Find API Keys in Paste Sites

PRO

Finds API keys and credentials accidentally pasted on Pastebin that may grant unauthorized access to services.

Beginner Friendly

Safe to use

bug bounty

Google Dork Query:

••••••••••••••••••••••••••••••••••

Not verified

What It Does

This dork uses 'site:pastebin.com' to search within Pastebin and looks for common API key variable names like 'api_key', 'apikey', and 'api-key'. Developers frequently paste code snippets containing live API keys, which remain indexed and accessible even after the paste is deleted.

Common Use Cases

API Key Leak Detection: Monitor Pastebin for leaked API keys belonging to your organization's services.
Credential Exposure Assessment: Find exposed API credentials that could be used to access cloud services, payment gateways, or third-party APIs.
Bug Bounty Research: Discover leaked API keys associated with target organizations during authorized security assessments.

How to Use Safely

Execute the dork in Google to find Pastebin posts containing API key references.
Review the paste content to determine the API service and key validity.
Verify if the exposed key still grants active access to the associated service.
Report leaked keys to the affected organization and recommend immediate key rotation.

Responsible Use Required

This dork should only be used on systems you own or have explicit authorization to test. Unauthorized access to computer systems is illegal. Always follow ethical guidelines and obtain proper permission before testing.

Related Dorks

Exposed Git Repositories

Identifies open directory listings as part of bug bounty reconnaissance to discover potential security weaknesses within authorized scope.

AWS S3 Bucket Listings

Finds exposed AWS S3 Bucket Listings interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Find TXT Files

Bug bounty hunting query to discover security issues in target applications.

Back to Library

Find API Keys in Paste Sites

PRO

Finds API keys and credentials accidentally pasted on Pastebin that may grant unauthorized access to services.

Beginner Friendly

Safe to use

bug bounty

Google Dork Query:

••••••••••••••••••••••••••••••••••

Not verified

What It Does

Common Use Cases

API Key Leak Detection: Monitor Pastebin for leaked API keys belonging to your organization's services.
Credential Exposure Assessment: Find exposed API credentials that could be used to access cloud services, payment gateways, or third-party APIs.
Bug Bounty Research: Discover leaked API keys associated with target organizations during authorized security assessments.

How to Use Safely

Execute the dork in Google to find Pastebin posts containing API key references.
Review the paste content to determine the API service and key validity.
Verify if the exposed key still grants active access to the associated service.
Report leaked keys to the affected organization and recommend immediate key rotation.

Responsible Use Required

Related Dorks

Exposed Git Repositories

Identifies open directory listings as part of bug bounty reconnaissance to discover potential security weaknesses within authorized scope.

AWS S3 Bucket Listings

Finds exposed AWS S3 Bucket Listings interfaces and pages that may reveal sensitive configuration details or allow unauthorized access.

Find TXT Files

Bug bounty hunting query to discover security issues in target applications.

Find API Keys in Paste Sites

What It Does

Common Use Cases

How to Use Safely

Responsible Use Required

TAGS

Related Dorks

Find API Keys in Paste Sites

What It Does

Common Use Cases

How to Use Safely

Responsible Use Required

TAGS

Related Dorks