GitHub secrets: Deleted files still pose risks – Source: www.csoonline.com

Deleted files within public GitHub repositories could still be exposing secrets like API keys, tokens, and credentials, if threat actors knew where and how to look.

Cybersecurity researcher Sharon Brizinov leveraged Git’s version control features to retrieve exposed secrets from these deleted files.

Git, an open-source version control tool that developers use to collaborate on coding projects, is run on the cloud by GitHub’s pay-per-use platform.

“I built an automation that cloned and scanned tens of thousands of public GitHub repos for leaked secrets,” Brizinov said in a blog post. “For each repository, I restored deleted files, found dangling blobs, and unpacked .pack files to search in them for exposed (secrets).”

Brizinov made $64,000 in bug bounty winnings for finding dozens of repositories belonging to Fortune 500 companies leaking over hundreds of secrets this way.

Git history retains files even after deletion

According to the discovery, Git retains a complete history of changes, meaning that deleted files and their contents can still be accessed unless properly purged.  “Developers often forget that Git history retains everything, even after files are removed from the working directory,” Brizinov noted.

When files are deleted in Git, they disappear from the latest version but often linger in the repository’s history. Git stores all past commits–including those with deleted files–in its internal object database, keeping “dangling” data even if it’s no longer linked to any branch.

Brizinov built an automated tool to uncover these hidden leftovers. By comparing commits, unpacking Git’s internal files, and scanning for unreferenced data, he recovered deleted files containing exposed secrets.

“To collect all deleted files I traversed all commits and for each commit I compared (using git diff) the list of files with its parent commit,” Briznov said. Once deleted files were restored, a simple search for secrets that were still active was performed through another automation.

AI made the exploit much easier

Interestingly, Brizinov relied on AI to do a lot of routine tasks in the exploit. For instance, a small platform to view and analyze file directory changes in a git repository was built using AI to visualize what objects are created, changed, and deleted.

“Obviously this was an overkill for this project, but with vibe-coding, it took me less than 5 minutes, so why not?” Brizinov said. Additionally, AI was used to find public GitHub accounts associated with the list of companies Briznov chose to target.

Leaked secrets often came from binary files like .pyc or .pdb, accidentally committed during development. These compiler-generated fields can expose sensitive data if not properly excluded.

GitHub did not respond to CSO’s queries regarding Brizinov’s findings and how to manage the risks. Developers can, however, turn to GitHub’s GHAS features like Secret Scanning and Push Protection for detecting and blocking commits containing secrets. GitHub recently unbundled these offerings as individual subscriptions for wider and easier adoption.