- Github – search for sensitive information
- Github / Git Client
- Trufflehog – Searches through git repositories for secrets within commit history and branches
- Gitrob
- Gitleaks
- GitGuardian ($)
Google Search
site:github.com ( "keyword1" OR "keyword2" ) -"company-name-1 corp"Sensitive files of a company/user
- Go to the Company/User page on Github.
- In the search box, enter search like filename:users
GitHub Dorks
- Github-dorks (GitHub)
General
| Description | GitHub Dork |
|---|---|
| Host Header Injection | host path:**/*forgot*/** |
PHP
| Description | GitHub Dork |
|---|---|
| XSS | /\becho\b.*\$_GET\b/ /echo\s+\$_REQUEST/ /^.*\becho\s+\$_GET\b.*$/ |
| XSS (more false positives) | /^.*\becho\s+\$\b.*$/ |
| SQLi | /(SELECT|INSERT|UPDATE|DELETE)\s(.*\$_POST|.*\$_GET|.*\$_REQUEST)/ |
| OS Cmd injection | /(exec\(|system\(|shell_exec\(|passthru\()(.*\$_POST|.*\$_GET|.*\$_REQUEST)/ |
| Host Header Injection (Node.js) | req.headers.host path:*pass* /\$_SERVER\[‘host’\]|gethostname\(\).*(reset|forgot)/ |
| Insecure Deserialization | /(unserialize\()(.*\$_POST|.*\$_GET|.*\$_REQUEST)/ |
.NET
| Description | GitHub Dork |
|---|---|
| Host Header Injection | /(Request\.Headers\[“Host”\]|Request\.Host\.Value|HttpContext\.Current\.Request\.Headers\[“Host”\]|HttpContext\.Request\.Host\.Value)/ forgot |