github-dorks

Introduction

⭐ Star us on GitHub — it motivates a lot! ⭐

If you have any GitHub Dorks, just create a PullRequest.

Todos

• best aws secret dorks
• best misspelled keywords dorks
• best db pw dorks
• best credentials combis
• best github secret combis
• CMS github secret
• htacces dorks
• email dorks
• github dorks how-to
• github dorks Writeups

Example

Screenshot

Tips

• Check out the commits
• Check out the company staff GitHub repos
• Check for company secret words

GitHub security best practices

• Always check/review your code: this will help you identify any employee's bad security practices.
• Clear your GitHub history to protect your most sensitive information.
• Use ENV variables to store key information in CI/CD. Tools such as Vault are one of the best suggestions for these situations.
• If you are sure that the data has been exposed, make sure to invalidate the token and password.
• Configure 2FA for all your GitHub accounts
• Once employees no longer work for your company, be sure to revoke all their access rights.
• Write and publish a disclosure policy in your SECURITY.md file. Never let your company’s developers share GitHub credentials with anyone.

https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning

GitHub Dorks for Finding Files

• filename:manifest.xml
• filename:travis.yml
• filename:vim_settings.xml
• filename:database
• filename:prod.exs NOT prod.secret.exs
• filename:prod.secret.exs
• filename:.npmrc _auth
• filename:.dockercfg auth
• filename:WebServers.xml
• filename:.bash_history
• filename:sftp-config.json
• filename:sftp.json path:.vscode
• filename:secrets.yml password
• filename:.esmtprc password
• filename:passwd path:etc
• filename:dbeaver-data-sources.xml
• path:sites databases password
• filename:config.php dbpasswd
• filename:prod.secret.exs
• filename:configuration.php JConfig password
• filename:.sh_history
• shodan_api_key language:python
• filename:shadow path:etc
• JEKYLL_GITHUB_TOKEN
• filename:proftpdpasswd
• filename:.pgpass
• filename:idea14.key
• filename:hub oauth_token
• HEROKU_API_KEY language:json
• HEROKU_API_KEY language:shell
• SF_USERNAME salesforce
• filename:.bash_profile aws
• extension:json api.forecast.io
• filename:.env MAIL_HOST=smtp.gmail.com
• filename:wp-config.php
• extension:sql mysql dump
• filename:credentials aws_access_key_id
• filename:id_rsa or filename:id_dsa

GitHub Dorks for Finding Languages

• language:python username
• language:php username
• language:sql username
• language:html password
• language:perl password
• language:shell username
• language:java api
• HOMEBREW_GITHUB_API_TOKEN language:shell

GiHub Dorks for Finding API Keys, Tokens and Passwords

• api_key
• “api keys”
• authorization_bearer:
• oauth
• auth
• authentication
• client_secret
• api_token:
• “api token”
• client_id
• password
• user_password
• user_pass
• passcode
• client_secret
• secret
• password hash
• OTP
• user auth

GitHub Dorks for Finding Usernames

• user:name (user:admin)
• org:name (org:google type:users)
• in:login ( in:login)
• in:name ( in:name)
• fullname:firstname lastname (fullname: )
• in:email (data in:email)

GitHub Dorks for Finding Information using Dates

• created:<2012–04–05
• created:>=2011–06–12
• created:2016–02–07 location:iceland
• created:2011–04–06..2013–01–14 in:username ...

GitHub Dorks for Finding Information using Extension

• extension:pem private
• extension:ppk private
• extension:sql mysql dump
• extension:sql mysql dump password
• extension:json api.forecast.io
• extension:json mongolab.com
• extension:yaml mongolab.com
• [WFClient] Password= extension:ica
• extension:avastlic “support.avast.com”
• extension:json googleusercontent client_secret ...

Links

Disclaimer: DONT BE A JERK!

Needless to mention, please use this tool very very carefully. The authors won't be responsible for any consequences.