Intruder scanned 5 million JavaScript bundles and uncovered more than 42,000 exposed tokens across 334 secret types, including active GitLab and GitHub repository tokens and a Linear API key. Traditional SAST, DAST, and infrastructure scanners often miss secrets baked into single-page application builds, so Intruder built automated SPA secrets detection to find them before attackers do. #GitLab #Linear
Keypoints
- Intruder scanned 5 million applications and found over 42,000 exposed tokens across 334 secret types.
- Many exposures were active and included full-access GitHub and GitLab repository tokens.
- A Linear API key was embedded in front-end code, exposing an entire project management instance.
- Traditional SAST, DAST, and infrastructure scanners commonly miss secrets introduced during build and deployment.
- Intruder implemented automated single-page application spidering to detect secrets hidden in JavaScript bundles.