Create GithubDorks.txt

GithubDorks.txt

@@ -0,0 +1,165 @@
+#Dorks GiHub pour trouver clés API, Tokens et mots de passe
+private
+ldap
+password
+passwd
+pwd
+secret
+Jenkins
+OTP
+authorizition
+ftp
+dotfiles
+JDBC
+key-keys
+send_keys-keys
+send,key-keys
+token
+user
+login-singin
+passkey-passkeys
+pass
+SecretAccesKey
+app_AWS_SECRET_ACCESS_KEY
+AWS_SECRET_ACCESS_KEY
+credentials
+config
+security_credentials
+connectionstring
+ssh2_auth_password
+BD_PASSWORD
+api_key
+“api keys”
+authorization_bearer:
+oauth
+auth
+authentication
+client_secret
+api_token:
+“api token”
+client_id
+user_password
+user_pass
+passcode
+client_secret
+password hash
+user auth
+
+#bash / #Python / #sql / #php ...
+language:<language> password
+language:<language> pwd
+language:<language> passwd
+language:<language> secret
+language:<language> private
+language:<language> ldap
+language:<language> ftp
+language:<language> dotfiles
+language:<language> JDBC
+language:<language> key-keys
+language:<language> send_keys-keys
+language:<language> send,key-keys
+language:<language> token
+language:<language> user
+language:<language> login-singin
+language:<language> passkey-passkeys
+language:<language> pass
+language:<language> credentials
+language:<language> config
+language:<language> security_credentials
+language:<language> connectionstring
+language:<language> ssh2_auth_password
+...
+...
+
+#Si vous trouvez un employé de la cible:
+user:<users> linkedin
+user:<users> full name
+user:<users> https://
+user:<users> ldap
+
+#entreprise
+org:<company> https://
+org:<company> host:
+
+#Tips (Cherchez des vecteurs d'attaque externes)
+"<target>.atlassian" [<keyword>]
+"<target>.okta" [<keyword>]
+"corp.<target>" [<keyword>]
+"jira.<target>" [<keyword>]
+"<target>.oneline" [<keyword>]
+"<target>.service-now" [<keyword>]
+
+#Génériques
+filename:manifest.xml
+filename:travis.yml
+filename:vim_settings.xml
+filename:database
+filename:prod.exs NOT prod.secret.exs
+filename:prod.secret.exs
+filename:.npmrc _auth
+filename:.dockercfg auth
+filename:WebServers.xml
+filename:.bash_history <Domain name>
+filename:sftp-config.json
+filename:sftp.json path:.vscode
+filename:secrets.yml password
+filename:.esmtprc password
+filename:passwd path:etc
+filename:dbeaver-data-sources.xml
+path:sites databases password
+filename:config.php dbpasswd
+filename:prod.secret.exs
+filename:configuration.php JConfig password
+filename:.sh_history
+shodan_api_key language:python
+filename:shadow path:etc
+JEKYLL_GITHUB_TOKEN
+filename:proftpdpasswd
+filename:.pgpass
+filename:idea14.key
+filename:hub oauth_token
+HEROKU_API_KEY language:json
+HEROKU_API_KEY language:shell
+SF_USERNAME salesforce
+filename:.bash_profile aws
+extension:json api.forecast.io
+filename:.env MAIL_HOST=smtp.gmail.com
+filename:wp-config.php
+extension:sql mysql dump
+filename:credentials aws_access_key_id
+filename:id_rsa or filename:id_dsa
+GitHub Dorks for Finding Languages
+language:python username
+language:php username
+language:sql username
+language:html password
+language:perl password
+language:shell username
+language:java api
+HOMEBREW_GITHUB_API_TOKEN language:shell
+
+#Trouver des noms d'utilisateurs
+user:name (user:admin)
+org:name (org:google type:users)
+in:login (<username> in:login)
+in:name (<username> in:name)
+fullname:firstname lastname (fullname:<name> <surname>)
+in:email (data in:email)
+
+#Utiliser les dates
+created:<2012–04–05
+created:>=2011–06–12
+created:2016–02–07 location:iceland
+created:2011–04–06..2013–01–14 <user> in:username
+
+#Utiliser les extensions
+extension:pem private
+extension:ppk private
+extension:sql mysql dump
+extension:sql mysql dump password
+extension:json api.forecast.io
+extension:json mongolab.com
+extension:yaml mongolab.com
+[WFClient] Password= extension:ica
+extension:avastlic “support.avast.com”
+extension:json googleusercontent client_secret