Recent Bounty Rewards for Exposed Tokens
Discover Hidden Secrets Worth Thousands
Our advanced scanning tool empowers bug bounty hunters to find exposed secrets across a wide range of platforms and repositories. Turn leaked credentials into significant rewards, no matter where they're hidden.
$31,337
Highest Reward
99.9%
Accuracy Rate
Top Bounties
Total Rewards
$82,012
Medium
Bounty Awarded
$3,500
Larksuite Admin access key
Critical
Bounty Awarded
$1,250
API token exposed in github repository which exposed PII
High
Bounty Awarded
$650
OpsGenie Access Token Exposure
High
Bounty Awarded
$1,000
Azure OpenAPI Key Exposure
High
Bounty Awarded
$1,000
AzureOpenAI api key exposed publicly in GitHub repository
Critical
Bounty Awarded
$3,000
Employee Github ssh keys publicly disclosed in Docker hub registry
Critical
Bounty Awarded
$3,000
Docker Hub Layer Exposing GitHub Credentials
High
Bounty Awarded
$1,250
GCP Service Account Key Leak
High
Bounty Awarded
$1,925
Expose Employee GitHub SSH Key in Public Docker Hub Layer
High
Bounty Awarded
$750
GitHub Token in Organization Repository
Critical
Bounty Awarded
$5,000
Employee GitHub Token Found in Public Repository
Critical
Bounty Awarded
$2,000
Organization Docker Image Leaking Credentials
Critical
Bounty Awarded
$2,000
GitHub Token in Public Docker Image
Low
Bounty Awarded
$250
Hugging Face API Key exposed publicly in GitHub repository
Medium
Bounty Awarded
$350
HubSpot API Key Disclosure
Medium
Bounty Awarded
$2,500
Hugging Face API Key Leak
Medium
Bounty Awarded
$500
GCP Credentials json exposed publicly in public GitHub repository
Critical
Bounty Awarded
$31,337
Critical Exposure: Employee GitHub Token in Docker Hub
High
Bounty Awarded
$14,000
BrowserStack credentials exposed in npm package
Medium
Bounty Awarded
$2,500
Hugging Face API Key exposure
Critical
Bounty Awarded
$3,000
Information Disclosure on hub.docker.com via public docker image leads to private github repositories access
Advanced Scanning Technology
Powerful Features for Bug Hunters
Our advanced scanning engine helps you find valuable secrets that others miss.
High-Value Target Scanning
Hunt for $5,000+ bounty-worthy secrets across GitHub, GitLab, NPM, Docker, and Huggingface repositories.
- One-click organization scanning
- Multi-platform coverage
Critical Token Detection
Find and verify 300+ types of high-reward tokens including AWS, Google Cloud, and payment system credentials.
- Active token verification
- Zero false positives
Instant Bounty Alerts
Be first to claim bounties with instant notifications for newly discovered high-value secrets.
- Telegram notifications
- Discord webhook integration
Choose Your Plan
Powerful Tools for Serious Hunters
Start finding valuable secrets with our flexible pricing plans designed for both beginners and professionals
Try It Now
Try Hacker Plan
$25
/week
Try scanner for a week
- Unlimited Scans
- Secrets Verification
- Regular Updates
- Timely Support
Most Popular
Hacker Plan
$89
/month
For serious bug bounty hunters
- Unlimited Scans
- Secrets Verification
- Regular Updates
- Priority Support
Pay with
Stripe
Pay with
LemonSqueezy
Stripe
Pay with
LemonSqueezy
This plan renews automatically every month. You can cancel anytime.
Best Value
Lifetime Access
$399
One-time payment
Self-hosted scanning for pro hunters
- Private Repository Access
- Access to Private Discord Community
- Detailed Setup Instructions
- Lifetime Updates
Got Questions?
Frequently Asked Questions
Everything you need to know about iScan.today and how it can help you find valuable secrets
Real Success Stories
High-Value Discoveries by Our Users
Real bug bounty rewards earned using iScan's advanced scanning capabilities
Medium
Bounty Awarded
$350
HubSpot API Key Disclosure
Exposed HubSpot API key found in an employee's public github repository.
Reported:
April 09, 2025
Rewarded:
April 10, 2025
HubSpot API Key Exposure
API key exposed in employee repository
Anonymous
Anonymous Hunter
Medium
Bounty Awarded
$2,500
Hugging Face API Key Leak
Leaked Hugging Face API key found in an employee's public GitHub repository.
Reported:
March 26, 2025
Rewarded:
April 03, 2025
Hugging Face API Key Exposure
API key exposed in employee repository
sicksec
Bug Hunter Since 2019
Medium
Bounty Awarded
$3,500
Larksuite Admin access key
Found exposed Larksuite Admin access key in an employee's public GitHub repository
Reported:
March 21, 2025
Rewarded:
March 28, 2025
Larksuite Admin Key Exposure
Admin key exposed in employee repository
sicksec
Bug Hunter Since 2019
Medium
Bounty Awarded
$2,500
Hugging Face API Key exposure
Found exposed Hugging Face API key in an employee's public github repository
Reported:
March 18, 2025
Rewarded:
March 27, 2025
Hugging Face API Key Exposure
API key exposed in employee repository
sicksec
Bug Hunter Since 2019
High
Bounty Awarded
$14,000
BrowserStack credentials exposed in npm package
Found exposed BrowserStack credentials in a public npm package, posing a significant security risk
Reported:
February 13, 2025
Rewarded:
March 15, 2025
BrowserStack Credentials
Credentials exposed in npm package
0xspade
Bug Hunter Since 2017
High
Bounty Awarded
$1,925
Expose Employee GitHub SSH Key in Public Docker Hub Layer
Found exposed Employee GitHub SSH key in a public Docker Hub layer, posing a significant security risk
Reported:
March 07, 2025
Rewarded:
March 08, 2025
Private SSH Key
Github SSH Key exposed in docker hub
dmxjon
Bug Hunter Since 2018
High
Bounty Awarded
$1,000
AzureOpenAI api key exposed publicly in GitHub repository
Found exposed AzureOpenAI credentials in employee's public GitHub repository
Reported:
January 23, 2025
Rewarded:
February 05, 2025
Azure OpenAI Credentials
API keys and URLs exposed
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$1,250
GCP Service Account Key Leak
Identified exposed GCP credentials in public repository
Reported:
December 24, 2024
Rewarded:
January 03, 2025
GCP Credentials
Service account exposed
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$750
GitHub Token in Organization Repository
Found GitHub token exposed in organization's public repository
Reported:
December 19, 2024
Rewarded:
December 30, 2024
Organization Repo
Token in public code
Codermak
Bug Hunter Since 2020
Medium
Bounty Awarded
$500
GCP Credentials json exposed publicly in public GitHub repository
Found exposed GCP credentials JSON file in public GitHub repository, which poses a security risk
Reported:
December 19, 2024
Rewarded:
December 23, 2024
GCP Credentials JSON
Credentials exposed in public repository
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$650
OpsGenie Access Token Exposure
Discovered OpsGenie token in public GitHub repository
Reported:
August 17, 2024
Rewarded:
August 29, 2024
OpsGenie Token
Access token exposed
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$1,250
API token exposed in github repository which exposed PII
Found exposed API token in public GitHub repository, which exposes PII of employee
Reported:
August 07, 2024
Rewarded:
August 23, 2024
API Token
API token exposed, PII at risk
Codermak
Bug Hunter Since 2020
Low
Bounty Awarded
$250
Hugging Face API Key exposed publicly in GitHub repository
Found exposed Hugging Face API key in public GitHub repository, which exposes PII of employee
Reported:
March 28, 2024
Rewarded:
August 07, 2024
Hugging Face API Key
API key exposed, PII at risk
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$5,000
Employee GitHub Token Found in Public Repository
Located an active GitHub token with elevated permissions in employee's public repository
Reported:
June 16, 2024
Rewarded:
July 24, 2024
Token in Public Repo
Exposed in repository code
Codermak
Bug Hunter Since 2020
High
Bounty Awarded
$1,000
Azure OpenAPI Key Exposure
Located Azure OpenAPI key in public GitHub repository
Reported:
March 10, 2024
Rewarded:
February 10, 2024
Azure API Key
Key in repository
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$3,000
Docker Hub Layer Exposing GitHub Credentials
Identified GitHub token with organization-wide access in Docker image layer
Reported:
January 27, 2024
Rewarded:
February 02, 2024
Docker Layer Analysis
Token found in image history
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$2,000
GitHub Token in Public Docker Image
Found active GitHub token exposed in public Docker image layer
Reported:
September 18, 2023
Rewarded:
September 20, 2023
Public Docker Image
Exposed credentials in layer
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$2,000
Organization Docker Image Leaking Credentials
Discovered GitHub token in organization's public Docker image
Reported:
July 20, 2023
Rewarded:
August 03, 2023
Organization Image
Token in public image
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$3,000
Information Disclosure on hub.docker.com via public docker image leads to private github repositories access
Found exposed information on hub.docker.com via a public docker image that leads to access to private GitHub repositories
Reported:
July 04, 2023
Rewarded:
July 07, 2023
Docker Image Information Disclosure
Access to private GitHub repositories
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$3,000
Employee Github ssh keys publicly disclosed in Docker hub registry
Found exposed Employee Github SSH keys in public Docker Hub registry
Reported:
September 01, 2022
Rewarded:
September 08, 2022
Github SSH Keys
SSH keys exposed in Docker Hub
Codermak
Bug Hunter Since 2020
Critical
Bounty Awarded
$31,337
Critical Exposure: Employee GitHub Token in Docker Hub
Discovered a high-privilege GitHub token exposed in a Docker Hub layer, enabling potential access to internal systems
Reported:
January 03, 2022
Rewarded:
September 06, 2022
GitHub Token in Docker Layer
Token exposed in image metadata
Codermak
Bug Hunter Since 2020