GitHub Recon
GitHub Recon β and what you can achieve with it!
"GitHub Recon β and what you can achieve with it!", or simply "GitHub Recon", is a topic on which I usually give talks at different events. The contents being presented and demonstrated at each event might be similar, same or updated from the predecessor event/s.
This repository is built to provide the resources focused into my talks on this topic at every event.
Events
Latest ones at the top!
- null Ahmedabad Meet 18 April 2021 Monthly Meet - April 18 2021
- Hacktoberfest Online Meetup Chitwan, 2020 - October 20, 2020
You can find out the resources for each event in their respective directory in this repository.
Presentations
| Event | Presentation | Video | Resources |
|---|---|---|---|
| null Ahmedabad Meet 18 April 2021 Monthly Meet | View Here! | Watch Here! | Find Here! |
| Hacktoberfest Online Meetup Chitwan, 2020 | View Here! | Watch Here! | Find Here! |
Some Important Slides
GitHub Dorks for Recon
Sample Keywords to search for
Resources
- Some Amazing GitHub Dorks: https://github.com/techgaun/github-dorks
- Keywords to search for: https://github.com/random-robbie/keywords/blob/master/keywords.txt
- Amazing Guide to go through: https://securitytrails.com/blog/github-dorks
- GitHub Secrets Awareness: https://www.facebook.com/askbuddie/photos/a.342347749650563/742592126292788/
- Removing sensitive data from a repository: https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/removing-sensitive-data-from-a-repository
Automated GitHub Recon
- wraith: https://github.com/N0MoreSecr3ts/wraith
- GitRob: https://github.com/michenriksen/gitrob
- TruffleHog: https://github.com/dxa4481/truffleHog
- Git-Secrets: https://github.com/awslabs/git-secrets
Sample Target
- HighlySecureOrganization/SuperSecureWebApp: https://github.com/HighlySecureOrganization/SuperSecureWebApp
Thanks,
Binit Ghimire