Utsav Singh mrmean15

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

Reverse engineering ChatGPT's frontend web app + deep dive explorations of the code

Figured it would make sense to create a single gist collating my previous deep dive explorations and notes.. so here it is!

The Top Hacker Methodologies & Tools Notes

By Chase. ** *

Nuclei Templates

Concrete5 CMS : Identification, Mass Hunting, Nuclei Template Writing & Reporting

My Methodology

Pwntools Cheatsheet

Program Interaction
Environment and Contexts
Logging and Output
Encoding, Packing and Utility
Assembly and Shellcraft
ELFs, Strings and Symbols
Return Oriented Programming
SROP and Sigreturn Frames

	POST /api/v2/accounts
	GET /api/v2/activities?since=cstest
	GET /api/v2/audit_logs?filter[source_type]=cstest&filter[source_id]=1&filter[actor_id]=1&filter[ip_address]=cstest&filter[created_at]=cstest&filter[action]=cstest&sort_by=cstest&sort_order=cstest&sort=cstest
	GET /api/v2/automations
	POST /api/v2/automations
	GET /api/v2/bookmarks
	POST /api/v2/bookmarks
	GET /api/v2/brands
	POST /api/v2/brands
	GET /api/v2/custom_objects

	from hashlib import md5, sha1
	from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
	from cryptography.hazmat.backends import default_backend
	from base64 import b64encode, b64decode
	import sys, time
	import requests

	DEFAULT_MASTERKEY=b'p1a2l3o4a5l6t7o8'

	class PanCrypt():

	###################################### Will Schroeder (@harmj0y) #######################################

	S4U2Pwnage
	http://www.harmj0y.net/blog/activedirectory/s4u2pwnage/

	A Guide to Attacking Domain Trusts
	https://www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/

	Another Word on Delegation
	https://www.harmj0y.net/blog/redteaming/another-word-on-delegation/

	hostname:target.com \| to find all asset available for target.com on shodan
	http.title:"title" \| to find server/host with similer title
	http.html:"/file" \| to find server/host with similar path
	html:"context" \| to find server/host with similar string
	server: "apache 2.2.3" \| to find server/host with same server
	port:80 \| to find server/host with same port
	os:"windows" \| to find server/host with same os
	asn:AS3214 \| to find host/server with matched asn
	http.status:200 \| to find server/host with 200 http response code
	http.favicon.hash:"hash" \| to find server/host with same favico hash

	curl https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json \|jq -r '.vulnerabilities[].cveID' > cves.txt

	subfinder -d tesla.com -silent \|dnsx -silent -a -resp-only \|sort -u \|xargs -n1 -P 1500 -I% curl -s http://networktools.nl/whois/$url% \|grep "CIDR" \|cut -d : -f2 \|tr , "\n"\| awk '{$1=$1};1' \|sort -u \|egrep -v "/8\|/9\|/10\|/11\|/12\|/13\|/14\|/15\|/16" \|while read ip ;do whois -h whois.cymru.com " -v $ip" ;done \|grep -v "BGP Prefix" \|cut -d '\|' -f3 \|awk '{$1=$1};1' \|sort -u \|cidr2ip \|sort -u \|nrich - \|grep -B4 -f cves.txt \| tee shodan.txt; slackcat --channel bugbounty --filename shodan.txt