00 — Overview

Recon — Secrets & Code Recon

Find leaked API keys, hardcoded credentials, and sensitive data hidden in git history, GitHub repos, and exposed config files.

Intermediate·35 min·5 tasks

// By the end of this module

→Find leaked API keys, tokens, and credentials in public repositories

→Use trufflehog and gitleaks to scan git history for secrets

→Search JavaScript files and HTML source for hardcoded credentials

→Monitor for leaked secrets as part of ongoing recon

// Prerequisites

Recon & OSINT · Beginner

35 min