Sensitive Files/Configuration Enumeration on Github

Version Control System:

Version Control System (VCS) is a software that helps software developers to work together and maintain a complete history of their work.

Listed below are the functions of a VCS:
1. Allows developers to work simultaneously.
2. It does not allow overwriting other’s changes.
3. Maintains a history of every version.

Following are the types of VCS:

1.Centralized version control system (CVCS).
2.Distributed/Decentralized version control system (DVCS).

Introduction to Github:

Git is a distributed revision control and source code management system with an emphasis on speed.

Advantages of Git:

1.Free and open source
2. Fast and small
3. Implicit backup
4. Security
5. No need for powerful hardware
6. Easier branching

Majorly there are four sections to be stressed on when finding sensitive files in Github:

1.Repositories
2.Code
3.Commits
4.Issues
Note: Prioritize these four sections according to your search.

How to find Sensitive Files/Configuration on Github:

There are multiple ways to find Sensitive Files/Configuration on Github. We will try to share all the possible ways to find them.

# Method 1(Tool Based Approach):
You can use many online tools that are available on GitHub to find sensitive information about the target application. A few of the notable ones are:

1.Gitleaks
2.TruffleHog
3.Gitrob

Note: Usingtool is not the best way to find sensitive information,
but it can save your time compared to a manual approach moreover there is a chance of leaving sensitive information due to lack of pattern search written by the developed tool.

# Method 2(Manual Approach):
Using Github dorks is another way to find sensitive information on the Github.

1.Log into your Github account.
2. Use these Github dorks to find sensitive information.
These are a few dorks. You can customize your dorks according to what you are searching for?
“site.com” + aws_key
“site.com” + db_config
“site.com” + db_pass
“site.com” + password

Note: Here in the place of “site.com ” use main domain URL only do not search using staging URL or sub-domain URL.techgaun/github-dorksfilename:.npmrc _auth npm registry authentication data filename:.dockercfg auth docker registry authentication data…github.com

Leave a Reply

Your email address will not be published. Required fields are marked *