AllAboutBugBounty/Misc/Exposed API keys.md

# Exposed API Keys

## Tools
* [Key-Checker](https://github.com/daffainfo/Key-Checker)

## Definition
Sometimes in a web application, an attacker can find some exposed API keys which can lead to financial loss to a company.

## How to exploit
[keyhacks](https://github.com/streaak/keyhacks) is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. There is 79 list of how to check the validity of the API keys
Major Update, adding some tips 2021-07-21 15:38:57 +00:00			`# Exposed API Keys`

			`## Tools`
			`* [Key-Checker](https://github.com/daffainfo/Key-Checker)`

			`## Definition`
			`Sometimes in a web application, an attacker can find some exposed API keys which can lead to financial loss to a company.`

			`## How to exploit`
			`[keyhacks](https://github.com/streaak/keyhacks) is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. There is 79 list of how to check the validity of the API keys`