Kali Linux

Dora : Find Exposed API Keys Based On RegEx And Get Exploitation Methods

Dora, a tool to Find Exposed API Keys Based On RegEx And Get Exploitation Methods For Some Of Keys That Are Found

Features

  • Blazing fast as we are using ripgrep in backend
  • Exploit/PoC steps for many of the API key, allowing to write a good report for bug bounty hunting
  • Unlike many other API key finders, dora also shows the path to the file and the line with context for easier analysis
  • Can easily be implemented into scripts. See Example Use Cases

Installation

Make sure to install ripgrep

clone the repo
git clone https://github.com/sdushantha/dora.git
change the working directory to sherlock
cd dora
install dora
python3 setup.py install –user

Usage

$ dora –help
usage: dora [options]
positional arguments:
PATH Path to directory or file to scan
optional arguments:
-h, –help show this help message and exit
–rg-path RG_PATH Specify path to ripgrep
–rg-arguments RG_ARGUMENTS
Arguments you want to provide to ripgrep
–json JSON Load regex data from a valid JSON file (default: db/data.json)
–verbose, -v, –debug, -d
Display extra debugging information
–no-color Don’t show color in terminal output

Example Use Cases

  • Decompile an APK using apktool and run dora to find exposed API keys
  • Scan GitHub repos by cloning it and allowing dora to scan it
  • While scraping sites, run dora to scan for API keys
R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

1 week ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

1 week ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

1 week ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

2 weeks ago