!!

Hope you are doing well

I am Back with a story today about how to test exposed API Keys or Tokens using Nuclei “token-spray” templates.

I hope most of them know or heard about the keyhacks github repo which contains various ways to validate the API keys whether they’re valid or not.

GitHub - streaak/keyhacks: Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see …

api api-key api keys back bounty bug bug bounty bug bounty program doing exposed github hello hope keys leaked nuclei program repo repository spray story test token tokens valid

Visit resource

More from infosecwriteups.com / InfoSec Write-ups - Medium

Understanding 403 Bypass: A Critical Vulnerability in Web Application Security 9 hours ago | infosecwriteups.com
403 bypass access application applications +28
Hack Stories: Hacking Hackers EP:3 1 day, 9 hours ago | infosecwriteups.com
big bug bounty cybersecurity hack +9
Mastering Shodan Search Engine 2 days, 10 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity information security +1
Email Verification Bypass via Remember Me 2 days, 10 hours ago | infosecwriteups.com
bug bounty cybersecurity hacking pentesting +1
Exploiting Symlinks: A Deep Dive into CVE-2024–28185 and CVE-2024–28189 of Judge0 Sandboxes 2 days, 10 hours ago | infosecwriteups.com
attacks code code execution continue +15
Typo Trouble: Exploring the Telegram Python RCE Vulnerability 2 days, 10 hours ago | infosecwriteups.com
address alerts application concept +25
Active DNS Recon using AXIOM 2 days, 10 hours ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity infosec +1
Information Disclosure: Story of 500€ + 400$ Bounty 2 days, 10 hours ago | infosecwriteups.com
bug bounty cybersecurity hacking information technology +1
Demystifying Password Cracking: Attacks and Defence Strategies 2 days, 10 hours ago | infosecwriteups.com
cybersecurity ethical hacking hacking infosec +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cloud Technical Solutions Engineer, Security

@ Google | Mexico City, CDMX, Mexico
View on infosec-jobs.com

Assoc Eng Equipment Engineering

@ GlobalFoundries | SGP - Woodlands
View on infosec-jobs.com

Staff Security Engineer, Cloud Infrastructure

@ Flexport | Bellevue, WA; San Francisco, CA
View on infosec-jobs.com

Software Engineer III, Google Cloud Security and Privacy

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com

Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy

@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs