Locked GitDorker: scrape secrets from GitHub

By itsMe
October 19, 2020 in Pentesting

Followers 0

Start new topic

Recommended Posts

itsMe

Posted October 19, 2020

- Share

Posted October 19, 2020

This is the hidden content, please

GitDorker

GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I’ve compiled from various sources to provide an overview of sensitive information stored on github given a search query.

The Primary purpose of GitDorker is to provide the user with a clean and tailored attack surface to begin harvesting sensitive information on GitHub. GitDorker can be used with additional tools such as GitRob or Trufflehog on interesting repos or users discovered from GitDorker to produce the best results.

Rate Limits

GitDorker utilizes the GitHub Search API and is limited to 30 requests per minute. In order to prevent rate limits, a sleep function is built into GitDorker after every 30 requests to prevent search failures. Therefore, if one were to run use the alldorks.txt file with GitDorker, the process will take roughly 5 minutes to complete.

This is the hidden content, please

Link to comment

Share on other sites

This topic is now closed to further replies.

Followers 0

Go to topic listing

Similar Content
- Github Attack Toolkit: GitHub Self-Hosted Runner Enumeration and Attack Tool
  
  By itsMe, April 7, 2023
  - github
  - attack
  - (and 6 more)
    
    Tagged with:
    
    github
    
    attack
    
    toolkit:
    
    self-hosted
    
    runner
    
    enumeration
    
    and
    
    tool
  - 0 replies
  - 164 views
- Learn Social Engineering From Scratch
  
  By itsMe, April 5, 2023
  - learn
  - social
  - (and 3 more)
    
    Tagged with:
    
    learn
    
    social
    
    engineering
    
    from
    
    scratch
  - 0 replies
  - 168 views
- Linux Mastery: From Beginner to Confident Linux User 2023
  
  By itsMe, March 28, 2023
  - linux
  - mastery:
  - (and 5 more)
    
    Tagged with:
    
    linux
    
    mastery:
    
    from
    
    beginner
    
    confident
    
    user
    
    2023
  - 1 reply
  - 225 views
- GitHub Copilot X: The AI-powered developer experience
  
  By dEEpEst, March 22, 2023
  - github
  - copilot
  - (and 4 more)
    
    Tagged with:
    
    github
    
    copilot
    
    the
    
    ai-powered
    
    developer
    
    experience
  - 0 replies
  - 182 views
- How to use cookies from any website
  
  By dEEpEst, March 20, 2023
  - how
  - use
  - (and 4 more)
    
    Tagged with:
    
    how
    
    use
    
    cookies
    
    from
    
    any
    
    website
  - 0 replies
  - 262 views

Sign In

Locked GitDorker: scrape secrets from GitHub

Recommended Posts

itsMe

Link to comment

Share on other sites

Similar Content

Github Attack Toolkit: GitHub Self-Hosted Runner Enumeration and Attack Tool

Learn Social Engineering From Scratch

Linux Mastery: From Beginner to Confident Linux User 2023

GitHub Copilot X: The AI-powered developer experience

How to use cookies from any website

Browse

Activity

Store

Important Information