Google API Keys — Finding & Exploiting Exposed Keys

Introduction

Google's exposed API keys have always been a common target in bug bounty hunting, but with the rise of the Gemini ecosystem, their impact has grown significantly. A single leaked Gemini-enabled key can grant access to powerful AI services, enable real-world abuse scenarios and generate serious financial impact through unauthorized usage.

Why Google API Keys Are Worth Hunting

For years, exposed Google API keys were often ignored or treated as low-value findings because most people assumed they were properly restricted. In reality, many organizations leave these keys misconfigured, over-permissioned or completely unrestricted without realizing the level of access they expose.

Depending on the enabled APIs and security restrictions, an exposed key may allow:

• Access to Gemini and other Google AI models
• Unauthorized usage of billable cloud resources
• File uploads, data interaction, or backend requests
• Access to services like Firebase, Maps, Vision, or Translate APIs
• Large-scale automated abuse that increases operational costs

This is what makes Google API key hunting far more valuable today. The issue is no longer just “an exposed secret.” The real impact comes from what that key can actually do once it falls into the wrong hands.

We'll start with GitHub, still one of the easiest places to find exposed Google API keys. Developers often leak them in .env files, JavaScript bundles or misconfigured commits. Here are some simple but effective GitHub dorks to find them quickly.

Dork #1 — Basic Gemini API Key Search

Let's start with a simple Gemini API key dork designed to find repositories actively integrating Gemini services. It searches for Gemini-related model references alongside potentially exposed Google API keys, helping surface repositories that may have access to Gemini models.

1Search GitHub for exposed Gemini API keys

"GEMINI_API_KEY"

Dork #2 — Regex-Based Key Pattern Targeting

Now let's move to a more precise dork. This one uses regex to specifically target Google API key patterns, reducing noise and surfacing more relevant results by focusing only on strings that match valid Google API key formats.

2Regex pattern for Google API keys

/AIza[0-9A-Za-z_-]{35}/

3Combined regex + keyword search

/AIza[0-9A-Za-z_-]{35}/ "GEMINI_API_KEY"

Dork #3 — Path Filter for Environment Files

Next, we'll use a path-based filter to find API keys inside environment files. This is particularly useful because many developers store sensitive keys in env files. These files are often pushed by mistake and when they are, they tend to contain everything — API keys, tokens, sometimes even credentials.

4Search env files for Gemini API keys

/AIza[0-9A-Za-z_-]{35}/ "GEMINI_API_KEY" path:/.env

Dork #4 — Path Filter for JavaScript Files

You can apply the same path filter to JavaScript files. Many developers hardcode API keys into JS files, assuming they'll go unnoticed but these targeted dorks can expose them quickly.

5Search JS files for Gemini keys

/AIza[0-9A-Za-z_-]{35}/ "GEMINI_API_KEY" path:/*.js

6Search JS files for any Google API key

/AIza[0-9A-Za-z_-]{35}/ path:/*.js

Dork #5 — Targeting Specific Organization and Domain Scoping

If you are hunting on a specific private program or targeting a specific company, narrow your search scope using the org or domain filters. This helps reduce noise and surface potentially exposed keys faster.

7Domain-scoped key search

"netflix.com" /AIza[0-9A-Za-z_-]{35}/

8Organization-scoped key search

org:microsoft /AIza[0-9A-Za-z_-]{35}/

Finding a key is only the first step. The real value comes from proving the key is active and has Gemini access enabled. One of the fastest ways to validate this is by querying the models endpoint.

A high-quality bug bounty report requires a Proof of Concept (PoC) that demonstrates risk. For Gemini keys, the most significant impact often lies in the File API. To move beyond “informational” severity, you need to show what an attacker can actually do.

Interacting with the File Endpoint

The File API allows users to upload files such as images, audio, videos and documents for Gemini models to analyze and process.

List Files

You can check whether the API key owner has already uploaded files to the account:

Upload a PoC File

To demonstrate impact, you can upload your own file as a proof of concept. Simply create a file, assign a display name and upload it using the API Key that you found.

Once the upload is complete, you can verify it through the same files endpoint. Your uploaded file should appear in the response, and it can also be accessed directly through the browser using the returned file URL.

Delete the PoC File

Always clean up after testing. Use the delete method with the file's unique resource name to remove it. If the API returns an empty response, the file was deleted successfully.

Note: Never delete or modify files belonging to the target organization. Only interact with files you have created for the PoC.

Sometimes, a direct curl or browser request returns a 403 Forbidden, indicating the API key is restricted to specific domains or referrers. Many hunters stop here, but the restriction can still be bypassed depending on how it was configured.

Referer Spoofing

Many API keys are configured with browser restrictions, meaning they only accept requests originating from specific domains. However, if the restriction is weak or improperly configured, simply adding a matching Referer header for the target domain may allow requests to succeed.

Corpora Endpoint Abuse

If the standard File API is blocked, try the Corpora endpoint. This is used for larger, persistent projects and is often less strictly monitored than the standard endpoints.

Upload a new project:

Deleting a Corpus:

Text Generation

Attackers can use a victim's API key to generate text at scale, allowing them to run spam campaigns, automate prompts, or power AI-based tools directly on the target's billing account.

Video Generation

Video generation is one of the most serious abuse scenarios, since generating high-quality video content requires massive compute resources and can quickly lead to significant cloud costs for the affected company.

GEMINI_API_KEY=AIza...
BASE_URL="https://generativelanguage.googleapis.com/v1beta"

operation_name=$(curl -s "$BASE_URL/models/veo-3.0-fast-generate-001:predictLongRunning" \\
  -H "x-goog-api-key: $GEMINI_API_KEY" \\
  -H "Content-Type: application/json" \\
  -X POST \\
  -d '{"instances":[{"prompt":"A cinematic 5-second shot of a lantern swaying gently."}]}' \\
  | jq -r .name)

while true; do
  status=$(curl -s -H "x-goog-api-key: $GEMINI_API_KEY" "$BASE_URL/$operation_name")
  doneval=$(echo "$status" | jq -r .done)
  if [ "$doneval" = "true" ]; then
    video_uri=$(echo "$status" | jq -r '.response.generateVideoResponse.generatedSamples[0].video.uri')
    curl -L -H "x-goog-api-key: $GEMINI_API_KEY" -o Generated_Video.mp4 "$video_uri"
    break
  fi
  sleep 5
done

Text-to-Speech (TTS) Abuse

Exposed API keys can also be abused for text-to-speech generation, allowing attackers to create synthetic audio or run large-scale voice generation on the target's quota and billing account.

TTS (Single Speaker)

curl -s "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.5-flash-preview-tts:generateContent" \\
  -H "x-goog-api-key: YOUR_API_KEY" \\
  -H "Content-Type: application/json" \\
  -d '{
    "contents":[{"parts":[{"text":"Say cheerfully: Have a wonderful day!"}]}],
    "generationConfig":{
      "responseModalities":["AUDIO"],
      "speechConfig":{
        "voiceConfig":{
          "prebuiltVoiceConfig":{"voiceName":"Kore"}
        }
      }
    }
  }' \\
| jq -r '.candidates[0].content.parts[] | select(.inlineData) | .inlineData.data' \\
| head -n1 | base64 --decode > out.pcm

ffmpeg -y -f s16le -ar 24000 -ac 1 -i out.pcm out.wav
ffmpeg -y -i out.wav out.mp3

TTS (Multi-Speaker)

curl -s "https://generativelanguage.googleapis.com/v1beta/models/gemini-2.5-flash-preview-tts:generateContent" \\
  -H "x-goog-api-key: YOUR_API_KEY" \\
  -H "Content-Type: application/json" \\
  -d '{
    "contents":[{"parts":[{"text":"Joe: Hows it going today Jane?\\nJane: Not too bad, how about you?"}]}],
    "generationConfig":{
      "responseModalities":["AUDIO"],
      "speechConfig":{
        "multiSpeakerVoiceConfig":{
          "speakerVoiceConfigs":[
            {"speaker":"Joe","voiceConfig":{"prebuiltVoiceConfig":{"voiceName":"Kore"}}},
            {"speaker":"Jane","voiceConfig":{"prebuiltVoiceConfig":{"voiceName":"Puck"}}}
          ]
        }
      }
    }
  }' \\
| jq -r '.candidates[0].content.parts[] | select(.inlineData) | .inlineData.data' \\
| head -n1 | base64 --decode > out_multi.pcm

ffmpeg -y -f s16le -ar 24000 -ac 1 -i out_multi.pcm out_multi.wav
ffmpeg -y -i out_multi.wav out_multi.mp3

You can also use a dedicated Gemini API key extension in Burp Suite. By simply browsing the target through the proxy, the extension can automatically scan page source and JavaScript files for potential API keys using regex patterns. It can also validate discovered keys by checking available models, permissions, and file access capabilities.

Once you've identified a valid API key, you can load it into my private HTML chat interface, which automatically displays available Gemini models. Active models are highlighted in green while inactive ones appear in red, making it easy to quickly verify access to chat and image generation capabilities.

Manually searching GitHub is slow and difficult to scale. To stay competitive in bug bounty hunting, you need automation for both discovery and validation. That's why I built a tool that automates the entire process, making API key hunting much faster, easier, and more accurate.

Tooling Workflow:

Mode 1 — Single Domain

Crawls a target domain, extracts API keys from page source and linked JavaScript files, validates Gemini access and can optionally run a full capability check on discovered keys.

Mode 3 — Direct JS URL List

Skips crawling completely and scans a pre-collected list of JavaScript file URLs directly. This is much faster when you've already gathered assets using tools like GoSpider or Katana, while also reducing false positives significantly.

Extracting Keys from Results Files

Before moving to the next tool, you first need to extract only the Gemini API keys from the Gemisc.py results file.

Just because a key fails Gemini validation doesn't mean it's useless. The AIza format is used across many Google services.

A report that moves through triage quickly and earns appropriate severity has three components beyond “here's the key”:

• 1Exact source. The full GitHub URL or live target JS bundle URL where the key was found. Include the line number if possible. Triage teams verify the exposure is real before anything else.
• 2Validate access. Prove the key is active by querying the models endpoint. Then demonstrate capability through controlled PoC.
• 3Frame the vulnerability around real impact. Use official Gemini pricing data to show potential financial risk.