From 5a5bdbb946c5044a486f837a540b34d0479ccc7c Mon Sep 17 00:00:00 2001 From: donno2048 Date: Sun, 26 Sep 2021 12:54:57 +0300 Subject: [PATCH 01/12] add telegram API token --- README.md | 1 + github-dorks.txt | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 58ca490..e3ddb46 100644 --- a/README.md +++ b/README.md @@ -127,3 +127,4 @@ filename:.remote-sync.json | Created by remote-sync for Ato filename:sftp.json path:.vscode | Created by vscode-sftp for VSCode, contains SFTP/SSH server details and credentails filename:sftp-config.json | Created by SFTP for Sublime Text, contains FTP/FTPS or SFTP/SSH server details and credentials filename:WebServers.xml | Created by Jetbrains IDEs, contains webserver credentials with encoded passwords ([not encrypted!](https://intellij-support.jetbrains.com/hc/en-us/community/posts/207074025/comments/207034775)) +"api_hash" "api_id" | Telegram API token diff --git a/github-dorks.txt b/github-dorks.txt index a49724d..792354c 100644 --- a/github-dorks.txt +++ b/github-dorks.txt @@ -80,4 +80,4 @@ filename:.remote-sync.json filename:sftp.json path:.vscode filename:WebServers.xml filename:jupyter_notebook_config.json - +"api_hash" "api_id" From e0924081d789c2272b2b8f2ac5facca6dc8b9e6a Mon Sep 17 00:00:00 2001 From: donno2048 Date: Sun, 26 Sep 2021 12:57:09 +0300 Subject: [PATCH 02/12] add slack services --- README.md | 1 + github-dorks.txt | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 58ca490..12ef5c4 100644 --- a/README.md +++ b/README.md @@ -127,3 +127,4 @@ filename:.remote-sync.json | Created by remote-sync for Ato filename:sftp.json path:.vscode | Created by vscode-sftp for VSCode, contains SFTP/SSH server details and credentails filename:sftp-config.json | Created by SFTP for Sublime Text, contains FTP/FTPS or SFTP/SSH server details and credentials filename:WebServers.xml | Created by Jetbrains IDEs, contains webserver credentials with encoded passwords ([not encrypted!](https://intellij-support.jetbrains.com/hc/en-us/community/posts/207074025/comments/207034775)) +"https://hooks.slack.com/services/" | Slack services URL often have secret API token as a suffix diff --git a/github-dorks.txt b/github-dorks.txt index a49724d..ab91fd6 100644 --- a/github-dorks.txt +++ b/github-dorks.txt @@ -80,4 +80,4 @@ filename:.remote-sync.json filename:sftp.json path:.vscode filename:WebServers.xml filename:jupyter_notebook_config.json - +"https://hooks.slack.com/services/" From 0273d511c28035d6b6a88bde39c5fdf55f0b03d6 Mon Sep 17 00:00:00 2001 From: donno2048 Date: Sun, 26 Sep 2021 12:59:40 +0300 Subject: [PATCH 03/12] add github gitlab and discord recovery codes --- README.md | 3 +++ github-dorks.txt | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 58ca490..f31a54e 100644 --- a/README.md +++ b/README.md @@ -127,3 +127,6 @@ filename:.remote-sync.json | Created by remote-sync for Ato filename:sftp.json path:.vscode | Created by vscode-sftp for VSCode, contains SFTP/SSH server details and credentails filename:sftp-config.json | Created by SFTP for Sublime Text, contains FTP/FTPS or SFTP/SSH server details and credentials filename:WebServers.xml | Created by Jetbrains IDEs, contains webserver credentials with encoded passwords ([not encrypted!](https://intellij-support.jetbrains.com/hc/en-us/community/posts/207074025/comments/207034775)) +filename:github-recovery-codes.txt | GitHub recovery key +filename:gitlab-recovery-codes.txt | GitLab recovery key +filename:discord_backup_codes.txt | Discord recovery key diff --git a/github-dorks.txt b/github-dorks.txt index a49724d..6e67381 100644 --- a/github-dorks.txt +++ b/github-dorks.txt @@ -80,4 +80,6 @@ filename:.remote-sync.json filename:sftp.json path:.vscode filename:WebServers.xml filename:jupyter_notebook_config.json - +filename:github-recovery-codes.txt +filename:gitlab-recovery-codes.txt +filename:discord_backup_codes.txt From c12029ead6708aca4d33da9e447eadf69076b39c Mon Sep 17 00:00:00 2001 From: donno2048 Date: Sun, 26 Sep 2021 13:10:26 +0300 Subject: [PATCH 04/12] fix issues with readme according to MD022 'Headings should be surrounded by blank lines' according to MD001 'Heading levels should only increment by one level at a time' use `a basic` not `basic`, `the text file` not `text file` and `a password` not `password` --- README.md | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 58ca490..d755738 100644 --- a/README.md +++ b/README.md @@ -1,21 +1,26 @@ # Github Dorks + [Github Search](https://github.com/search) is a quite powerful and useful feature that can be used to search for sensitive data on repositories. Collection of Github dorks can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pen-testing of systems. -### GitHub Dork Search Tool -[github-dork.py](github-dork.py) is a simple python tool that can search through your repository or your organization/user repositories. It's not a perfect tool at the moment but provides a basic functionality to automate the search on your repositories against the dorks specified in text file. +## GitHub Dork Search Tool + +[github-dork.py](github-dork.py) is a simple python tool that can search through your repository or your organization/user repositories. It's not a perfect tool at the moment but provides basic functionality to automate the search on your repositories against the dorks specified in the text file. + +### Installation -#### Installation This tool uses [github3.py](https://github.com/sigmavirus24/github3.py) to talk with GitHub Search API. Clone this repository and run: + ```shell pip install -r requirements.txt ``` -#### Usage +### Usage + ``` GH_USER - Environment variable to specify Github user -GH_PWD - Environment variable to specify password +GH_PWD - Environment variable to specify a password GH_TOKEN - Environment variable to specify Github token GH_URL - Environment variable to specify GitHub Enterprise base URL ``` @@ -36,16 +41,18 @@ GH_TOKEN= python github-dork.py -u dev-nepal # search GH_URL=https://github.example.com python github-dork.py -u dev-nepal # search a GitHub Enterprise instance ``` -#### Limitations +### Limitations - Authenticated requests get a higher rate limit. But, since this tool waits for the api rate limit to be reset (which is usually less than a minute), it can be slightly slow. - Output formatting is not great. PR welcome - ~~Handle rate limit and retry. PR welcome~~ ### Contribution + Please consider contributing dorks that can reveal potentially sensitive information on Github. ### List of Dorks + I am not categorizing at the moment. Instead, I am going to just the list of dorks with a description. Many of the dorks can be modified to make the search more specific or generic. You can see more options [here](https://github.com/search#search_cheatsheet_pane). Dork | Description From c7e4c684ba96bb0713511e449f1cd7a825b3ab4b Mon Sep 17 00:00:00 2001 From: Joris Hartog Date: Thu, 2 Dec 2021 14:57:48 +0100 Subject: [PATCH 05/12] Add setup.py This commit adds a setup.py file to allow users to install github-dorks more easily. --- README.md | 14 +++++++------- setup.py | 20 ++++++++++++++++++++ 2 files changed, 27 insertions(+), 7 deletions(-) create mode 100644 setup.py diff --git a/README.md b/README.md index 7b51b82..3f24dd5 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ This tool uses [github3.py](https://github.com/sigmavirus24/github3.py) to talk Clone this repository and run: ```shell -pip install -r requirements.txt +pip install . ``` ### Usage @@ -28,17 +28,17 @@ GH_URL - Environment variable to specify GitHub Enterprise base URL Some example usages are listed below: ```shell -python github-dork.py -r techgaun/github-dorks # search a single repo +github-dork.py -r techgaun/github-dorks # search a single repo -python github-dork.py -u techgaun # search all repos of a user +github-dork.py -u techgaun # search all repos of a user -python github-dork.py -u dev-nepal # search all repos of an organization +github-dork.py -u dev-nepal # search all repos of an organization -GH_USER=techgaun GH_PWD= python github-dork.py -u dev-nepal # search as authenticated user +GH_USER=techgaun GH_PWD= github-dork.py -u dev-nepal # search as authenticated user -GH_TOKEN= python github-dork.py -u dev-nepal # search using auth token +GH_TOKEN= github-dork.py -u dev-nepal # search using auth token -GH_URL=https://github.example.com python github-dork.py -u dev-nepal # search a GitHub Enterprise instance +GH_URL=https://github.example.com github-dork.py -u dev-nepal # search a GitHub Enterprise instance ``` ### Limitations diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..faadf24 --- /dev/null +++ b/setup.py @@ -0,0 +1,20 @@ +from setuptools import setup + +with open('README.md', 'r') as f: + long_description = f.read() + +setup( + name='github-dorks', + version='0.1', + description='Find leaked secrets via github search.', + license='Apache License 2.0', + long_description=long_description, + author='Samar Dhwoj Acharya (@techgaun)', + long_description_content_type='text/markdown', + scripts=['github-dork.py'], + data_files=[('github-dorks', ['github-dorks.txt'])], + install_requires=[ + 'github3.py==1.0.0a2', + 'feedparser==6.0.2', + ], +) From 27f5385d7c047e21abd7bd252f3ae381f85e0917 Mon Sep 17 00:00:00 2001 From: Joris Hartog Date: Thu, 2 Dec 2021 15:28:18 +0100 Subject: [PATCH 06/12] Also look for github-dorks.txt in sys.prefix --- github-dork.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/github-dork.py b/github-dork.py index 1ca7274..713cbc1 100644 --- a/github-dork.py +++ b/github-dork.py @@ -7,7 +7,7 @@ import time import feedparser from copy import copy -from sys import stderr +from sys import stderr, prefix gh_user = os.getenv('GH_USER', None) gh_pass = os.getenv('GH_PWD', None) @@ -87,7 +87,12 @@ def search(repo_to_search=None, output_filename=None): if gh_dorks_file is None: - gh_dorks_file = 'github-dorks.txt' + for path_prefix in ['.', os.path.join(prefix, 'github-dorks/')]: + filename = os.path.join(path_prefix, 'github-dorks.txt') + if os.path.isfile(filename): + gh_dorks_file = filename + break + if not os.path.isfile(gh_dorks_file): raise Exception('Error, the dorks file path is not valid') if user_to_search: From ab447249f691ace198edd570c8329801153beae8 Mon Sep 17 00:00:00 2001 From: dbfreem Date: Fri, 15 Dec 2023 22:29:03 -0500 Subject: [PATCH 07/12] bumped github3.py dependency --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index faadf24..979e932 100644 --- a/setup.py +++ b/setup.py @@ -14,7 +14,7 @@ scripts=['github-dork.py'], data_files=[('github-dorks', ['github-dorks.txt'])], install_requires=[ - 'github3.py==1.0.0a2', + 'github3.py==4.0.1', 'feedparser==6.0.2', ], ) From d50a677beae7b7c2972eba86ab42d28dab57fd35 Mon Sep 17 00:00:00 2001 From: Samar Dhwoj Acharya <1886670+techgaun@users.noreply.github.com> Date: Tue, 19 Dec 2023 10:06:50 -0600 Subject: [PATCH 08/12] add datadog api key dork --- github-dorks.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/github-dorks.txt b/github-dorks.txt index a96b015..c5625a6 100644 --- a/github-dorks.txt +++ b/github-dorks.txt @@ -87,3 +87,4 @@ filename:gitlab-recovery-codes.txt filename:discord_backup_codes.txt extension:yaml cloud.redislabs.com extension:json cloud.redislabs.com +DATADOG_API_KEY language:shell From b948dba8c0038ac3041f5dbce079bc6ba74c8840 Mon Sep 17 00:00:00 2001 From: szTheory Date: Sun, 2 Feb 2025 00:34:04 -0500 Subject: [PATCH 09/12] build with Dockerfile --- Dockerfile | 31 +++++++++++++++++++++++++++++++ README.md | 18 ++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..0d8ecb9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,31 @@ +# Use Python 3.8 as base - this version has good compatibility with older packages +FROM python:3.8-slim + +# Set working directory +WORKDIR /app + +# Install git (needed for pip install from git repos) +RUN apt-get update && \ + apt-get install -y git && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +# Copy only the necessary files +COPY github-dork.py /app/ +COPY github-dorks.txt /app/ +COPY setup.py /app/ +COPY README.md /app/ +COPY requirements.txt /app/ + +# Install dependencies +# Using the specific version of github3.py that's known to work +RUN pip install --no-cache-dir github3.py==1.0.0a2 feedparser==6.0.2 + +# Set environment variables +ENV PYTHONUNBUFFERED=1 +ENV PYTHONIOENCODING=UTF-8 + +# Create volume for potential output files +VOLUME ["/app/output"] + +ENTRYPOINT ["python", "github-dork.py"] \ No newline at end of file diff --git a/README.md b/README.md index 3f24dd5..7daa065 100644 --- a/README.md +++ b/README.md @@ -16,6 +16,24 @@ Clone this repository and run: pip install . ``` +### Docker Installation + +You can also run github-dorks using Docker for a consistent environment: + +```shell +# Build the Docker image +docker build -t github-dorks . + +# Run with a GitHub token (recommended) +docker run -e GH_TOKEN=your_github_token github-dorks -u someuser + +# Run with username/password +docker run -e GH_USER=your_username -e GH_PWD=your_password github-dorks -u someuser + +# Save results to a CSV file +docker run -v $(pwd)/output:/app/output -e GH_TOKEN=your_github_token github-dorks -u someuser -o /app/output/results.csv +``` + ### Usage ``` From 2a6109777e95fdcee5a667ee722586c55564078c Mon Sep 17 00:00:00 2001 From: szTheory Date: Sun, 2 Feb 2025 00:37:35 -0500 Subject: [PATCH 10/12] CI: docker build --- .github/workflows/docker-build.yml | 37 ++++++++++++++++++++++++++++++ README.md | 2 ++ 2 files changed, 39 insertions(+) create mode 100644 .github/workflows/docker-build.yml diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..f243f8e --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,37 @@ +name: Docker Build & Test + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + build-and-test: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: . + load: true + tags: github-dorks:test + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Test Docker image + run: | + # Test the version flag + docker run github-dorks:test -v + + # Basic test with a public repo (no auth needed) + docker run github-dorks:test -r techgaun/github-dorks -d github-dorks-test.txt + + - name: Verify image size + run: docker image ls github-dorks:test diff --git a/README.md b/README.md index 7daa065..eb36e4f 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +[![Docker Build & Test](https://github.com/techgaun/github-dorks/actions/workflows/docker-build.yml/badge.svg)](https://github.com/techgaun/github-dorks/actions/workflows/docker-build.yml) + # Github Dorks [Github Search](https://github.com/search) is a quite powerful and useful feature that can be used to search for sensitive data on repositories. Collection of Github dorks can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pen-testing of systems. From 2395986e18ef75dfa7bc02df849660f2f0483b6d Mon Sep 17 00:00:00 2001 From: szTheory Date: Sun, 2 Feb 2025 00:40:55 -0500 Subject: [PATCH 11/12] CI simplify build --- .github/workflows/docker-build.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index f243f8e..8476c21 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -27,11 +27,8 @@ jobs: - name: Test Docker image run: | - # Test the version flag + # Test the version flag with version flag docker run github-dorks:test -v - - # Basic test with a public repo (no auth needed) - docker run github-dorks:test -r techgaun/github-dorks -d github-dorks-test.txt - name: Verify image size run: docker image ls github-dorks:test From 21ed3923e445ccc4058375062608eb2387d29132 Mon Sep 17 00:00:00 2001 From: Divyaranjan Sahoo Date: Sun, 5 Oct 2025 20:47:01 +0530 Subject: [PATCH 12/12] chore(ci): add flake8 lint workflow and fix minor lint issue - Add GitHub Actions workflow to run flake8 on push and PR - Align Python version with Dockerfile (3.8) - Fix unused variable in exception handler to satisfy flake8 Refs: #59 --- .github/workflows/lint.yml | 28 ++++++++++++++++++++++++++++ github-dork.py | 2 +- 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/lint.yml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..038f261 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,28 @@ +name: Lint (flake8) + +on: + push: + branches: [ "**" ] + pull_request: + branches: [ "**" ] + +jobs: + flake8: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.8' + + - name: Install flake8 + run: | + python -m pip install --upgrade pip + pip install flake8 + + - name: Run flake8 + run: | + flake8 . diff --git a/github-dork.py b/github-dork.py index 713cbc1..2941b04 100644 --- a/github-dork.py +++ b/github-dork.py @@ -28,7 +28,7 @@ def search_wrapper(gen): yield next(gen) except StopIteration: return - except github.exceptions.ForbiddenError as e: + except github.exceptions.ForbiddenError: search_rate_limit = gh.rate_limit()['resources']['search'] # limit_remaining = search_rate_limit['remaining'] reset_time = search_rate_limit['reset']