Posts

Showing posts with the label #github #githubdork #githubrecon

GitHub Dorking methodology

Image
  Manual Approach ; Let’s start with how you can get sensitive information leak Sensitive information is as follows ; "Company name" credentials                   Keywords 👇 {User_names , password, token , Secret key , backup file , pwd, credentials, ftp, JDBC, LDAP, key , pass , pw, user_auth } GitHub Dorks for Finding Files: “company name” filename:database “company name” filename:secrets.yml “company name” filename:passwd “company name” filename:LocalSettings.php “company name” filename:config.php “company name” filename:config.inc.php “company name” filename:configuration.php “company name” filename:shadow “company name” filename:.env “company name” filename:wp-config.php “company name” filename:credentials “company name” filename:id_rsa “company name” filename:id_dsa “company name” filename:.sqlite “company name” filename:secret_token.rb “company name” filename:settings.py “company name” filename:credentials.xml GitHub Dorks for Finding information sensitive from progra