This isn't the most perfect way to do it but it's still something beginners can add to their knowledge to get bugs you would otherwise need manual inspection and that takes a lot of time.
You see, finding secrets inside a js file or in the source code is hard if done manually. Let's say the webpage loads up 9 js files and reading them one by one would take so much time.
Then, as you know, when we do deep dives, we don't just inspect the js files that are present on the homepage of our target website.
We have to use tools like Katana, Gau and other amazing tools to get the maximum js files we can get because some may not appear on the main page.
So this gets you even more js files and checking them one by one isn't practical, no matter what anyone would say.
The best and feasible way to do it is to use some kind of automation. Now because beginners don't have experience creating their own scripts, I have got some google chrome extensions for you that would check and alert you once they find something on that particular target site.
Your only input will be your eyes. You will just analyze each js file and see what it found, whether it found AWS keys, or other different kind of Api keys that are granting access for something you shouldn't be seeing.
I will list them down here and you can check these out for yourself. Here you go!
You have these now, you can try these out on your targets. You just need to go over to your target and inspect. It's not difficult at all using these extensions.
They'll automatically do the work for you when the page loads. You will only need good eyes to check whether it found something.