New years resolution: Don’t show my security tokens when hacking my demo application on stage

I traditionally start the new year with resolutions, this time focusing on not exposing confidential information while hacking my demo application during presentations or demos. This resolution stems from a security horror story where I accidentally exposed my GitHub token and other sensitive information during a presentation at J-Fall 2021. The incident occurred when I used a deserialization gadget chain to demonstrate a Java Security-related topic, inadvertently showing the environment variables on stage, which included API tokens like my GitHub token. A participant, Nils Breunese, pointed out the mistake, and I was both embarrassed and relieved. To prevent similar incidents in the future, I've decided to practice what I preach by being more mindful of my actions and ensuring that sensitive information remains confidential during demos or presentations.