SanariSan

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

This is a collection of Ubuntu fixes for Lenovo Legion 5i

Tested on: Lenovo Legion 5i with below specs:
AMD® Ryzen 7 4800h with radeon graphics × 16
NVIDIA Corporation / NVIDIA GeForce RTX 2060/PCIe/SSE2

1. GPU ISSUES for RTX 2060:

nvidia-driver-470 - HDMI doesn't have to work from the beginning
nvidia-driver-495 - HDMI works from the beginning, unstable (random reboots)\

to ask for help with python and/or executing this script, join discord: https://discord.gg/zpu7YUP3Um

Restore deleted Telegram messages, medias and files from groups

There's not telegram API method for this, we need to call MTProto methods to retrieve messages from the "Recent Actions" (Admin Log) since deleted messages (and medias) gets moved there for 48 hours before the permanent deletion.

from telethon import TelegramClient, events, sync
from telethon.tl.types import InputChannel, PeerChannel

Generating Authy passwords on other authenticators

*update: TBC, but this new might affect how easy it is to use this technique past August 2024: Authy is shutting down its desktop app | The 2FA app Authy will only be available on Android and iOS starting in August

This gist, based in part on a gist by Brian Hartvigsen, allows you to export from Authy your TOTP tokens you have stored there.
Those can be "standard" 6-digits / 30 secs tokens, or Authy's own version, the 7-digits / 10 secs tokens.

	AWSTemplateFormatVersion: '2010-09-09'
	Description: 'ALB Application Load Balancer for redirection only'

	Parameters:
	MyALBName:
	Type: 'String'
	Default: 'alb-redirect'
	VPC:
	Type: 'AWS::EC2::VPC::Id'
	Default: 'vpc-********'

	/**
	* Creates a read/writable property which returns a function set for write/set (assignment)
	* and read/get access on a variable
	*
	* @param {Any} value initial value of the property
	*/
	function createProperty(value) {
	var _value = value;

	/**

	/*
	* To change this template, choose Tools \| Templates
	* and open the template in the editor.
	*/
	package org.secondstack.db;

	import java.sql.Connection;
	import java.sql.DriverManager;
	import java.sql.SQLException;

	console.reset = function () {
	return process.stdout.write('\033c');
	}