Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jcesarstef/ghhdb-github-hacking-database

Github Hacking Database - My personal collection of Github Dorks to search for Confidential Information (Yes, it's a Github version of Google Dorks)
https://github.com/jcesarstef/ghhdb-github-hacking-database

dork github-dorks github-hacking-database leak

Last synced: about 2 months ago
JSON representation

Github Hacking Database - My personal collection of Github Dorks to search for Confidential Information (Yes, it's a Github version of Google Dorks)

Host: GitHub
URL: https://github.com/jcesarstef/ghhdb-github-hacking-database
Owner: jcesarstef
License: other
Created: 2018-04-03T01:57:55.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2020-02-10T01:06:21.000Z (over 4 years ago)
Last Synced: 2024-07-30T13:15:01.776Z (about 2 months ago)
Topics: dork, github-dorks, github-hacking-database, leak
Homepage:
Size: 19.5 KB
Stars: 198
Watchers: 14
Forks: 27
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-security-collection - **51**星 - My personal collection of Github Dorks to search for Confidential Information (Yes, it's a Github version of Google Dorks) (<a id="8c5a692b5d26527ef346687e047c5c21"></a>收集)

README

# ghhdb-Github-Hacking-Database
Github Hacking Database - A collection of Github's Dorks to search for Confidential Information (Yes, it's a Github version of Google Dorks)

### API Keys

Search | Description
--------- | ------
"api_hash" "api_id" "user_phone"|Telegram APP Configuration Keys (https://my.telegram.org/apps)
"https://api.telegram.org/bot"|Telegram API URL with Key
"aws_access_key_id" "aws_secret_access_key"|AWS API Keys
"cloudflare_api_key" "cloudflare_email"|Cloudflare API Key and Email
"Client ID" "client secret" "verification token"|Slack bot API Key
"xoxp-"|Slack API Key
"https://hooks.slack.com/"|Slack Incoming WebHook API Url with Key
filename:passwords.txt|Passwords saved in text file
filename:passwords.doc|Passwords saved in doc file (See also .docx extesion)
"app.secret_key" extension=py|flask-login API Key
"app.config['SECRET_KEY']" extension:py|Flask Secret Key
"https://api.mailgun.net/v3/"|Mailgun API URL with Key

### Certificates

Search | Description
--------- | ------
"-----BEGIN RSA PRIVATE KEY-----"|RSA Private Key
"-----BEGIN PRIVATE KEY-----"|Unencrypted PKCS#8 and base64 encoded Private Key
"-----BEGIN ENCRYPTED PRIVATE KEY-----"|PEM file Private Key
"-----BEGIN CERTIFICATE-----" extension:pem| PEM encoded SSL certificate

### Source Code Leak/Reverse Engineering

Search | Description
--------- | ------
"package com.whatsapp" extension:java|Look for code leak or reverse engineer of an Android Application.

### Passwords and connections config setting leak

Search | Description
------ | -----
app.config['SQLALCHEMY_DATABASE_URI'] | SQLAlchmy Database connection configuration leak

### 2FA Recovery Codes

Search | Description
------ | -----
filename:mega-recoverykey.txt | Mega.nz 2FA Recovery Code
filename:github-recovery-codes.txt| Github 2FA Recovery Code