Skip to content

Over 100 AWS keys found on public GitHub repositories

  • by
  • 3 min read

Photo: Sundry Photography

Hundreds of AWS access keys, some with high privileges, have been found exposed in public GitHub repositories, raising security concerns for businesses and developers. These leaked credentials pose a major threat, potentially allowing attackers to hijack cloud resources, access sensitive data, and inflict financial damage.

One of the primary methods used to uncover these credentials is GitHub Dorking, a technique that utilises GitHub’s advanced search syntax to locate sensitive data. By running utilised queries, it becomes possible to detect environment files, JSON configurations, and source code containing exposed AWS keys.

While effective, this approach has limitations. It relies on predefined search terms and may not detect encoded or obfuscated credentials. More advanced tools are often required to address these shortcomings.

To overcome these difficulties, the cybersecurity researcher developed an automated tool called AWS-Key-Hunter to allow him to continuously monitor GitHub repositories for exposed AWS keys. This tool fetches recent commits, scans for AWS credential patterns, and detects both plaintext and encoded credentials.

This is an image of github featured 1398

However, the researcher cautioned that this tool is only for experimentation and should not be used for serious investigations. “This tool was built purely for fun and experimentation — not for bug hunting or anything serious. It’s a playground, not a battlefield! If you’re looking for something to use in real security work, this ain’t it. Use at your own risk, and please, don’t go causing chaos. I’m not responsible for any digital mischief you get into. This is for learning, not for lurking!,” explained the researcher.

The discovery of these exposed AWS keys highlights a critical security vulnerability requiring immediate action. While tools like GitHub Dorking, TruffleHog, and AWS-Key-Hunter provide valuable insights, the focus must shift toward prevention.

The researcher urged organisations to implement strict security protocols to safeguard their credentials. Incorporating automated secret scanning into development pipelines can also help identify and eliminate exposed keys before they become a threat. Finally, organisations should replace hardcoded secrets with environment variables, frequently rotating credentials, and enforcing access controls can significantly reduce security risks.

Last month, flaws in GitHub allowed attackers to leak user credentials.

In the News: Noida-based call center operation dupes victims of $1.4 million

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

Related Reads

This is an image of cyber security hacked breach

Case study reveals Chinese hackers spent over 300 days in US electricity grid

This is an image of iphone with apple logo

Match Group, AIDF denied Apple’s confidential antitrust data

Photo: ascannio / shutterstock. Com

X’s outage can’t be traced by researchers and Musk alike

This is an image of malware featured security

DPRK’s KoSpy spyware targets SK, India, Russia, and Middle East

This is an image of honey featured 1

Google updates Chrome Extension policy after Honey scam

This is an image of apple featured 220923

Apple patches critical zero-day exploit targeting iPhones and iPads

>