placeholder

How I made $64k from deleted files — a bug bounty story

TL;DR — I built an automation that cloned and scanned tens of thousands of public GitHub repos for leaked secrets. For each repository I…

Click to view the original at medium.com

Hasnain says:

Neat little tricks here. Secret management is hard

"Most of the leaked secrets were found in binary files that had been committed to the repository and later deleted. These files are typically generated by compilers or automated processes. A common example is .pyc files, which are Python byte-code files created when some Python interpreters compile source code. These often end up being committed unintentionally. Other examples include compiler-generated debug files, such as .pdb files, which are also occasionally committed by mistake."

Posted on 2025-04-23T04:15:07+0000