github-dorks - CLI tool to scan GitHub repos/organizations for potential sensitive information leaks.

Overview

github-dorks is a CLI tool to scan GitHub repos/organizations for potential sensitive information leaks.

 

How to get this tool

To use this tool, please use a method listed below.

In a Linux (Debian OS), run the following command(s).

git clone https://github.com/techgaun/github-dorks.git 

cd github-dorks

pip install -r requirements.txt

# GH_USER - Environment variable to specify GitHub user
# GH_PWD - Environment variable to specify password
# GH_TOKEN - Environment variable to specify GitHub token
# GH_URL - Environment variable to specify GitHub Enterprise base URL

 

Download directly from the following link:

 

How to execute

# search single repo
python github-dork.py -r techgaun/github-dorks

# search all repos of user python github-dork.py -u techgaun

# search all repos of an organization python github-dork.py -u dev-nepal

# search as authenticated user GH_USER=techgaun GH_PWD=<mypass> python github-dork.py -u dev-nepal

# search using auth token GH_TOKEN=<github_token> python github-dork.py -u dev-nepal
GH_URL=https://github.example.com python github-dork.py -u dev-nepal

 

References:

 

-----

Next steps:

 

This article was contributed by Jason Jacobs from Guyana. Jason is a member of the Caribbean CSPA.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.