OSINT – Github Dorks

30/12/2016 | by maldevel

Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of Github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pentesting of systems.

GitHub Dork Search Tool is a simple python tool that can automate the process of searching through your repository or your organization/user repositories. Provides a basic functionality to automate the search on your repositories against the dorks specified in text file.

Installation
This tool uses github3.py to talk with GitHub Search API.

Clone this repository

git clone https://github.com/techgaun/github-dorks.git

Run

pip install -r requirements.txt

Usage
GH_USER – Environment variable to specify github user
GH_PWD – Environment variable to specify password
GH_TOKEN – Environment variable to specify github token
GH_URL – Environment variable to specify GitHub Enterprise base URL

Usage Examples
Search single repo

python github-dork.py -r techgaun/github-dorks

Search all repos of user

python github-dork.py -u techgaun

Search all repos of an organization

python github-dork.py -u dev-nepal

Search as authenticated user

GH_USER=techgaun GH_PWD=<mypass> python github-dork.py -u dev-nepal

Search using auth token

GH_TOKEN=<github_token> python github-dork.py -u dev-nepal

Search a GitHub Enterprise instance

GH_URL=https://github.example.com python github-dork.py -u dev-nepal

Project GitHub page