You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
according to MD022 'Headings should be surrounded by blank lines'
according to MD001 'Heading levels should only increment by one level at a time'
use `a basic` not `basic`, `the text file` not `text file` and `a password` not `password`
Copy file name to clipboardExpand all lines: README.md
+13-6Lines changed: 13 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,21 +1,26 @@
1
1
# Github Dorks
2
+
2
3
[Github Search](https://github.com/search) is a quite powerful and useful feature that can be used to search for sensitive data on repositories. Collection of Github dorks can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pen-testing of systems.
3
4
4
-
### GitHub Dork Search Tool
5
-
[github-dork.py](github-dork.py) is a simple python tool that can search through your repository or your organization/user repositories. It's not a perfect tool at the moment but provides a basic functionality to automate the search on your repositories against the dorks specified in text file.
5
+
## GitHub Dork Search Tool
6
+
7
+
[github-dork.py](github-dork.py) is a simple python tool that can search through your repository or your organization/user repositories. It's not a perfect tool at the moment but provides basic functionality to automate the search on your repositories against the dorks specified in the text file.
8
+
9
+
### Installation
6
10
7
-
#### Installation
8
11
This tool uses [github3.py](https://github.com/sigmavirus24/github3.py) to talk with GitHub Search API.
9
12
10
13
Clone this repository and run:
14
+
11
15
```shell
12
16
pip install -r requirements.txt
13
17
```
14
18
15
-
#### Usage
19
+
### Usage
20
+
16
21
```
17
22
GH_USER - Environment variable to specify Github user
18
-
GH_PWD - Environment variable to specify password
23
+
GH_PWD - Environment variable to specify a password
19
24
GH_TOKEN - Environment variable to specify Github token
20
25
GH_URL - Environment variable to specify GitHub Enterprise base URL
- Authenticated requests get a higher rate limit. But, since this tool waits for the api rate limit to be reset (which is usually less than a minute), it can be slightly slow.
42
47
- Output formatting is not great. PR welcome
43
48
-~~Handle rate limit and retry. PR welcome~~
44
49
45
50
### Contribution
51
+
46
52
Please consider contributing dorks that can reveal potentially sensitive information on Github.
47
53
48
54
### List of Dorks
55
+
49
56
I am not categorizing at the moment. Instead, I am going to just the list of dorks with a description. Many of the dorks can be modified to make the search more specific or generic. You can see more options [here](https://github.com/search#search_cheatsheet_pane).
0 commit comments