appsec.fyi

Secrets — A Practical Guide

A curated AppSec resource library covering XSS, SQLi, SSRF, IDOR, RCE, XXE, OSINT, and more.

Secrets: A Practical Guide

Curated and synthesized by . Last updated 2026-06-29. Synthesized from 198 of 198 curated resources. Browse all 198 Secrets resources →

Problem Framing

Secrets, in the context of application security, encompass sensitive information such as API keys, passwords, private keys, OAuth tokens, and connection strings. Their accidental exposure represents a critical security vulnerability, often serving as the initial entry point for attackers into systems and sensitive data. The proliferation of development tools, cloud services, and AI-assisted coding significantly expands the attack surface and the potential for secret leakage. This guide focuses on the practical, technical challenges and solutions for experienced practitioners dealing with the pervasive issue of secrets management.

Core Mechanics of Secret Exposure

Secrets are exposed through a variety of mechanisms, fundamentally rooted in how they are handled, stored, and transmitted within the software development lifecycle (SDLC) and operational environments. One of the most common and direct methods is hardcoding secrets directly into source code, including configuration files, environment variables intended for local development, and even within client-side JavaScript bundles [1][2]. This approach bypasses dedicated secrets management solutions and makes secrets visible to anyone with read access to the codebase.

The version control system, particularly Git, is a significant vector for secret exposure. Secrets can be inadvertently committed, even into supposedly private repositories, which are roughly 6x more likely to leak secrets than public ones [3]. Remediation efforts, such as attempts to remove secrets from Git history, are often incomplete. AI coding agents can also introduce secrets into Git history, and subsequent partial remediations can leave these secrets exposed in older commits, making complete cleanup challenging [4]. Orphaned branches or deleted files that previously contained secrets can also remain in the Git object database, accessible through specific Git commands [5].

Supply chain attacks represent a sophisticated threat where secrets are compromised through third-party components or build processes. This can involve malicious code embedded in package manager packages (e.g., npm, PyPI) that executes via post-install scripts or build scripts (like build.rs in Rust) to exfiltrate secrets [6][7]. Compromised CI/CD pipelines are a prime target, where attackers can hijack GitHub Actions workflows, using techniques like imposter commits or tag manipulation to steal CI/CD secrets and credentials [8]. The compromise of open-source package maintainer accounts or the introduction of trojanized packages using mechanisms like Python's .pth files allows for stealthy persistence and exfiltration [9].

Cloud infrastructure misconfigurations are another major source of secret leaks. Exposed databases, such as ClickHouse or Supabase, can inadvertently reveal API authentication tokens, user data, and other sensitive information [10]. Cloud provider credentials, including AWS access keys, can be leaked through various means, including SDK configurations, environment variables, instance metadata services (IMDSv1/v2), and misconfigurations, enabling lateral movement within cloud environments [11][2]. For instance, leaked AWS keys have been used to escape sandboxed environments and conduct large-scale phishing campaigns [11].

Non-human identities (NHIs), such as service accounts, API keys, and managed identities, pose a growing risk. Thousands of leaked PyPI tokens, many still valid and tied to live projects, highlight the vulnerability of these credentials [12]. A significant percentage of organizations have privileged, internet-exposed machine identities with exploitable vulnerabilities [13][14]. Compromising these identities can grant attackers access to sensitive cloud resources and data.

Developer tooling, including Integrated Development Environments (IDEs) and AI coding assistants, introduces new vectors for secret exposure. Some IDE plugins have been found to exfiltrate AI provider API keys and other credentials to attacker-controlled servers [15]. AI coding assistants, while beneficial, are also twice as likely to leak secrets compared to general code [16][3]. Furthermore, notebook files (e.g., .ipynb) can inadvertently contain secrets, especially in AI development contexts [3].

Secrets can also leak through less direct channels, such as build logs, container image metadata, collaboration tools (Slack, Jira, Confluence), and even within heap dumps generated by applications like Spring Boot Actuator, which may contain sensitive tokens and cookies [11]. The cascading effect of vendor breaches, where an old, unrevoked integration credential from a compromised vendor can expose customer data, further emphasizes the need for diligent credential lifecycle management [17].

Notable Techniques

The landscape of secret exposure techniques is broad and continuously evolving. Understanding these methods is crucial for effective defense.

Detection and Prevention

Effective secrets management requires a multi-layered approach, focusing on detection, prevention, and remediation throughout the SDLC.

Prevention

Detection

Remediation

Tooling

A robust ecosystem of tools supports the detection, prevention, and management of secrets.

Recent Developments

The landscape of secrets management is dynamic, driven by rapid advancements in AI and evolving threat actor tactics. A significant trend is the acceleration of secrets sprawl, with reports indicating millions of secrets leaked annually, a rate that is outpacing the growth of the active developer population [34][31].

AI coding assistants have become a prominent factor in this acceleration. These tools are now twice as likely to leak secrets compared to general code leaks, contributing to a substantial year-over-year increase in AI-service credential leaks [3][16]. The sheer volume of AI-generated code, coupled with the potential for these assistants to inadvertently introduce secrets, necessitates robust scanning mechanisms specifically tuned for AI-assisted development. For example, repositories using Copilot have shown a higher secret leakage rate than the GitHub average [3].

Supply chain attacks continue to evolve in sophistication. Campaigns like Shai-Hulud demonstrate worm-like propagation via compromised packages, targeting cloud credentials and API keys [6][16]. Attackers are increasingly sophisticated, even generating malicious packages with valid SLSA provenance by hijacking build pipelines, as seen with the TanStack npm package compromise [21]. The compromise of CI/CD tools, such as specific GitHub Actions or OpenVSX extensions, remains a critical vector for attackers to gain initial access and exfiltrate secrets [8][19].

The persistence of leaked secrets is another growing concern. A significant percentage of secrets leaked years ago remain active and unrevoked, highlighting a critical gap in automated credential lifecycle management and incident response [35][31]. This underscores the need for constant vigilance and proactive revocation processes.

Beyond code repositories, secrets exposure is increasingly observed in collaboration and productivity tools, accounting for a substantial portion of security incidents [3]. This extends to internal repositories, which are considerably more prone to secret leaks than public ones [3].

The focus on Non-Human Identity (NHI) security is intensifying. The rapid proliferation of NHIs without adequate governance and visibility presents a vast attack surface. Tools and platforms dedicated to discovering, managing, and securing these identities are becoming indispensable [14][13].

Emerging vulnerabilities and attack vectors continue to surface. For instance, misconfigurations in services like Spring Boot Actuator have been found to expose sensitive data, including cloud keys and tokens, in heap dumps [11]. Exploiting exposed environment variable files (.env) can lead to large-scale cloud extortion [36]. Even data stored in less obvious places, like arXiv preprints' LaTeX source files, has been found to contain leaked secrets [31].

In response, tools are evolving to incorporate AI security checks, such as Snyk AI-BOM for uncovering AI component inventories and Kirin (Knostic) for detecting secrets in AI coding assistant interactions [18]. The focus is shifting towards "shift left" security, integrating security checks like secret scanning earlier in the development pipeline to catch issues before they are committed [27].

Where to Go Deeper

For practitioners seeking to deepen their understanding and implementation of secrets management, several resources provide extensive, actionable information:

Sources cited in this guide

  1. CVE-2025-68429: Storybook .env Secrets Exposure — miggo.io
  2. SEC02-BP03 Store and use secrets securely (AWS Well-Architected) — docs.aws.amazon.com
  3. AI Is Fueling Secrets Sprawl: GitGuardian Reports 81% Surge of AI-Service Leaks — blog.gitguardian.com
  4. AI Is the Newest Developer To Misunderstand Secrets In Your Git History — blog.gitguardian.com
  5. Researcher Unearths Thousands of Leaked Secrets in GitHub's "Oops Commits" — infoq.com
  6. Zero-day Extensive NPM Package Compromise - Shai Hulud Supply Chain Attack — snyk.io
  7. Compromised Rust crate onering performs code exfiltration — aikido.dev
  8. Compromised GitHub action codfish/semantic-release-action steals CI/CD secrets — aikido.dev
  9. Three’s a Crowd: TeamPCP trojanizes LiteLLM in Continuation of Campaign — wiz.io
  10. Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History — wiz.io
  11. Under the Radar: Exploring Spring Boot Actuator Misconfigurations — wiz.io
  12. Hunting Leaked PyPI Tokens: 62 Live, 125 Packages Exposed — blog.gitguardian.com
  13. You Can't Secure What You Can't See: Making Non-Human Identities Governable — blog.gitguardian.com
  14. Top 10 Non-Human Identity Security Tools and Platforms for 2026 — blog.gitguardian.com
  15. Multiple JetBrains IDE plugins caught stealing AI keys — aikido.dev
  16. AI coding assistants twice as likely to leak secrets as overall leaks rise 34% — scworld.com
  17. When a vendor's breach becomes yours: lessons from the Klue incident — snyk.io
  18. Hardcoded Secrets in AI-Generated Code: Catch Them Before They Ship — toxsec.com
  19. KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack — wiz.io
  20. 10K Docker Images Spray Live Cloud Creds — theregister.com
  21. TanStack Npm Packages Compromised Inside The Mini Shai Hulud Supply Chain Attack — snyk.io
  22. The many ways to obtain credentials in AWS — wiz.io
  23. Secrets Management in 2026: Vault, AWS Secrets Manager, and Beyond — javacodegeeks.com
  24. The Complete 2026 Secrets Management Guide — dev.to
  25. Terraform Secrets Management Best Practices — blog.gitguardian.com
  26. Pre-Commit Hooks for Secret Detection: Setup in 10 Minutes — rafter.so
  27. Shift Left Security That Developers Actually Keep Enabled — getautonoma.com
  28. GitHub Secret Scanning 2026: New Patterns, Push Protection — buildmvpfast.com
  29. Secretless GitHub Actions to AWS via OIDC — codecentric.de
  30. Secure Code Scanning: Basics & Best Practices — wiz.io
  31. The State of Secrets Sprawl 2025 — blog.gitguardian.com
  32. Secret Rotation: How It Works — groundcover.com
  33. Hardening HashiCorp Vault Best Practices — sjramblings.io
  34. Exposed Developer Secrets Surge: AI Drives 34% Increase in 2025 — securityledger.com
  35. Understanding Your Organization's Exposure to Secret Leaks — GitHub — resources.github.com
  36. Leaked Env Variables Allow Large-Scale Cloud Extortion — unit42.paloaltonetworks.com
  37. Malicious Release of elementary-data PyPI Package Steals Cloud Credentials from Data Engineers — snyk.io
  38. CERT-EU Confirms Trivy Supply Chain Attack Led to Credential Exposure — cybersecuritynews.com
📚 This guide is synthesized from the full text of resources curated in the Secrets library, and refreshed as new material is added.