# Exposed API Keys

## Tools
* [Key-Checker](https://github.com/daffainfo/Key-Checker)

## Definition
Sometimes in a web application, an attacker can find some exposed API keys which can lead to financial loss to a company.

## How to exploit
[keyhacks](https://github.com/streaak/keyhacks) is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. There is 79 list of how to check the validity of the API keys