Profile picture
Ice3man @Ice3man543
, 10 tweets, 5 min read Read on Twitter
Our journey begins with a simple idea - to query all possible AWS keys leaked on Github. Thankfully, @Google gives $300 free credit on BigQuery, so not a problem. We start by creating a regex for AWS Keys.

people.eecs.berkeley.edu/~rohanpadhye/f…
We create a BigQuery SQL query inspired by @LiveOverflow's bitcoin private key searching video. Next, we run this Query. The github dataset is about 2.7 TB and it costs $5 for each TB. So each query costs approx $10. The query takes very small time.
And bam! In a fraction of seconds, we get 9922 AWS Access Keys. These are all from various projects, some may work and some may not. After removing the keys that are invalid, we are left with 7953 keys. Not bad I'd say. We are not disclosing any valid keys for security reasons.
We move a step furthur and create regexes for some more services. We make regexes for Bitly keys, Slack webhooks, Google API Keys, Slack API keys, @SendGrid keys, @MailChimp Tokens, Redis urls, etc. I am really excited at this point.
Query takes some time but it finishes really fast. The results are Amazing. We plot a graph too :D.
This research just shows a fraction of what's out there. This practically cost us nothing, and the results were truly mind blowing. I agree, this is not a targeted attack, but consider the havoc a malicious entity can cause with this type of data.
What can @github do?
Github can adopt filters during Push time that prevent adding code that matches against known filters. Like, when the user pushes the code, it should run that against known filters. If it does not matches, then only should it succed.
What can developers do?
They can use several tools that are available like git-secrets, gitrob, truffleHog etc. Pre-commit hooks are also an interesting choice. github.com/awslabs/git-se… github.com/anshumanbh/git…
All these can prevent such accidental commits.
Finally, thank you for reading this article. The Open Source hosting platforms have caused an increase in leaks. What we need is a central platform that is free and contains filters to assist in preventing Git Leaks. If anyone does that, it would be best!
This research was inspired from @infosec_au and @nnwakelam's research on Commonspeak2 and Commonspeak. Full credit goes to them!
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Ice3man
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related threads

Profile picture
0/ OK, my turn for #AWS #reinvent tips, and I’ll just offer one (in multiple parts).

It’s this: Meet people and talk to them!

Here’s why: I do this and I *never fail* to learn something interesting.

Here’s how:
1/ Every day, there’s a free breakfast and free lunch provided by the conference. You can probably get better food outside in a Vegas joint, but don’t, go to the conference meal. Then…
2/ Pick a table using an algorithm that tries to maximize Number of People and Just Getting Started. Then pick people at random and say “Hi! Where are in from?” and find out what they’re working on.
Read 7 tweets
Profile picture
New #AWS Email Preference Center at pages.awscloud.com/communication-…

Signup, Set Preferences, or Unsubscribe:
Tell us what you want to hear about (events, training & certification, surveys, getting started, newsletters, announcements, and more):
Customized for your language, job, industry, use case, and more:
Read 7 tweets
Profile picture
El 4 de septiembre #Google cumplió oficialmente 20 años. He creado este "pequeño" hilo con claves y anécdotas de los inicios de Google y cómo se convirtió en el buscador más importante del mundo.

Espero que sea de interés para SEOs y no SEOs -->
1996. Larry Page se está doctorando en Computer Science en Stanford y busca tema para su tesis mientras surfea por internet. La web es una masa de páginas enlazadas entre sí, pero sin ninguna jerarquía. Page idea un sistema para ponerlas en orden, similar a la citación académica.
El análisis de citaciones se usa en el sistema académico desde los años 60, para calcular la importancia de un ensayo científico. Cuanto más lo citan otros trabajos, más importante. Y en eso se basa el PageRank, el algoritmo original de Google para rankear documentos.
Read 44 tweets
Profile picture
1/n Summer 1987: My school friend's dad died at 45 in an accident. Weeks later, his mom showed me a pile of old share certs, since I used to ask him about IPOs. Discovered he left behind a blue chip portfolio of Rs 1.3 Crores ~ $750k. His salary: Rs 3,500 ~ 200 pm. Sensex: ~500
2/n My friend's dad was a middle class factory mgr at Tata Steel when he passed away. He applied for every good IPO for 23 years, from the day he got his first paycheck. And he never sold a single share. He re-invested every rupee of dividend he received into new IPOs.
3/3 Don't look at your paycheck & dismiss is as inadequate for creating serious wealth. Most of you in your 20s & 30s today will live to a 100. You have 70-80 yrs to compound your wealth as India's MCAP goes up > 20X from here.

Sensex at 37,717 will look cheap then. #Start today
Read 4 tweets
Profile picture
#Google takes the blame for #Aadhaar #UIDAI fiasco, while @UIDAI acts innocent! #UIDAImystery @google gadgets.ndtv.com/mobiles/news/u…
. @UIDAI claimed that 'It is clarified that, #UIDAI has not asked or communicated to any manufacturer or service provider for providing any such facility whatsoever'
#Google has assured its fix in the next few weeks! If you are wondering how #iPhone users reported the no. showing up in their contacts, it's likely coz they synced their contacts with a #Gmail account that already had the said contact added to its list #UIDAImystery
Read 3 tweets
Profile picture
When I tell people I am the founding PM on Lambda, the question I often get is how the idea for #AWS Lambda/#Serverless came about in the first place. The truth is, its way too hard to point to one person/event as the defining moment.
It took 100s of customer conversations notes from multiple AWS folks where they told us 1/all the things they wanted to minimize/ not do at all while building applications; 2/architectural patterns they were repeating and wanted a way to build into their development flow.
It took some serious leaps of faith and acceptance of risk from the people involved, and a constant iteration on what we wanted the final product to look like. This is where I first saw the AMZN "Working backwards" process in action and its brilliance in driving the right focus.
Read 5 tweets

Trending hashtags

#Cen #Greengrass #Facebook #Russia #ddj #China #Patriots #RussianBots #suspense #IoT #mainnet #codabr18 #eleicoes2018 #GAN #SecretMeeting #HuobiOTC #healthtech #MockingBirdMedia #NASA #Google #testnet #dataviz #DataLab #AWS #Clinton

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!