Recent Bounty Rewards for Exposed Tokens
Discover Hidden Secrets Worth Thousands
Our advanced scanning tool empowers bug bounty hunters to find exposed secrets across a wide range of platforms and repositories. Turn leaked credentials into significant rewards, no matter where they're hidden.
$31,337
Highest Reward
99.9%
Accuracy Rate
Top Bounties
Total Rewards
$114,762
Critical
Bounty Awarded
$2,000
Organization Docker Image Leaking Credentials
High
Bounty Awarded
$750
Azure AD Credentials in Employee Repository
High
Bounty Awarded
$1,250
GCP Service Account Key Leak
Critical
Bounty Awarded
$3,000
Employee Github ssh keys publicly disclosed in Docker hub registry
Critical
Bounty Awarded
$3,000
SendGrid API Key in Employee GitHub Repository
Low
Bounty Awarded
$500
LaunchDarkly Token in GitLab Repository Employee
Critical
Bounty Awarded
$3,000
Information Disclosure on hub.docker.com via public docker image leads to private github repositories access
Critical
Bounty Awarded
$25,000
GitHub Token in Employee Repository
Critical
Bounty Awarded
$31,337
Critical Exposure: Employee GitHub Token in Docker Hub
Medium
Bounty Awarded
$500
GCP Credentials json exposed publicly in public GitHub repository
High
Bounty Awarded
$1,500
NPM Token in Public GitHub Repository
Medium
Bounty Awarded
$2,500
Hugging Face API Key Leak
High
Bounty Awarded
$750
GitHub Token in Organization Repository
High
Bounty Awarded
$1,000
Azure OpenAPI Key Exposure
Low
Bounty Awarded
$2,000
OpenAI API Key Exposure in Employee Repository
High
Bounty Awarded
$1,925
Expose Employee GitHub SSH Key in Public Docker Hub Layer
Critical
Bounty Awarded
$1,250
API token exposed in github repository which exposed PII
High
Bounty Awarded
$650
OpsGenie Access Token Exposure
Medium
Bounty Awarded
$350
HubSpot API Key Disclosure
Medium
Bounty Awarded
$2,500
Hugging Face API Key exposure
Critical
Bounty Awarded
$2,000
GitHub Token in Public Docker Image
Critical
Bounty Awarded
$3,000
Docker Hub Layer Exposing GitHub Credentials
Medium
Bounty Awarded
$3,500
Larksuite Admin access key
Critical
Bounty Awarded
$5,000
Employee GitHub Token Found in Public Repository
High
Bounty Awarded
$1,000
AzureOpenAI api key exposed publicly in GitHub repository
High
Bounty Awarded
$14,000
BrowserStack credentials exposed in npm package
Advanced Scanning Technology
Powerful Features for Bug Hunters
Our advanced scanning engine helps you find valuable secrets that others miss.
High-Value Target Scanning
Hunt for $5,000+ bounty-worthy secrets across GitHub, GitLab, NPM, Docker, and Huggingface repositories.
- One-click organization scanning
- Multi-platform coverage
Critical Token Detection
Find and verify 300+ types of high-reward tokens including AWS, Google Cloud, and payment system credentials.
- Active token verification
- Zero false positives
Instant Bounty Alerts
Be first to claim bounties with instant notifications for newly discovered high-value secrets.
- Telegram notifications
- Discord webhook integration
Choose Your Plan
Powerful Tools for Serious Hunters
Start finding valuable secrets with our flexible pricing plans designed for both beginners and professionals
Most Popular
Hacker Plan
$89
/month
Hosted solution - we host for you
- Unlimited Scans
- Secrets Verification
- Regular Updates
- Priority Support
- We Host For You
-
Source Code Access
Express
• Pay
This plan renews automatically every month. You can cancel anytime.
Budget Option
Lifetime Lite
$299
One-time payment
Self-hosted scanning
- Source Code Access
- Self-host on Your VPS
- Detailed Setup Instructions
- Discord Community Access
-
Regular Updates -
Private Repository Access
Express
• Pay
This plan includes source code only. No updates or GitHub repository access.
Best Value
Lifetime Access
$499
One-time payment
Self-hosted scanning for pro hunters
- Source Code Access
- Self-host on Your VPS
- Detailed Setup Instructions
- Regular Updates
- Private Repository Access
- Discord Community Access
Got Questions?
Frequently Asked Questions
Everything you need to know about iScan.today and how it can help you find valuable secrets
Real Success Stories
High-Value Discoveries by Our Users
Real bug bounty rewards earned using iScan's advanced scanning capabilities
Low
Bounty Awarded
$500
LaunchDarkly Token in GitLab Repository Employee
Discovered exposed LaunchDarkly token in an employee's public GitLab repository.
Reported:
March 19, 2025
Rewarded:
August 21, 2025
LaunchDarkly Token
Token exposed in employee GitLab repository
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$3,000
SendGrid API Key in Employee GitHub Repository
Discovered exposed SendGrid API key in an employee's public GitHub repository. The key provided access to email sending capabilities and account data.
Reported:
July 12, 2025
Rewarded:
July 12, 2025
SendGrid API Key
API key exposed in employee repository
Anonymous
Anonymous Hunter
Critical
Bounty Awarded
$25,000
GitHub Token in Employee Repository
Discovered exposed GitHub token in an employee's public repository. The token provided access to private repositories and organizational data.
Reported:
June 26, 2025
Rewarded:
July 10, 2025
GitHub Token
Token exposed in employee repository
predator_97
Bug Hunter Since 2020
High
Bounty Awarded
$1,500
NPM Token in Public GitHub Repository
Discovered exposed NPM token in a public GitHub repository. The token provided access to all public and private packages.
Reported:
July 09, 2025
Rewarded:
July 09, 2025
NPM Token
Token exposed in public repository
predator_97
Bug Hunter Since 2020
High
Bounty Awarded
$750
Azure AD Credentials in Employee Repository
Discovered exposed Azure AD credentials in an employee's public repository. The credentials provided access to Microsoft Graph API.
Reported:
July 03, 2025
Rewarded:
July 08, 2025
Azure AD Credentials
Credentials exposed in employee repository
Anonymous
Anonymous Hunter
Low
Bounty Awarded
$2,000
OpenAI API Key Exposure in Employee Repository
Discovered exposed OpenAI API key in an employee's public GitHub repository
Reported:
April 16, 2025
Rewarded:
April 24, 2025
OpenAI API Key
API key exposed in employee's GitHub repository
Anonymous
Anonymous Hunter
Medium
Bounty Awarded
$350
HubSpot API Key Disclosure
Exposed HubSpot API key found in an employee's public github repository.
Reported:
April 09, 2025
Rewarded:
April 10, 2025
HubSpot API Key Exposure
API key exposed in employee repository
Anonymous
Anonymous Hunter
Medium
Bounty Awarded
$2,500
Hugging Face API Key Leak
Leaked Hugging Face API key found in an employee's public GitHub repository.
Reported:
March 26, 2025
Rewarded:
April 03, 2025
Hugging Face API Key Exposure
API key exposed in employee repository
Anonymous
Anonymous Hunter
Medium
Bounty Awarded
$3,500
Larksuite Admin access key
Found exposed Larksuite Admin access key in an employee's public GitHub repository
Reported:
March 21, 2025
Rewarded:
March 28, 2025
Larksuite Admin Key Exposure
Admin key exposed in employee repository
Anonymous
Anonymous Hunter
Medium
Bounty Awarded
$2,500
Hugging Face API Key exposure
Found exposed Hugging Face API key in an employee's public github repository
Reported:
March 18, 2025
Rewarded:
March 27, 2025
Hugging Face API Key Exposure
API key exposed in employee repository
Anonymous
Anonymous Hunter
High
Bounty Awarded
$14,000
BrowserStack credentials exposed in npm package
Found exposed BrowserStack credentials in a public npm package, posing a significant security risk
Reported:
February 13, 2025
Rewarded:
March 15, 2025
BrowserStack Credentials
Credentials exposed in npm package
0xspade
Bug Hunter Since 2017
High
Bounty Awarded
$1,925
Expose Employee GitHub SSH Key in Public Docker Hub Layer
Found exposed Employee GitHub SSH key in a public Docker Hub layer, posing a significant security risk
Reported:
March 07, 2025
Rewarded:
March 08, 2025
Private SSH Key
Github SSH Key exposed in docker hub
dmxjon
Bug Hunter Since 2018
High
Bounty Awarded
$1,000
AzureOpenAI api key exposed publicly in GitHub repository
Found exposed AzureOpenAI credentials in employee's public GitHub repository
Reported:
January 23, 2025
Rewarded:
February 05, 2025
Azure OpenAI Credentials
API keys and URLs exposed
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$1,250
GCP Service Account Key Leak
Identified exposed GCP credentials in public repository
Reported:
December 24, 2024
Rewarded:
January 03, 2025
GCP Credentials
Service account exposed
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$750
GitHub Token in Organization Repository
Found GitHub token exposed in organization's public repository
Reported:
December 19, 2024
Rewarded:
December 30, 2024
Organization Repo
Token in public code
Codermak
Bug Hunter Since 2020
Medium
Bounty Awarded
$500
GCP Credentials json exposed publicly in public GitHub repository
Found exposed GCP credentials JSON file in public GitHub repository, which poses a security risk
Reported:
December 19, 2024
Rewarded:
December 23, 2024
GCP Credentials JSON
Credentials exposed in public repository
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$650
OpsGenie Access Token Exposure
Discovered OpsGenie token in public GitHub repository
Reported:
August 17, 2024
Rewarded:
August 29, 2024
OpsGenie Token
Access token exposed
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$1,250
API token exposed in github repository which exposed PII
Found exposed API token in public GitHub repository, which exposes PII of employee
Reported:
August 07, 2024
Rewarded:
August 23, 2024
API Token
API token exposed, PII at risk
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$5,000
Employee GitHub Token Found in Public Repository
Located an active GitHub token with elevated permissions in employee's public repository
Reported:
June 16, 2024
Rewarded:
July 24, 2024
Token in Public Repo
Exposed in repository code
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$1,000
Azure OpenAPI Key Exposure
Located Azure OpenAPI key in public GitHub repository
Reported:
March 10, 2024
Rewarded:
February 10, 2024
Azure API Key
Key in repository
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$3,000
Docker Hub Layer Exposing GitHub Credentials
Identified GitHub token with organization-wide access in Docker image layer
Reported:
January 27, 2024
Rewarded:
February 02, 2024
Docker Layer Analysis
Token found in image history
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$2,000
GitHub Token in Public Docker Image
Found active GitHub token exposed in public Docker image layer
Reported:
September 18, 2023
Rewarded:
September 20, 2023
Public Docker Image
Exposed credentials in layer
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$2,000
Organization Docker Image Leaking Credentials
Discovered GitHub token in organization's public Docker image
Reported:
July 20, 2023
Rewarded:
August 03, 2023
Organization Image
Token in public image
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$3,000
Information Disclosure on hub.docker.com via public docker image leads to private github repositories access
Found exposed information on hub.docker.com via a public docker image that leads to access to private GitHub repositories
Reported:
July 04, 2023
Rewarded:
July 07, 2023
Docker Image Information Disclosure
Access to private GitHub repositories
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$3,000
Employee Github ssh keys publicly disclosed in Docker hub registry
Found exposed Employee Github SSH keys in public Docker Hub registry
Reported:
September 01, 2022
Rewarded:
September 08, 2022
Github SSH Keys
SSH keys exposed in Docker Hub
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$31,337
Critical Exposure: Employee GitHub Token in Docker Hub
Discovered a high-privilege GitHub token exposed in a Docker Hub layer, enabling potential access to internal systems
Reported:
January 03, 2022
Rewarded:
September 06, 2022
GitHub Token in Docker Layer
Token exposed in image metadata
Codermak
Bug Hunter Since 2020