Skip to content

Instantly share code, notes, and snippets.

View xeroc's full-sized avatar
🏠
building

Fabian Schuh xeroc

🏠
building
308 followers · 58 following
View GitHub Profile
@win3zz
win3zz / GitHub-Leaked-API-Keys-and-Secrets.md
Last active May 7, 2024 08:39

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

@cc32d9
cc32d9 / Fuzzys_ideas_on_new_BP_pay_model.md
Last active December 12, 2021 05:25
Fuzzy's ideas on a new BP pay model

@SirFuzzalot presented an idea for a new PB pay model for an EOSIO network in https://t.me/EOSPros

Fuzzy, [12.05.19 04:56]
Here is my thought on fixing dpos away from pageantry though. 
Let me find the discussion (should prob post it on whaleshares first but oh well)

Fuzzy, [12.05.19 05:03]
Ok ill just type it here since i am no longer in the group i posted it in initially.
@jarek-przygodzki
jarek-przygodzki / docker-delete-btrfs-subvolumes.md
Created September 27, 2017 08:11 
$ cd /var/lib/docker
$ btrfs subvolume delete btrfs/subvolumes/*
@arkady-emelyanov
arkady-emelyanov / haproxy.cfg
Last active October 25, 2023 22:02
haproxy check: postgresql is master
# Sample haproxy postgresql master check
#
# haproxy listen: 5431
# pg, instance #1 listen: 5432 (master node)
# pg, instance #2 listen: 5433 (replica node)
# external failover, promoting replica to master in case of failure
# passwordless auth for user web
# template1 database is accessible by user web
#
# haproxy will pass connection to postgresql master node:
@angstwad
angstwad / dict_merge.py
Last active March 1, 2024 23:53
Recursive dictionary merge in Python
# Copyright 2016-2022 Paul Durivage
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
@prof7bit
prof7bit / .gitignore
Last active March 17, 2022 09:13
The portfolio rebalancing bot will buy and sell to maintain a constant asset allocation ratio of exactly 50/50 = fiat/BTC
/.project