This check detects private keys by determining whether commonly specified key attributes are present in the analyzed string.
DSA PRIVATE KEY EC PRIVATE KEY OPENSSH PRIVATE KEY PGP PRIVATE KEY BLOCK PRIVATE KEY RSA PRIVATE KEY SSH2 ENCRYPTED PRIVATE KEY PuTTY-User-Key-File-2
Step 1: Revoke the exposed secret.
Step 2: Clean the git history.
Go under the settings section of your GitHub project and chose the change visibility button at the bottom.
Step 3: Inspect your application's access logs to ensure the key was not utilized during the compromised period.
Updated 8 months ago