mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-26 22:52:06 +00:00
336 lines
8.2 KiB
Markdown
336 lines
8.2 KiB
Markdown
|
|
|
|
<details>
|
|
|
|
<summary><strong>Support HackTricks and get benefits!</strong></summary>
|
|
|
|
Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
|
|
|
|
Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
|
|
|
|
Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
|
|
|
|
**Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
|
|
|
|
**Share your hacking tricks submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
|
|
|
|
</details>
|
|
|
|
|
|
Now that we have built the list of assets of our scope it's time to search for some OSINT low-hanging fruits.
|
|
|
|
## Api keys leaks in github
|
|
|
|
* [https://github.com/hisxo/gitGraber](https://github.com/hisxo/gitGraber)
|
|
* [https://github.com/eth0izzle/shhgit](https://github.com/eth0izzle/shhgit)
|
|
* [https://github.com/techgaun/github-dorks](https://github.com/techgaun/github-dorks)
|
|
* [https://github.com/michenriksen/gitrob](https://github.com/michenriksen/gitrob)
|
|
* [https://github.com/anshumanbh/git-all-secrets](https://github.com/anshumanbh/git-all-secrets)
|
|
* [https://github.com/awslabs/git-secrets](https://github.com/awslabs/git-secrets)
|
|
* [https://github.com/kootenpv/gittyleaks](https://github.com/kootenpv/gittyleaks)
|
|
* [https://github.com/dxa4481/truffleHog](https://github.com/dxa4481/truffleHog)
|
|
* [https://github.com/obheda12/GitDorker](https://github.com/obheda12/GitDorker)
|
|
|
|
## **Dorks**
|
|
|
|
```bash
|
|
".mlab.com password"
|
|
"access_key"
|
|
"access_token"
|
|
"amazonaws"
|
|
"api.googlemaps AIza"
|
|
"api_key"
|
|
"api_secret"
|
|
"apidocs"
|
|
"apikey"
|
|
"apiSecret"
|
|
"app_key"
|
|
"app_secret"
|
|
"appkey"
|
|
"appkeysecret"
|
|
"application_key"
|
|
"appsecret"
|
|
"appspot"
|
|
"auth"
|
|
"auth_token"
|
|
"authorizationToken"
|
|
"aws_access"
|
|
"aws_access_key_id"
|
|
"aws_key"
|
|
"aws_secret"
|
|
"aws_token"
|
|
"AWSSecretKey"
|
|
"bashrc password"
|
|
"bucket_password"
|
|
"client_secret"
|
|
"cloudfront"
|
|
"codecov_token"
|
|
"config"
|
|
"conn.login"
|
|
"connectionstring"
|
|
"consumer_key"
|
|
"credentials"
|
|
"database_password"
|
|
"db_password"
|
|
"db_username"
|
|
"dbpasswd"
|
|
"dbpassword"
|
|
"dbuser"
|
|
"dot-files"
|
|
"dotfiles"
|
|
"encryption_key"
|
|
"fabricApiSecret"
|
|
"fb_secret"
|
|
"firebase"
|
|
"ftp"
|
|
"gh_token"
|
|
"github_key"
|
|
"github_token"
|
|
"gitlab"
|
|
"gmail_password"
|
|
"gmail_username"
|
|
"herokuapp"
|
|
"internal"
|
|
"irc_pass"
|
|
"JEKYLL_GITHUB_TOKEN"
|
|
"key"
|
|
"keyPassword"
|
|
"ldap_password"
|
|
"ldap_username"
|
|
"login"
|
|
"mailchimp"
|
|
"mailgun"
|
|
"master_key"
|
|
"mydotfiles"
|
|
"mysql"
|
|
"node_env"
|
|
"npmrc _auth"
|
|
"oauth_token"
|
|
"pass"
|
|
"passwd"
|
|
"password"
|
|
"passwords"
|
|
"pem private"
|
|
"preprod"
|
|
"private_key"
|
|
"prod"
|
|
"pwd"
|
|
"pwds"
|
|
"rds.amazonaws.com password"
|
|
"redis_password"
|
|
"root_password"
|
|
"secret"
|
|
"secret.password"
|
|
"secret_access_key"
|
|
"secret_key"
|
|
"secret_token"
|
|
"secrets"
|
|
"secure"
|
|
"security_credentials"
|
|
"send.keys"
|
|
"send_keys"
|
|
"sendkeys"
|
|
"SF_USERNAME salesforce"
|
|
"sf_username"
|
|
"site.com" FIREBASE_API_JSON=
|
|
"site.com" vim_settings.xml
|
|
"slack_api"
|
|
"slack_token"
|
|
"sql_password"
|
|
"ssh"
|
|
"ssh2_auth_password"
|
|
"sshpass"
|
|
"staging"
|
|
"stg"
|
|
"storePassword"
|
|
"stripe"
|
|
"swagger"
|
|
"testuser"
|
|
"token"
|
|
"x-api-key"
|
|
"xoxb "
|
|
"xoxp"
|
|
[WFClient] Password= extension:ica
|
|
access_key
|
|
bucket_password
|
|
dbpassword
|
|
dbuser
|
|
extension:avastlic "support.avast.com"
|
|
extension:bat
|
|
extension:cfg
|
|
extension:env
|
|
extension:exs
|
|
extension:ini
|
|
extension:json api.forecast.io
|
|
extension:json googleusercontent client_secret
|
|
extension:json mongolab.com
|
|
extension:pem
|
|
extension:pem private
|
|
extension:ppk
|
|
extension:ppk private
|
|
extension:properties
|
|
extension:sh
|
|
extension:sls
|
|
extension:sql
|
|
extension:sql mysql dump
|
|
extension:sql mysql dump password
|
|
extension:yaml mongolab.com
|
|
extension:zsh
|
|
filename:.bash_history
|
|
filename:.bash_history DOMAIN-NAME
|
|
filename:.bash_profile aws
|
|
filename:.bashrc mailchimp
|
|
filename:.bashrc password
|
|
filename:.cshrc
|
|
filename:.dockercfg auth
|
|
filename:.env DB_USERNAME NOT homestead
|
|
filename:.env MAIL_HOST=smtp.gmail.com
|
|
filename:.esmtprc password
|
|
filename:.ftpconfig
|
|
filename:.git-credentials
|
|
filename:.history
|
|
filename:.htpasswd
|
|
filename:.netrc password
|
|
filename:.npmrc _auth
|
|
filename:.pgpass
|
|
filename:.remote-sync.json
|
|
filename:.s3cfg
|
|
filename:.sh_history
|
|
filename:.tugboat NOT _tugboat
|
|
filename:_netrc password
|
|
filename:apikey
|
|
filename:bash
|
|
filename:bash_history
|
|
filename:bash_profile
|
|
filename:bashrc
|
|
filename:beanstalkd.yml
|
|
filename:CCCam.cfg
|
|
filename:composer.json
|
|
filename:config
|
|
filename:config irc_pass
|
|
filename:config.json auths
|
|
filename:config.php dbpasswd
|
|
filename:configuration.php JConfig password
|
|
filename:connections
|
|
filename:connections.xml
|
|
filename:constants
|
|
filename:credentials
|
|
filename:credentials aws_access_key_id
|
|
filename:cshrc
|
|
filename:database
|
|
filename:dbeaver-data-sources.xml
|
|
filename:deployment-config.json
|
|
filename:dhcpd.conf
|
|
filename:dockercfg
|
|
filename:environment
|
|
filename:express.conf
|
|
filename:express.conf path:.openshift
|
|
filename:filezilla.xml
|
|
filename:filezilla.xml Pass
|
|
filename:git-credentials
|
|
filename:gitconfig
|
|
filename:global
|
|
filename:history
|
|
filename:htpasswd
|
|
filename:hub oauth_token
|
|
filename:id_dsa
|
|
filename:id_rsa
|
|
filename:id_rsa or filename:id_dsa
|
|
filename:idea14.key
|
|
filename:known_hosts
|
|
filename:logins.json
|
|
filename:makefile
|
|
filename:master.key path:config
|
|
filename:netrc
|
|
filename:npmrc
|
|
filename:pass
|
|
filename:passwd path:etc
|
|
filename:pgpass
|
|
filename:prod.exs
|
|
filename:prod.exs NOT prod.secret.exs
|
|
filename:prod.secret.exs
|
|
filename:proftpdpasswd
|
|
filename:recentservers.xml
|
|
filename:recentservers.xml Pass
|
|
filename:robomongo.json
|
|
filename:s3cfg
|
|
filename:secrets.yml password
|
|
filename:server.cfg
|
|
filename:server.cfg rcon password
|
|
filename:settings
|
|
filename:settings.py SECRET_KEY
|
|
filename:sftp-config.json
|
|
filename:sftp-config.json password
|
|
filename:sftp.json path:.vscode
|
|
filename:shadow
|
|
filename:shadow path:etc
|
|
filename:spec
|
|
filename:sshd_config
|
|
filename:token
|
|
filename:tugboat
|
|
filename:ventrilo_srv.ini
|
|
filename:WebServers.xml
|
|
filename:wp-config
|
|
filename:wp-config.php
|
|
filename:zhrc
|
|
HEROKU_API_KEY language:json
|
|
HEROKU_API_KEY language:shell
|
|
HOMEBREW_GITHUB_API_TOKEN language:shell
|
|
jsforce extension:js conn.login
|
|
language:yaml -filename:travis
|
|
msg nickserv identify filename:config
|
|
org:Target "AWS_ACCESS_KEY_ID"
|
|
org:Target "list_aws_accounts"
|
|
org:Target "aws_access_key"
|
|
org:Target "aws_secret_key"
|
|
org:Target "bucket_name"
|
|
org:Target "S3_ACCESS_KEY_ID"
|
|
org:Target "S3_BUCKET"
|
|
org:Target "S3_ENDPOINT"
|
|
org:Target "S3_SECRET_ACCESS_KEY"
|
|
password
|
|
path:sites databases password
|
|
private -language:java
|
|
PT_TOKEN language:bash
|
|
redis_password
|
|
root_password
|
|
secret_access_key
|
|
SECRET_KEY_BASE=
|
|
shodan_api_key language:python
|
|
WORDPRESS_DB_PASSWORD=
|
|
xoxp OR xoxb OR xoxa
|
|
s3.yml
|
|
.exs
|
|
beanstalkd.yml
|
|
deploy.rake
|
|
.sls
|
|
AWS_SECRET_ACCESS_KEY
|
|
API KEY
|
|
API SECRET
|
|
API TOKEN
|
|
ROOT PASSWORD
|
|
ADMIN PASSWORD
|
|
GCP SECRET
|
|
AWS SECRET
|
|
"private" extension:pgp
|
|
```
|
|
|
|
|
|
|
|
<details>
|
|
|
|
<summary><strong>Support HackTricks and get benefits!</strong></summary>
|
|
|
|
Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
|
|
|
|
Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
|
|
|
|
Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
|
|
|
|
**Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
|
|
|
|
**Share your hacking tricks submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
|
|
|
|
</details>
|
|
|
|
|