ghhdb-Github-Hacking-Database Github Hacking Database - A collection of Github's Dorks to search for Confidential Information (Yes, it's a Github version of Google Dorks)
Search Description "api_hash" "api_id" "user_phone" Telegram APP Configuration Keys (https://my.telegram.org/apps ) "https://api.telegram.org/bot " Telegram API URL with Key "aws_access_key_id" "aws_secret_access_key" AWS API Keys "cloudflare_api_key" "cloudflare_email" Cloudflare API Key and Email "Client ID" "client secret" "verification token" Slack bot API Key "xoxp-" Slack API Key "https://hooks.slack.com/ " Slack Incoming WebHook API Url with Key filename:passwords.txt Passwords saved in text file filename:passwords.doc Passwords saved in doc file (See also .docx extesion) "app.secret_key" extension=py flask-login API Key "app.config['SECRET_KEY']" extension:py Flask Secret Key "https://api.mailgun.net/v3/ " Mailgun API URL with Key
Search Description "-----BEGIN RSA PRIVATE KEY-----" RSA Private Key "-----BEGIN PRIVATE KEY-----" Unencrypted PKCS#8 and base64 encoded Private Key "-----BEGIN ENCRYPTED PRIVATE KEY-----" PEM file Private Key "-----BEGIN CERTIFICATE-----" extension:pem PEM encoded SSL certificate
Source Code Leak/Reverse Engineering Search Description "package com.whatsapp" extension:java Look for code leak or reverse engineer of an Android Application.
Passwords and connections config setting leak Search Description app.config['SQLALCHEMY_DATABASE_URI'] SQLAlchmy Database connection configuration leak
Search Description filename:mega-recoverykey.txt Mega.nz 2FA Recovery Code filename:github-recovery-codes.txt Github 2FA Recovery Code
Search Description "Sha1-Hulud: The Second Coming." Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft