Bug Hunter Handbook
  • Introduction
  • Getting Started in InfoSec and Bug Bounties.
  • Presentations
  • Checklists / Guides
  • Useful Twitter Threads
  • List of Vulnerabilities
    • Recon and OSINT
      • Recon
      • Sensitive information using Github
      • Subdomain Enumeration
        • Resolvers
      • Javascript Enumeration
      • After Recon
      • Finding Information Using Public Resources
      • OSINT
      • Cloud
      • Wayback
      • Parameter / Content Discovery
      • Broken Link Highjacking
    • Host Header
    • Injection
      • Other Injection
    • DNS Rebinding
    • Cross Site Scripting (XSS)
      • Weaponizing XSS
      • WAF Bypass
    • Cross Origin Resource Sharing (CORS)
    • Local / Remote File Inclusion (LFI / RFI)
    • Server Side Request Forgery (SSRF)
    • Remote Code Execution (RCE)
    • XML Entity Injecton (XXE)
    • Price Manipulation
    • Directory / Path Traversal
    • Cross Site Request Forgery (CSRF)
      • JSON CSRF
    • Password Reset
    • Login Page Issues
    • Deserialization Attacks
    • File Upload
    • Account Takeover
    • Insecure Direct Object References (IDOR)
    • Open Redirect
    • Business Logic Flaws
    • Rate Limit Bypass / 2FA / OTP Bypass
    • Ruby on Rails
      • Mass Assginment
    • S3 Bucket
    • Race Condition
    • CRLF
    • SSTI
    • Prototype Pollution
  • Approach
  • API Security
  • Mobile Security
  • Fuzzing / Wordlists
  • BugBounty Short Write-ups
  • Burp Suite Tips and Tricks
  • HackerOne Reports
  • Response Manipulation
  • Client Vs Server Side Vulnerabilities
  • DevSecOps
  • Containers
    • Docker
    • Kubernetes
    • Containers
  • AWS
  • Azure
  • Others
    • Code Review
    • Web Sockets
    • Web Cache
    • HTTP Desync Attacks
    • Zone Transfer
    • CSP Bypass
    • Payment Bypasses
    • Http Parameter Pollution
    • Postmessage
    • Others
    • GraphQL
    • Unix / Linux
    • Email Related
    • Dependency confusion
    • Nginx Misconfigs
    • JIRA
    • OAUTH
  • Chaining of Bugs
  • Bug Bounty Automation
  • Mindmaps
  • Oneliner Collections
  • Red Teaming
  • Blue Teamining
  • Recon One Liners
  • Misc
  • Wordpress
  • Fuzzing / FuFF
  • OWASP ZAP
  • Bug List
  • Setting up burp collaborator
  • Admin Panel PwN
  • Credential Stuffing / Dump / HaveibeenPwned?
  • Tools Required
  • Nuclei Template
  • Other BugBounty Repos / Tips
  • Interview
  • Threat Modelling
  • AppSec
Powered by GitBook
On this page

Was this helpful?

  1. List of Vulnerabilities
  2. Recon and OSINT

Sensitive information using Github

PreviousReconNextSubdomain Enumeration

Last updated 3 years ago

Was this helpful?

Articles / Blogs / Presentation :

  • How I made $10K in bug bounties from GitHub secret leaks - https://tillsongalloway.com/finding-sensitive-information-on-github/index.html

  • https://github.com/Zomato/vinifera

Tools:

  • https://medium.com/@obheda12/gitdorker-a-new-tool-for-manual-github-dorking-and-easy-bug-bounty-wins-92a0a0a6b8d5

  • https://github.com/gwen001/github-search

Twitter Thread - https://twitter.com/Johnssimon22/status/1152973288588500992

Videos:

Tweets:

Others / Dorks:

  • https://github.com/adamtlangley/gitscraper

  • https://tillsongalloway.com/finding-sensitive-information-on-github/

"company name" db_password "company name" "Authorization: Bearer" "company name" filename:vim_settings.xml "company name" language:shell "company name" language:python "company name" fb_secret

Dorks List:

  • https://github.com/gwen001/github-search

  • https://github.com/obheda12/GitDorker/blob/master/Dorks/alldorksv3

  • https://github.com/hisxo/gitGraber/tree/master/wordlists

  • tinyurl.com/gitdorks

Dorks:

  • https://vsec7.github.io/

Got SSH access Tip: Github Dork "site . com" ssh language:yaml Got config.yaml

Heart exclamation
Heart exclamation
Heart exclamation
Heart exclamation
LogoGitHub - techgaun/github-dorks: Find leaked secrets via github searchGitHub
Logogithub-dorks: Collection of github dorks • Penetration TestingPenetration Testing
LogoGithub OSINTMedium
Jason Haddix
GitHub tools collection10degres
LogoGitHub Recon - It’s Really DeepMedium
LogoGitHub - hisxo/gitGraber: gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...GitHub
LogoGitHub - BishopFox/GitGot: Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.GitHub
Logobugcrowd_university/Bugcrowd University - GitHub Recon and Sensitive Data Exposure.pdf at master · bugcrowd/bugcrowd_universityGitHub