Gitminer - Automatic Search For GitHub
MOTIVATION
Demonstrates the fragility of trust in public repositories to store codes with sensitive information.
REQUERIMENTS
argparse
requests
json
lxmlINSTALL
git clone http://github.com/danilovazb/GitMiner
sudo apt-get install python-requests python-lxml
OR
pip install lxml requestsHELP
usage:
██████╗ ██╗████████╗███╗ ███╗██╗███╗ ██╗███████╗██████╗
██╔════╝ ██║╚══██╔══╝████╗ ████║██║████╗ ██║██╔════╝██╔══██╗
██║ ███╗██║ ██║ ██╔████╔██║██║██╔██╗ ██║█████╗ ██████╔╝
██║ ██║██║ ██║ ██║╚██╔╝██║██║██║╚██╗██║██╔══╝ ██╔══██╗
╚██████╔╝██║ ██║ ██║ ╚═╝ ██║██║██║ ╚████║███████╗██║ ██║
╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝╚═╝╚═╝ ╚═══╝╚══════╝╚═╝ ╚═╝ v1.1
Automatic search for GitHub.
+ Autor: Danilo Vaz a.k.a. UNK
+ Blog: http://unk-br.blogspot.com
+ Github: http://github.com/danilovazb
+ Gr33tz: l33t0s, RTFM
+[WARNING]------------------------------------------+
| THIS TOOL IS THE PENALTY FOR EDUCATIONAL USE, |
| THE AUTHOR IS NOT RESPONSIBLE FOR ANY DAMAGE TO |
| THE TOOL THAT USE. |
+---------------------------------------------------+
[-h] [-q 'filename:shadown path:etc']
[-m wordpress] [-o result.txt]
optional arguments:
-h, --help show this help message and exit
-q 'filename:shadown path:etc', --query 'filename:shadown path:etc'
Specify search term
-m wordpress, --module wordpress
Specify the search module
-o result.txt, --output result.txt
Specify the output file where it will be
savedEXAMPLE
Searching for wordpress configuration files with passwords:
$:> python git_miner.py -q 'filename:wp-config extension:php FTP_HOST in:file ' -m wordpress -o result.txt
Looking for brasilian government files containing passwords:
$:> python git_miner.py --query 'extension:php "root" in:file AND "gov.br" in:file' -m senhas$:> python git_miner.py --query 'filename:shadow path:etc' -m root$:> python git_miner.py --query 'filename:configuration extension:php "public password" in:file' -m joomla
Gitminer - Automatic Search For GitHub
Reviewed by Zion3R
on
6:48 PM
Rating:
Reviewed by Zion3R
on
6:48 PM
Rating:
