hacktricks/generic-methodologies-and-resources/external-recon-methodology/wide-source-code-search.md

4 KiB

Wide Source Code Search

HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch Wed - 18.30(UTC) 🎙️ - 🎥 Youtube 🎥

The goal of this page is to enumerate platforms that allow to search for code (literal or regex) in across thousands/millions of repos in one or more platforms.

This helps in several occasions to search for leaked information or for vulnerabilities patterns.

  • SourceGraph: Search in millions of repos. There is a free version and an enterprise version (with 15 days free). It supports regexes.
  • Github Search: Search across Github. It supports regexes.
  • Gitlab Advanced Search: Search across Gitlab projects. Support regexes.
  • SearchCode: Search code in millions of projects.

{% hint style="warning" %} When you look for leaks in a repo and run something like git log -p don't forget there might be other branches with other commits containing secrets! {% endhint %}

HackTricks in 🐦 Twitter 🐦 - 🎙️ Twitch Wed - 18.30(UTC) 🎙️ - 🎥 Youtube 🎥