A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys on GitHub using pattern matching, commit history searching, and a unique result scoring system. A batch-catching, pattern-matching, patch-attacking secret snatcher.
Features
Usage
echo “tillsongalloway.com” | git-hound or git-hound –subdomain-file subdomains.txt
Setup
./config.yml
or ~/.githound/config.yml
with your GitHub username and password (2FA accounts are not supported). See config.example.yml.echo "tillsongalloway.com" | git-hound
Use Cases
Knowing the pattern for a specific service’s API keys enables you to search GitHub for these keys. You can then pipe matches for your custom key regex into your own script to test the API key against the service and to identify the at-risk account.
echo “api.halcorp.biz” | githound –dig –many-results –regex-file halcorp-api-regexes.txt –results-only | python halapitester.py
For detecting future API key leaks, GitHub offers Push Token Scanning to immediately detect API keys as they are posted.
My primary use for GitHound is for finding sensitive information for Bug Bounty programs. For high-profile targets, the --many-results
hack and --languages
flag are useful for scraping >100 pages of results.
echo “uberinternal.com” | githound –dig –many-results –languages common-languages.txt –threads 100
Also Read – MSSQLi-DUET : MSSQL Injection-based Domain User Enumeration Tool
Flags
--subdomain-file
– The file with the subdomains--dig-files
– Clone and search the repo’s files for results--dig-commits
– Clone and search the repo’s commit history for results--many-results
– Use result sorting and filtering hack to scrape more than 100 pages of results--results-only
– Print only regexed results to stdout. Useful for piping custom regex matches into another script--no-repos
– Don’t search repos--no-gists
– Don’t search Gists--threads
– Specify max number of threads for the commit digger to use.--regex-file
– Supply a custom regex file--language-file
– Supply a custom file with languages to search.--config-file
– Custom config file (default is config.yml
)--pages
– Max pages to search (default is 100, the page maximum)--no-scoring
– Don’t use scoring to filter out false positives--no-api-keys
– Don’t perform generic API key searching. GitHound uses common API key patterns, context clues, and a Shannon entropy filter to find potential exposed API keys.--no-files
– Don’t flag interesting file extensions--only-filtered
– Only search filtered queries (languages)--debug
– Print verbose debug messages.Related Tools
Burrow is an open source tool for burrowing through firewalls, built by teenagers at Hack Club.…
Simple golang webserver that listens for basic auth or post requests and sends a notification…
Nutek Security Platform for macOS and Linux operating systems. Tools for hackers, bug hunters and…
Welcome to SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools…
All in one Docker-based workstation with hacking tools for Pentesting and offsec Labs by maintained…
Got it! Below is the updated README.md file with instructions for downloading the project on…