111
erres
8y

GitHub: a marketplace for publicly available API keys

Comments
  • 17
    commit msg: " removed api keys xD"
  • 13
    Api keys should be ip restricted anyways
  • 7
    Some guy was hosting all his code on pastebin in this chat server i'm in....

    left all his keys and links and everything in the code, all publicly accessible too *smh*
  • 0
    If you're evil, you could rinse all their credits sending silly messages.
  • 0
    Totally feel this — GitHub really has become a goldmine for exposed API keys, and it’s scary how many end up in public repos by accident. I’ve started using tools like git-secrets and pre-commit hooks to scan for sensitive info before anything gets pushed. Also a good idea to rotate your keys regularly and lock down permissions — least privilege goes a long way. And if you're working with a team, some quick onboarding on Git hygiene can save a lot of pain later. It's wild how many breaches start with one bad commit.
  • 0
    I’ve seen similar chaos in online marketplaces where people list stuff without realizing what they’re giving away. I’ve mostly stuck to places like OfferUp, and before diving in I checked out https://offerup.pissedconsumer.com/... just to get a feel for what to expect. Marketplace drama is everywhere, but being a little cautious upfront helps. Anyone else here ever found sketchy listings or accidentally posted more than they meant to?
Add Comment