Background
I do a fair amount of web-based reverse engineering. Mainly on rest APIs, but exploring the files a website sends back is always fun to see what kind of “hidden” data they return. I say hidden, but realistically it’s all public. Nothing is stopping you from obtaining a copy of it yourself or even viewing the raw contents. You just have to know where to look and know what you are looking at. In the case of this blog post, a settings file for Twitch. This file was “found” (I say found loosely here because again it’s a publicly available file) by a user in a Twitch Partner and then relayed into another Discord I am a part of. The contents of this file intrigued me, so I decided to analyze it and see what it contained.