Endpoint: /search-by-file
Required Permissions: search-by-file
The File Search endpoint allows you to search for compromised credentials based on file names. This endpoint is particularly useful for tracking sensitive files, configuration files, and credential stores that may have been exposed.
Track sensitive file exposure
Monitor configuration files
Detect credential store leaks
Track source code exposure
Identify data breaches
JSON
{
"file_name": "aws-credentials",
"start_date": "2024-01-01T00:00:00Z",
"end_date": "2024-12-31T23:59:59Z",
"sort_by": "date_compromised",
"sort_direction": "desc",
"cursor": "base64_encoded_cursor"
}Parameter Type Description Example file_name string Name of file to search for "aws-key"
Parameter Type Description Default start_date datetime Start date for search null end_date datetime End date for search null sort_by string Sort field (date_compromised/date_uploaded) "date_compromised" sort_direction string Sort direction (asc/desc) "desc" cursor string Pagination cursor null
JSON
{
"file_name": "aws key",
"sort_by": "date_compromised",
"sort_direction": "desc"
}JSON
{
"file_name": "config.yaml",
"start_date": "2024-01-01T00:00:00Z"
}JSON
{
"file_name": "id_rsa",
"sort_by": "date_compromised",
"sort_direction": "desc"
}
Use exact file names
Consider extensions
Include common variations
Track related files
JSON
// Critical file monitoring
{
"file_name": "database.config",
"sort_by": "date_compromised",
"sort_direction": "desc"
}JSON
// Historical analysis
{
"file_name": "secrets.yml",
"start_date": "2023-01-01T00:00:00Z",
"end_date": "2023-12-31T23:59:59Z"
}JavaScript
async function searchFile(fileName) {
return await api.post('/search-by-file', {
file_name: fileName,
sort_by: 'date_compromised',
sort_direction: 'desc'
});
}JavaScript
async function getAllFileResults(fileName) {
let results = [];
let cursor = null;
while (true) {
const response = await api.post('/search-by-file', {
file_name: fileName,
cursor
});
results = results.concat(response.data);
if (!response.nextCursor) break;
cursor = response.nextCursor;
}
return results;
}JavaScript
async function monitorCriticalFiles() {
const criticalFiles = [
"wp-config.php",
".env",
"id_rsa",
"credentials.json"
];
return Promise.all(
criticalFiles.map(file => searchFile(file))
);
}
.envconfig.jsonsettings.yamlwp-config.php
credentials.jsonaws-credentialsazure.configgcp-key.json
id_rsaprivate.keycert.pemkeystore.jks
Status Cause Solution 400 Invalid file name Validate input 400 Invalid date format Use ISO 8601 408 Request timeout Implement retry 429 Rate limit exceeded Add backoff
Use specific names
Include extensions
Consider variations
Track patterns
Set appropriate ranges
Use recent dates first
Split large ranges
Track temporal patterns
Implement caching
Use pagination
Handle timeouts
Batch related searches
JSON
{
"file_name": "secrets.yaml",
"sort_by": "date_compromised",
"sort_direction": "desc"
}JSON
{
"file_name": "database.config",
"start_date": "2023-01-01T00:00:00Z",
"end_date": "2023-12-31T23:59:59Z"
}
Forward findings
Create alerts
Track patterns
Monitor volumes
Monitor CI/CD files
Track config files
Alert on exposures
Automate responses
Document findings
Track remediation
Update policies
Monitor effectiveness
Document patterns
Review regularly
Update monitoring
Track effectiveness
Limit access
Audit searches
Monitor usage
Secure results
Encrypt findings
Secure storage
Control access
Set retention
Batch processing
Result aggregation
Efficient filtering
Resource management
Optimize searches
Cache results
Handle timeouts
Monitor usage
Update patterns
Clean old results
Monitor effectiveness
Adjust monitoring
