Github / Git Client / Gitbook

Github and Git command line client.

Github

Search for sensitive information on Github

Credentials

• https://github.com/search?q=system+password&type=Commits
• https://github.com/search?q=API+system+key&type=Commits
• https://github.com/search?q=admin+password&type=Commits

# Backupadmin credentials, vCenter creds, endpoint security creds
"dc=companyname,dc=com"extension:psl"

#
"corp.companyname.com"bouncer password aaa tacacs "banner motd"

# Domain credentials
"companyname.corp" password aaa tacacs"banner motd"

#
"companyname.com" password

#
extension:properties proxyuser proxypassword

# Webconfig
extension:config xml NetConfiguration

# For spammer
smtp.sendgrid.net

# Tokens, like for hooks.slack.com
xoxb token

Git Client

Configuration

# BEHIND PROXY
git config --global http.proxy http[s]://userName:password@proxyaddress:port
git config --global http.proxy $http_proxy

# Help
git help

# Show git client version
git --version

With cookies

touch .gitcookies
chmod 600 .gitcookies 
echo "session=TOKEN" > .gitcookies 
git config --global http.cookiefile ~/.gitcookies
git clone URL/.git

Clone/download a repository

git clone <REPO URL>.git

pip install -r requirements.txt

When you find a /.git directory on a website:

wget -r URL/.git/

cd [...]/.git/
git show

Search through commit history

# Show commit log
git log

# Show different types of objects
git diff

# Show changes between all commits
git show

# Show changes between commits
git show b2376f4a93ca1889ba7d947c2d14be9a5d138802 60a2ffea7520ee980a5fc60177ff4d0633f2516b

Upload changes to repository

git config --global user.name "Your Name"
git pull
#make your changes
git status
git add --all
git reset -- config/*
git status
git commit -m "Commit comments"
git push origin master

Delete a file (will stay in Commit History)

git rm filename.txt
git commit -m "removed file filename.txt"
git push

Delete commit history in Github Repository

git config --global user.name "Your Name"
git checkout --orphan temp_branch
git add --all

# Be careful of configuration files...
#git reset -- config/*

git commit -am "the first commit"
git branch -D master
git branch -m master
git push -f origin master

Gitbook

# Install client to export Gitbook to other formats (HTML, PDF, epub, etc.)
apt install npm
npm install -g gitbook-cli

Other tools

• Trufflehog
• Gitrob: searches within one organization, but not “at large” within Github.