Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

GitMiner - Tool for Advanced Content Search on Github

GitMiner is an advanced search tool for Github. It aims to facilitate research by code or code snippets on github through the site's search page.

It demonstrates the fragility of trust in public repositories to store codes with sensitive information.


  • lxml
  • requests
  • argparse
  • json
  • re

    How To Install GitMiner:

    $ git clone

    $ cd GitMiner

    ~/GitMiner $ pip3 install -r requirements.txt

    $ git clone
    $ cd GitMiner
    $ docker build -t gitminer .
    $ docker run -it gitminer -h


    __ Automatic search for Github
    ((OO)) ▄████ ██▓▄▄▄█████▓ ███▄ ▄███▓ ██▓ ███▄ █ ▓█████ ██▀███
    \__/ ██▒ ▀█▒▓██▒▓ ██▒ ▓▒▓██▒▀█▀ ██▒▓██▒ ██ ▀█ █ ▓█ ▀ ▓██ ▒ ██▒ OO
    |^| ▒██░▄▄▄░▒██▒▒ ▓██░ ▒░▓██ ▓██░▒██▒▓██ ▀█ ██▒▒███ ▓██ ░▄█ ▒ oOo
    | | ░▓█ ██▓░██░░ ▓██▓ ░ ▒██ ▒██ ░██░▓██▒ ▐▌██▒▒▓█ ▄ ▒██▀▀█▄ OoO
    | | ░▒▓███▀▒░██░ ▒██▒ ░ ▒██▒ ░██▒░██░▒██░ ▓██░░▒████▒░██▓ ▒██▒ /oOo
    | |___░▒___▒_░▓____▒_░░___░_▒░___░__░░▓__░_▒░___▒_▒_░░_▒░_░░_▒▓_░▒▓░_/ /
    \______░___░__▒_░____░____░__░______░_▒_░░_░░___░_▒░_░_░__░__░▒_░_▒░__/ v2.0
    ░ ░ ░ ▒ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ ░░ ░
    ░ ░ ░ ░ ░ ░ ░ ░


    [-h] [-q 'filename:shadow path:etc']
    [-m wordpress] [-o result.txt]
    [-r '/^\s*.*?;?\s*$/gm']
    [-c _octo=GH1.1.2098292984896.153133829439; _ga=GA1.2.36424941.153192375318; user_session=oZIxL2_ajeDplJSndfl37ddaLAEsR2l7myXiiI53STrfhqnaN; __Host-user_session_same_site=oXZxv9_ajeDplV0gAEsmyXiiI53STrfhDN; logged_in=yes; dotcom_user=unkl4b; tz=America%2FSao_Paulo; has_recent_activity=1; _gh_sess=MmxxOXBKQ1RId3NOVGpGcG54aEVnT1o0dGhxdGdzWVpySnFRd1dVYUk5TFZpZXFuTWxOdW1FK1IyM0pONjlzQWtZM2xtaFR3ZDdxlGMCsrWnBIdnhUN0tjVUtMYU1GeG5Pbm5DMThuWUFETnZjcllGOUNkRGUwNUtKOVJTaGR5eUJYamhWRE5XRnMWZZN3Y3dlpFNDZXL1NWUEN4c093RFhQd3RJQ1NBdmhrVDE3VVNiUFF3dHBycC9FeDZ3cFVXV0ZBdXZieUY5WDRlOE9ZSG5sNmRHUmllcmk0Up1MTcyTXZrN1RHYmJSdz09--434afdd652b37745f995ab55fc83]

    optional arguments:
    -h, --help show this help message and exit
    -q 'filename:shadow path:etc', --query 'filename:shadow path:etc'
    Specify search term
    -m wordpress, --module wordpress
    Specify the search module
    -o result.txt, --output result.txt
    Specify the output file where it will be
    -r '/^\s*(.*?);?\s*$/gm', --regex '/^\s*(.*?);?\s*$/gm'
    Set regex to search in file
    -c _octo=GH1.1.2098292984896.153133829439; _ga=GA1.2.36424941.153192375318; user_session=oZIxL2_ajeDplJSndfl37ddaLAEsR2l7myXiiI53STrfhqnaN; __Host-user_session_same_site=oXZxv9_ajeDplV0gAEsmyXiiI53STrfhDN; logged_in=yes; dotcom_user=unkl4b; tz=America%2FSao_Paulo; has_recent_activity=1; _gh_sess=MmxxOXBKQ1RId3NOVGpGcG54aEVnT1o0dGhxdGdzWVpySnFRd1dVYUk5TFZpZXFuTWxOdW1FK1IyM0pONjlzQWtZM2xtaFR3ZDdxlGMCsrWnBIdnhUN0tjVUtMYU1GeG5Pbm5DMThuWUFETnZjcllGOUNkRGUwNUtKOVJTaGR5eUJYamhWRE5XRnMWZZN3Y3dlpFNDZXL1NWUEN4c093RFhQd3RJQ1NBdmhrVDE3VVNiUFF3dHBycC9FeDZ3cFVXV0ZBdXZieUY5WDRlOE9ZSG5sNmRHUmllcmk0Up1MTcyTXZrN1RHYmJSdz09--434afdd652b37745f995ab55fc83, --cookie _octo=GH1.1.2098292984896.153133829439; _ga=GA1.2.36424941.153192375318; user_session=oZIxL2_ajeDplJSndfl37ddaLAEsR2l7myXiiI53STrfhqnaN; __Host-user_session_same_site=oXZxv9_ajeDplV0gAEsmyXiiI53STrfhDN; logged_in=yes; dotcom_user=unkl4b; tz=America%2FSao_Paulo; has_recent_activity=1; _gh_sess=MmxxOXBKQ1RId3NOVGpGcG54aEVnT1o0dGhxdGdzWVpySnFRd1dVYUk5TFZpZXFuTWxOdW1FK1IyM0pONjlzQWtZM2xtaFR3ZDdxlGMCsrWnBIdnhUN0tjVUtMYU1GeG5Pbm5DMThuWUFETnZjcllGOUNkRGUwNUtKOVJTaGR5eUJYamhWRE5XRnMWZZN3Y3dlpFNDZXL1NWUEN4c093RFhQd3RJQ1NBdmhrVDE3VVNiUFF3dHBycC9FeDZ3cFVXV0ZBdXZieUY5WDRlOE9ZSG5sNmRHUmllcmk0Up1MTcyTXZrN1RHYmJSdz09--434afdd652b37745f995ab55fc83
    Specify the cookie for your github

    How To Use GitMiner:

    • Searching for wordpress configuration files with passwords:
    $:> python3 -q 'filename:wp-config extension:php FTP_HOST in:file ' -m wordpress -c pAAAhPOma9jEsXyLWZ-16RTTsGI8wDawbNs4 -o result.txt

    • Looking for brasilian government files containing passwords:
    $:> python3 --query 'extension:php "root" in:file AND "" in:file' -m senhas -c pAAAhPOma9jEsXyLWZ-16RTTsGI8wDawbNs4

    • Looking for shadow files on the etc paste:
    $:> python3 --query 'filename:shadow path:etc' -m root -c pAAAhPOma9jEsXyLWZ-16RTTsGI8wDawbNs4

    • Searching for joomla configuration files with passwords:
    $:> python3 --query 'filename:configuration extension:php "public password" in:file' -m joomla -c pAAAhPOma9jEsXyLWZ-16RTTsGI8wDawbNs4

    Hacking SSH Servers:

    Dorks to Search:



    filename:.npmrc _authnpm registry authentication data
    filename:.dockercfg authdocker registry authentication data
    extension:pem privateprivate keys
    extension:ppk privateputtygen private keys
    filename:id_rsa or filename:id_dsaprivate ssh keys
    extension:sql mysql dumpmysql dump
    extension:sql mysql dump passwordmysql dump look for password; you can try varieties
    filename:credentials aws_access_key_idmight return false negatives with dummy values
    filename:.s3cfgmight return false negatives with dummy values
    filename:wp-config.phpwordpress config files
    filename:.htpasswdhtpasswd files
    filename:.env DB_USERNAME NOT homesteadlaravel .env (CI, various ruby based frameworks too)
    filename:.env smtp configuration (try different smtp services too)
    filename:.git-credentialsgit credentials store, add NOT username for more valid results
    PT_TOKEN language:bashpivotaltracker tokens
    filename:.bashrc passwordsearch for passwords, etc. in .bashrc (try with .bash_profile too)
    filename:.bashrc mailchimpvariation of above (try more variations)
    filename:.bash_profile awsaws access and secret keys passwordAmazon RDS possible credentials
    extension:json api.forecast.iotry variations, find api keys/secrets
    extension:json mongolab.commongolab credentials in json configs
    extension:yaml mongolab.commongolab credentials in yaml configs (try with yml)
    jsforce extension:js conn.loginpossible salesforce credentials in nodejs projects
    SF_USERNAME salesforcepossible salesforce credentials
    filename:.tugboat NOT _tugboatDigital Ocean tugboat config
    HEROKU_API_KEY language:shellHeroku api keys
    HEROKU_API_KEY language:jsonHeroku api keys in json files
    filename:.netrc passwordnetrc that possibly holds sensitive credentials
    filename:_netrc passwordnetrc that possibly holds sensitive credentials
    filename:hub oauth_tokenhub config that stores github tokens
    filename:robomongo.jsonmongodb credentials file used by robomongo
    filename:filezilla.xml Passfilezilla config file with possible user/pass to ftp
    filename:recentservers.xml Passfilezilla config file with possible user/pass to ftp
    filename:config.json authsdocker registry authentication data
    filename:idea14.keyIntelliJ Idea 14 key, try variations for other versions
    filename:config irc_passpossible IRC config
    filename:connections.xmlpossible db connections configuration, try variations to be specific
    filename:express.conf path:.openshiftopenshift config, only email and server thou
    filename:.pgpassPostgreSQL file which can contain passwords
    filename:proftpdpasswdUsernames and passwords of proftpd created by cpanel
    filename:ventrilo_srv.iniVentrilo configuration
    [WFClient] Password= extension:icaWinFrame-Client infos needed by users to connect toCitrix Application Servers
    filename:server.cfg rcon passwordCounter Strike RCON Passwords
    JEKYLL_GITHUB_TOKENGithub tokens used for jekyll
    filename:.bash_historyBash history file
    filename:.cshrcRC file for csh shell
    filename:.historyhistory file (often used by many tools)
    filename:.sh_historykorn shell history
    filename:sshd_configOpenSSH server config
    filename:dhcpd.confDHCP service config
    filename:prod.exs NOT prod.secret.exsPhoenix prod configuration file
    filename:prod.secret.exsPhoenix prod secret
    filename:configuration.php JConfig passwordJoomla configuration file
    filename:config.php dbpasswdPHP application database password (e.g., phpBB forum software)
    path:sites databases passwordDrupal website database credentials
    shodan_api_key language:pythonShodan API keys (try other languages too)
    filename:shadow path:etcContains encrypted passwords and account information of new unix systems
    filename:passwd path:etcContains user account information including encrypted passwords of traditional unix systems
    extension:avastlic ""Contains license keys for Avast! Antivirus
    filename:dbeaver-data-sources.xmlDBeaver config containing MySQL Credentials
    filename:.esmtprc passwordesmtp configuration
    extension:json googleusercontent client_secretOAuth credentials for accessing Google APIs
    HOMEBREW_GITHUB_API_TOKEN language:shellGithub token usually set by homebrew users
    xoxp OR xoxbSlack bot and private tokens passwordMLAB Hosted MongoDB Credentials
    filename:logins.jsonFirefox saved password collection (key3.db usually in same repo)
    filename:CCCam.cfgCCCam Server config file
    msg nickserv identify filename:configPossible IRC login passwords SECRET_KEYDjango secret keys (usually allows for session hijacking, RCE, etc)
    filename:secrets.yml passwordUsernames/passwords, Rails applications
    filename:master.key path:configRails master key (used for decrypting credentials.yml.enc for Rails 5.2+)
    filename:deployment-config.jsonCreated by sftp-deployment for Atom, contains server details and credentials
    filename:.ftpconfigCreated by remote-ssh for Atom, contains SFTP/SSH server details and credentials
    filename:.remote-sync.jsonCreated by remote-sync for Atom, contains FTP and/or SCP/SFTP/SSH server details and credentials
    filename:sftp.json path:.vscodeCreated by vscode-sftp for VSCode, contains SFTP/SSH server details and credentails
    filename:sftp-config.jsonCreated by SFTP for Sublime Text, contains FTP/FTPS or SFTP/SSH server details and credentials
    filename:WebServers.xmlCreated by Jetbrains IDEs, contains webserver credentials with encoded passwords (not encrypted!)

    Download GitMiner

    You might also like:
    • InfernalWireless - Automated Wireless Hacking Tool
    • Twittor - A Fully Featured Backdoor that Uses Twitter As a C&C Server
    • BruteX - Automatically Brute force All Services Running On a Target
    • WS-Attacker - Modular Framework for Web Services Penetration Testing
    • NSEarch - Nmap Script Engine Search
    • THC-SmartBrute - Finds Undocumented and Secret Commands Implemented In a Smart Card
    • Mobius Forensic Toolkit - Forensics Framework To Manage Cases & Case Items
    • Burp CO2 - A Collection Of Enhancements for Burp Suite
    • DDOSIM - Application Layer DDOS Simulator
    • IgorWare Hasher - Tool For Verifying The Integrity Of Downloaded Files
    • Havij - Automated SQL Injection Tool
    • Wireless Attack Toolkit - A Push-button Wireless Hacking & Man-In-The-Middle Attack Toolkit

    This post first appeared on Effect Hacking - Hacking Tools, How To Guides An, please read the originial post: here

    Share the post

    GitMiner - Tool for Advanced Content Search on Github


    Subscribe to Effect Hacking - Hacking Tools, How To Guides An

    Get updates delivered right to your inbox!

    Thank you for your subscription