“Hackme.tld” API_key “Hackme.tld” secret_key “Hackme.tld” aws_key “Hackme.tld” Password “Hackme.tld” FTP “Hackme.tld” login “Hackme.tld” github_token “Hackme.tld” http:// & https:// “Hackme.tld” amazonaws “Hackme.tld” digitaloceanspaces “Hackme.tld” storage.googleapis.com “Hackme.tld” access_token “Hackme.tld” blob.core.windows.net “Hackme.tld” token “Hackme.tld” secret “Hackme.tld” TODO “Hackme.tld” vulnerable “Hackme.tld” CSRF “Hackme.tld” Hash “Hackme.tld” random “Hackme.tld” HMAC “Hackme.tld” MD5, SHA-1, SHA-2, etc. credits @edoverflow & @nahamsec.