🕵️
HowToHunt
  • HowToHunt.md
  • API Testing
    • Hidden API Functionality Exposure
    • Reverse Engineer an API
  • Account Takeover Methodology
    • Account Takeover Methodology
  • Application Level DoS
    • Application Level DoS Methods
  • Authentication Bypass
    • 2FA Bypasses
    • OTP Bypass
    • Account Ban Bypass
  • Broken-Link Hijacking
    • Broken-Link Hijacking
  • Broken Auth And Session Management
    • Session Based Bugs
  • CMS
    • AEM
    • Drupal
    • Wordpress
    • Moodle
  • CORS
    • CORS
    • CORS Bypasses
  • CSRF
    • CSRF
    • CSRF MindMap
    • CSRF Bypass
  • Finding CVEs
    • CVES
  • CheckList
    • Web Application Pentesting Checklist
    • Web Checklist by Chintan Gurjar.pdf
    • Web Checklist by Tushra Verma.pdf
    • Mindmap by Rohit Gautam
    • Mindmap by Cristian Cornea
  • Web Page Source Code Review
    • Web Page Code Review Tips
  • EXIF Geo Data Not Stripped
    • EXIF Geo Data Not Stripped
  • File Upload Bypass
    • File Upload Bypass
  • Find Origin IP
    • Find Origin
  • GraphQL
    • GraphQL
  • HTTP Desync Attack
    • HTTP_Desync
  • Host-Header Attack
    • Host-Header
  • HTML-Injection
    • HTML-Injection
  • IDOR
    • IDOR
  • JWT ATTACK
    • JWT
  • JIRA ATTACK
    • JIRA
  • MFA Bypass
    • MFA Bypasses
    • 2FA-Bypass
  • Misconfigurations
    • Default Credential And Admin Panel
    • Docker
    • S3 Bucket
  • OAuth
    • OAuth
    • OAuth Hunting
  • Open Redirection
    • Find OpenRedirect Trick
    • Open Redirection Bypass
  • Parameter Pollution
    • Parameter Pollution In Social Sharing Buttons
  • Password Reset Functionality
    • MindMap
    • Password Reset Token Leakage
    • Account_Takeover_By_Password_Reset_Functionality
    • Password_Reset_Flaws
  • Rate Limit
    • Rate Limit Flaws
    • Rate-Limit Bypass
    • No Rate-Limit on Verify-PhoneNo
    • No Rate-limit on Invite User
    • No Rate-limit on Promo
    • No Rate-limit on Verify-email
    • No Rate-limit on forget-password
  • Race Condition
    • Race Condition
  • Recon
    • Github
    • Recon Workflow
    • Subdomain Enumeration
  • SQLi
    • SQL Injection.md
  • SAML
    • SAML
  • SSRF
    • SSRF
    • Blind SSRF
  • SSTI
    • SSTI
  • Sign Up Functionality
    • Sign Up Bugs
    • Sign Up MindMap
  • Sensitive Info Leaks
    • Github Recon Method
    • Github-Dorks
    • Github Dorks All
    • Google Dorks
    • Shodan CVE Dorks
    • Version Leaks
  • Status Code Bypass
    • Status_Code_Bypass Tips
    • 403 Bypass
  • Subdomain Takeover
    • Subdomain Takeover - Detail Method
    • Subdomain Takeover - Easy Method
    • Subs or Top level Domain
  • Tabnabbing
    • Tabnabbing
  • WAF Bypasses
    • WAF Bypass Using Headers
  • Weak Password Policy
    • Weak Password Policy
  • XSS
    • XSS
    • Bypass CSP
    • XSS Bypass
    • Automated XSS
    • Post Message Xss
  • XXE
    • XXE Methods
    • Billion Laugh Attack
Powered by GitBook
On this page
  • Steps:
  • Tools and references::
  • Reports (Hackerone)
  • Resolved
  • Author:
  1. Sensitive Info Leaks

Github Recon Method

PreviousSign Up MindMapNextGithub-Dorks

Last updated 4 years ago

Using Github we can find sensitive infos.

Steps:

  1. Check github with company name for API keys or passswords.

  2. Enumerate the employees of the company from linkedin and twitter and check their repositories on github for sensitive information.

  3. Check source code of main website and subdomains for github links in the html comments or anywhere. Search using ctl-F and search for keyword github

Tools and references::

Reports (Hackerone)

Resolved

Author:

(MadMaxx)

https://github.com/BishopFox/GitGot
https://github.com/hisxo/gitGraber
https://github.com/tillson/git-hound
https://securitytrails.com/blog/github-dorks
Important information leaked on Github
Github Token Leaked publicly for https://github.com/mopub
CircleCI token in github repo allows for access to sensitive build information
Information Leak - Github - JMS Information
Leaked artifactory_key, artifactory_api_key, and gcloud refresh_token via GitHub.
Github Token Leaked publicly for https://github.sc-corp.net
@0xCCFFF
@klaus