Skip to content

Weights & Biases (W&B)

Enumerate and extract data from Weights & Biases server instances.

Overview

The wandb module targets self-hosted Weights & Biases (wandb server) deployments and the public api.wandb.ai endpoint. It enumerates server metadata and viewer identity via the GraphQL API, lists projects and runs for a given entity, inventories model artifacts, and scans run configs and summaries for embedded credentials (API keys, tokens, AWS secrets).

W&B servers that lack authentication or use weak shared API keys expose full training history, hyperparameters, and any secrets logged during training runs.

Subcommands

Read-Only (no --force-exploit required)

Subcommand Description
enum Enumerate W&B server metadata and authenticated viewer identity
projects List projects for an entity
runs List runs for a project
artifacts List artifacts for a project

Gated (requires --force-exploit)

Subcommand Description
secrets Scan run configs and summaries for embedded credentials

Flags

Flag Required Description
--target Yes W&B server URL (e.g. http://wandb.corp:8080 or https://api.wandb.ai)
--header No Custom HTTP headers. Repeatable (Key: Value).
--api-key No W&B API key. Defaults to WANDB_API_KEY; ignored when --header 'Authorization: ...' is supplied.
--entity For projects, runs, artifacts, secrets W&B entity (username or team name)
--project For runs, artifacts, secrets W&B project name
--type No Artifact type filter for artifacts (default: model)
--limit No Maximum runs to return / scan (default: 25)

Examples

# Enumerate server metadata and viewer identity
./aipostex wandb --target http://wandb.corp:8080 enum

# List all projects for an entity
./aipostex wandb --target http://wandb.corp:8080 projects --entity myteam

# List recent runs for a project
./aipostex wandb --target http://wandb.corp:8080 runs \
  --entity myteam --project my-model --limit 50

# List model artifacts for a project
./aipostex wandb --target http://wandb.corp:8080 artifacts \
  --entity myteam --project my-model --type model

# Scan run configs and summaries for secrets (gated)
./aipostex wandb --target http://wandb.corp:8080 secrets \
  --entity myteam --project my-model --force-exploit

Workflow Progression

discover network (discovers W&B server on :8080)
  -> wandb enum (server metadata, viewer identity)
    -> wandb projects --entity <entity> (project inventory)
      -> wandb runs --entity <entity> --project <project> (run history)
      -> wandb artifacts --entity <entity> --project <project> (model artifacts)
      -> wandb secrets --entity <entity> --project <project> (credential scan, gated)

What secrets Scans For

The secrets subcommand fetches run configs and summaries and applies pattern matching against:

  • AWS access keys (AKIA…)
  • API tokens and bearer credentials
  • Passwords and secrets in config keys (password, api_key, secret, token, etc.)
  • OpenAI / Anthropic / HuggingFace API keys

Findings are emitted as high-severity report entries with the matched key and a redacted value preview.

Implementation

Client logic lives in pkg/exploit/wandb; CLI in cmd/aipostex/wandb.go.