mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-26 14:40:37 +00:00
327 lines
9.6 KiB
Markdown
327 lines
9.6 KiB
Markdown
|
# Dorks de Github y filtraciones
|
||
|
|
||
|
<details>
|
||
|
|
||
|
<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>
|
||
|
|
||
|
* ¿Trabajas en una **empresa de ciberseguridad**? ¿Quieres ver tu **empresa anunciada en HackTricks**? ¿O quieres tener acceso a la **última versión de PEASS o descargar HackTricks en PDF**? ¡Consulta los [**PLANES DE SUSCRIPCIÓN**](https://github.com/sponsors/carlospolop)!
|
||
|
* Descubre [**The PEASS Family**](https://opensea.io/collection/the-peass-family), nuestra colección exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)
|
||
|
* Obtén el [**oficial PEASS & HackTricks swag**](https://peass.creator-spring.com)
|
||
|
* **Únete al** [**💬**](https://emojipedia.org/speech-balloon/) [**grupo de Discord**](https://discord.gg/hRep4RUj7f) o al [**grupo de telegram**](https://t.me/peass) o **sígueme** en **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
|
||
|
* **Comparte tus trucos de hacking enviando PRs al [repositorio de hacktricks](https://github.com/carlospolop/hacktricks) y al [repositorio de hacktricks-cloud](https://github.com/carlospolop/hacktricks-cloud)**.
|
||
|
|
||
|
</details>
|
||
|
|
||
|
<img src="../../.gitbook/assets/i3.png" alt="" data-size="original">\
|
||
|
**Consejo de recompensa por errores**: **regístrate** en **Intigriti**, una plataforma premium de **recompensas por errores creada por hackers, para hackers**. ¡Únete a nosotros en [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) hoy mismo y comienza a ganar recompensas de hasta **$100,000**!
|
||
|
|
||
|
{% embed url="https://go.intigriti.com/hacktricks" %}
|
||
|
|
||
|
Ahora que hemos construido la lista de activos de nuestro alcance, es hora de buscar algunas frutas bajas de OSINT.
|
||
|
|
||
|
### Filtraciones de claves API en Github
|
||
|
|
||
|
* [https://github.com/hisxo/gitGraber](https://github.com/hisxo/gitGraber)
|
||
|
* [https://github.com/eth0izzle/shhgit](https://github.com/eth0izzle/shhgit)
|
||
|
* [https://github.com/techgaun/github-dorks](https://github.com/techgaun/github-dorks)
|
||
|
* [https://github.com/michenriksen/gitrob](https://github.com/michenriksen/gitrob)
|
||
|
* [https://github.com/anshumanbh/git-all-secrets](https://github.com/anshumanbh/git-all-secrets)
|
||
|
* [https://github.com/awslabs/git-secrets](https://github.com/awslabs/git-secrets)
|
||
|
* [https://github.com/kootenpv/gittyleaks](https://github.com/kootenpv/gittyleaks)
|
||
|
* [https://github.com/dxa4481/truffleHog](https://github.com/dxa4481/truffleHog)
|
||
|
* [https://github.com/obheda12/GitDorker](https://github.com/obheda12/GitDorker)
|
||
|
|
||
|
### **Dorks**
|
||
|
```bash
|
||
|
".mlab.com password"
|
||
|
"access_key"
|
||
|
"access_token"
|
||
|
"amazonaws"
|
||
|
"api.googlemaps AIza"
|
||
|
"api_key"
|
||
|
"api_secret"
|
||
|
"apidocs"
|
||
|
"apikey"
|
||
|
"apiSecret"
|
||
|
"app_key"
|
||
|
"app_secret"
|
||
|
"appkey"
|
||
|
"appkeysecret"
|
||
|
"application_key"
|
||
|
"appsecret"
|
||
|
"appspot"
|
||
|
"auth"
|
||
|
"auth_token"
|
||
|
"authorizationToken"
|
||
|
"aws_access"
|
||
|
"aws_access_key_id"
|
||
|
"aws_key"
|
||
|
"aws_secret"
|
||
|
"aws_token"
|
||
|
"AWSSecretKey"
|
||
|
"bashrc password"
|
||
|
"bucket_password"
|
||
|
"client_secret"
|
||
|
"cloudfront"
|
||
|
"codecov_token"
|
||
|
"config"
|
||
|
"conn.login"
|
||
|
"connectionstring"
|
||
|
"consumer_key"
|
||
|
"credentials"
|
||
|
"database_password"
|
||
|
"db_password"
|
||
|
"db_username"
|
||
|
"dbpasswd"
|
||
|
"dbpassword"
|
||
|
"dbuser"
|
||
|
"dot-files"
|
||
|
"dotfiles"
|
||
|
"encryption_key"
|
||
|
"fabricApiSecret"
|
||
|
"fb_secret"
|
||
|
"firebase"
|
||
|
"ftp"
|
||
|
"gh_token"
|
||
|
"github_key"
|
||
|
"github_token"
|
||
|
"gitlab"
|
||
|
"gmail_password"
|
||
|
"gmail_username"
|
||
|
"herokuapp"
|
||
|
"internal"
|
||
|
"irc_pass"
|
||
|
"JEKYLL_GITHUB_TOKEN"
|
||
|
"key"
|
||
|
"keyPassword"
|
||
|
"ldap_password"
|
||
|
"ldap_username"
|
||
|
"login"
|
||
|
"mailchimp"
|
||
|
"mailgun"
|
||
|
"master_key"
|
||
|
"mydotfiles"
|
||
|
"mysql"
|
||
|
"node_env"
|
||
|
"npmrc _auth"
|
||
|
"oauth_token"
|
||
|
"pass"
|
||
|
"passwd"
|
||
|
"password"
|
||
|
"passwords"
|
||
|
"pem private"
|
||
|
"preprod"
|
||
|
"private_key"
|
||
|
"prod"
|
||
|
"pwd"
|
||
|
"pwds"
|
||
|
"rds.amazonaws.com password"
|
||
|
"redis_password"
|
||
|
"root_password"
|
||
|
"secret"
|
||
|
"secret.password"
|
||
|
"secret_access_key"
|
||
|
"secret_key"
|
||
|
"secret_token"
|
||
|
"secrets"
|
||
|
"secure"
|
||
|
"security_credentials"
|
||
|
"send.keys"
|
||
|
"send_keys"
|
||
|
"sendkeys"
|
||
|
"SF_USERNAME salesforce"
|
||
|
"sf_username"
|
||
|
"site.com" FIREBASE_API_JSON=
|
||
|
"site.com" vim_settings.xml
|
||
|
"slack_api"
|
||
|
"slack_token"
|
||
|
"sql_password"
|
||
|
"ssh"
|
||
|
"ssh2_auth_password"
|
||
|
"sshpass"
|
||
|
"staging"
|
||
|
"stg"
|
||
|
"storePassword"
|
||
|
"stripe"
|
||
|
"swagger"
|
||
|
"testuser"
|
||
|
"token"
|
||
|
"x-api-key"
|
||
|
"xoxb "
|
||
|
"xoxp"
|
||
|
[WFClient] Password= extension:ica
|
||
|
access_key
|
||
|
bucket_password
|
||
|
dbpassword
|
||
|
dbuser
|
||
|
extension:avastlic "support.avast.com"
|
||
|
extension:bat
|
||
|
extension:cfg
|
||
|
extension:env
|
||
|
extension:exs
|
||
|
extension:ini
|
||
|
extension:json api.forecast.io
|
||
|
extension:json googleusercontent client_secret
|
||
|
extension:json mongolab.com
|
||
|
extension:pem
|
||
|
extension:pem private
|
||
|
extension:ppk
|
||
|
extension:ppk private
|
||
|
extension:properties
|
||
|
extension:sh
|
||
|
extension:sls
|
||
|
extension:sql
|
||
|
extension:sql mysql dump
|
||
|
extension:sql mysql dump password
|
||
|
extension:yaml mongolab.com
|
||
|
extension:zsh
|
||
|
filename:.bash_history
|
||
|
filename:.bash_history DOMAIN-NAME
|
||
|
filename:.bash_profile aws
|
||
|
filename:.bashrc mailchimp
|
||
|
filename:.bashrc password
|
||
|
filename:.cshrc
|
||
|
filename:.dockercfg auth
|
||
|
filename:.env DB_USERNAME NOT homestead
|
||
|
filename:.env MAIL_HOST=smtp.gmail.com
|
||
|
filename:.esmtprc password
|
||
|
filename:.ftpconfig
|
||
|
filename:.git-credentials
|
||
|
filename:.history
|
||
|
filename:.htpasswd
|
||
|
filename:.netrc password
|
||
|
filename:.npmrc _auth
|
||
|
filename:.pgpass
|
||
|
filename:.remote-sync.json
|
||
|
filename:.s3cfg
|
||
|
filename:.sh_history
|
||
|
filename:.tugboat NOT _tugboat
|
||
|
filename:_netrc password
|
||
|
filename:apikey
|
||
|
filename:bash
|
||
|
filename:bash_history
|
||
|
filename:bash_profile
|
||
|
filename:bashrc
|
||
|
filename:beanstalkd.yml
|
||
|
filename:CCCam.cfg
|
||
|
filename:composer.json
|
||
|
filename:config
|
||
|
filename:config irc_pass
|
||
|
filename:config.json auths
|
||
|
filename:config.php dbpasswd
|
||
|
filename:configuration.php JConfig password
|
||
|
filename:connections
|
||
|
filename:connections.xml
|
||
|
filename:constants
|
||
|
filename:credentials
|
||
|
filename:credentials aws_access_key_id
|
||
|
filename:cshrc
|
||
|
filename:database
|
||
|
filename:dbeaver-data-sources.xml
|
||
|
filename:deployment-config.json
|
||
|
filename:dhcpd.conf
|
||
|
filename:dockercfg
|
||
|
filename:environment
|
||
|
filename:express.conf
|
||
|
filename:express.conf path:.openshift
|
||
|
filename:filezilla.xml
|
||
|
filename:filezilla.xml Pass
|
||
|
filename:git-credentials
|
||
|
filename:gitconfig
|
||
|
filename:global
|
||
|
filename:history
|
||
|
filename:htpasswd
|
||
|
filename:hub oauth_token
|
||
|
filename:id_dsa
|
||
|
filename:id_rsa
|
||
|
filename:id_rsa or filename:id_dsa
|
||
|
filename:idea14.key
|
||
|
filename:known_hosts
|
||
|
filename:logins.json
|
||
|
filename:makefile
|
||
|
filename:master.key path:config
|
||
|
filename:netrc
|
||
|
filename:npmrc
|
||
|
filename:pass
|
||
|
filename:passwd path:etc
|
||
|
filename:pgpass
|
||
|
filename:prod.exs
|
||
|
filename:prod.exs NOT prod.secret.exs
|
||
|
filename:prod.secret.exs
|
||
|
filename:proftpdpasswd
|
||
|
filename:recentservers.xml
|
||
|
filename:recentservers.xml Pass
|
||
|
filename:robomongo.json
|
||
|
filename:s3cfg
|
||
|
filename:secrets.yml password
|
||
|
filename:server.cfg
|
||
|
filename:server.cfg rcon password
|
||
|
filename:settings
|
||
|
filename:settings.py SECRET_KEY
|
||
|
filename:sftp-config.json
|
||
|
filename:sftp-config.json password
|
||
|
filename:sftp.json path:.vscode
|
||
|
filename:shadow
|
||
|
filename:shadow path:etc
|
||
|
filename:spec
|
||
|
filename:sshd_config
|
||
|
filename:token
|
||
|
filename:tugboat
|
||
|
filename:ventrilo_srv.ini
|
||
|
filename:WebServers.xml
|
||
|
filename:wp-config
|
||
|
filename:wp-config.php
|
||
|
filename:zhrc
|
||
|
HEROKU_API_KEY language:json
|
||
|
HEROKU_API_KEY language:shell
|
||
|
HOMEBREW_GITHUB_API_TOKEN language:shell
|
||
|
jsforce extension:js conn.login
|
||
|
language:yaml -filename:travis
|
||
|
msg nickserv identify filename:config
|
||
|
org:Target "AWS_ACCESS_KEY_ID"
|
||
|
org:Target "list_aws_accounts"
|
||
|
org:Target "aws_access_key"
|
||
|
org:Target "aws_secret_key"
|
||
|
org:Target "bucket_name"
|
||
|
org:Target "S3_ACCESS_KEY_ID"
|
||
|
org:Target "S3_BUCKET"
|
||
|
org:Target "S3_ENDPOINT"
|
||
|
org:Target "S3_SECRET_ACCESS_KEY"
|
||
|
password
|
||
|
path:sites databases password
|
||
|
private -language:java
|
||
|
PT_TOKEN language:bash
|
||
|
redis_password
|
||
|
root_password
|
||
|
secret_access_key
|
||
|
SECRET_KEY_BASE=
|
||
|
shodan_api_key language:python
|
||
|
WORDPRESS_DB_PASSWORD=
|
||
|
xoxp OR xoxb OR xoxa
|
||
|
s3.yml
|
||
|
.exs
|
||
|
beanstalkd.yml
|
||
|
deploy.rake
|
||
|
.sls
|
||
|
AWS_SECRET_ACCESS_KEY
|
||
|
API KEY
|
||
|
API SECRET
|
||
|
API TOKEN
|
||
|
ROOT PASSWORD
|
||
|
ADMIN PASSWORD
|
||
|
GCP SECRET
|
||
|
AWS SECRET
|
||
|
"private" extension:pgp
|
||
|
```
|
||
|
<details>
|
||
|
|
||
|
<summary><a href="https://cloud.hacktricks.xyz/pentesting-cloud/pentesting-cloud-methodology"><strong>☁️ HackTricks Cloud ☁️</strong></a> -<a href="https://twitter.com/hacktricks_live"><strong>🐦 Twitter 🐦</strong></a> - <a href="https://www.twitch.tv/hacktricks_live/schedule"><strong>🎙️ Twitch 🎙️</strong></a> - <a href="https://www.youtube.com/@hacktricks_LIVE"><strong>🎥 Youtube 🎥</strong></a></summary>
|
||
|
|
||
|
* ¿Trabajas en una **empresa de ciberseguridad**? ¿Quieres ver tu **empresa anunciada en HackTricks**? ¿O quieres tener acceso a la **última versión de PEASS o descargar HackTricks en PDF**? ¡Consulta los [**PLANES DE SUSCRIPCIÓN**](https://github.com/sponsors/carlospolop)!
|
||
|
* Descubre [**The PEASS Family**](https://opensea.io/collection/the-peass-family), nuestra colección exclusiva de [**NFTs**](https://opensea.io/collection/the-peass-family)
|
||
|
* Obtén la [**oficial PEASS & HackTricks swag**](https://peass.creator-spring.com)
|
||
|
* **Únete al** [**💬**](https://emojipedia.org/speech-balloon/) **grupo de Discord** o al [**grupo de telegram**](https://t.me/peass) o **sígueme en** **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
|
||
|
* **Comparte tus trucos de hacking enviando PRs al [repositorio de hacktricks](https://github.com/carlospolop/hacktricks) y al [repositorio de hacktricks-cloud](https://github.com/carlospolop/hacktricks-cloud)**.
|
||
|
|
||
|
</details>
|