hacktricks/generic-methodologies-and-resources/external-recon-methodology/wide-source-code-search.md
2024-12-12 11:39:29 +01:00

3.2 KiB

Wide Source Code Search

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}

The goal of this page is to enumerate platforms that allow to search for code (literal or regex) in across thousands/millions of repos in one or more platforms.

This helps in several occasions to search for leaked information or for vulnerabilities patterns.

  • SourceGraph: Search in millions of repos. There is a free version and an enterprise version (with 15 days free). It supports regexes.
  • Github Search: Search across Github. It supports regexes.
  • Gitlab Advanced Search: Search across Gitlab projects. Support regexes.
  • SearchCode: Search code in millions of projects.

{% hint style="warning" %} When you look for leaks in a repo and run something like git log -p don't forget there might be other branches with other commits containing secrets! {% endhint %}

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}