Techly NewsGet the app

Get the latest tech news

Simple ways to find exposed sensitive information


Code level discussion of web scraping, gray hat automation, growth hacking and bounty hunting

Since pretending to be a contractor is very viable social engineering vector that can lead to unauthorised access (physical and/or digital) to the sensitive infrastucture this sort of information exposure can have pretty serious security implications. Furthermore, service-based businesses should take care not to expose their lead list spreadsheet on the public web as they can potentially be found by some growth hacker working for the competition. However, it must be noted that Github has secret scanning automation running to warn users about accidentally publishing API keys for a growing list of partner services (and revoke leaked ones), which makes this trick less viable as time goes on.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Simple ways

Simple ways

« Rimac Verne Robotaxi: prices, availability, specs