Jump to content
Fi8sVrs

GitMiner – Advanced Tool For Mining Github

Recommended Posts

  • Active Members
Posted

68747470733a2f2f332e62702e626c6f6773706f

 

 + Autor: Danilo Vaz a.k.a. UNK
 + Blog: http://unk-br.blogspot.com
 + Github: http://github.com/danilovazb
 + Twitter: https://twitter.com/danilovaz_unk

 

WARNING

 +---------------------------------------------------+
 | DEVELOPERS ASSUME NO LIABILITY AND ARE NOT        |
 | RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY    |
 | THIS PROGRAM                                      |
 +---------------------------------------------------+

 

Description

Advanced search tool and automation in Github.
This tool aims to facilitate research by code or code 
snippets on github through the site's search page.

 

Motivation

Demonstrates the fragility of trust in public repositories to store codes with sensitive information.

 

Requirements

lxml
requests

 

Install:

git clone http://github.com/danilovazb/GitMiner

sudo apt-get install python-requests python-lxml 
OR
pip install -r requirements.txt

Help:

usage:


 ██████╗ ██╗████████╗███╗   ███╗██╗███╗   ██╗███████╗██████╗ 
██╔════╝ ██║╚══██╔══╝████╗ ████║██║████╗  ██║██╔════╝██╔══██╗
██║  ███╗██║   ██║   ██╔████╔██║██║██╔██╗ ██║█████╗  ██████╔╝
██║   ██║██║   ██║   ██║╚██╔╝██║██║██║╚██╗██║██╔══╝  ██╔══██╗
╚██████╔╝██║   ██║   ██║ ╚═╝ ██║██║██║ ╚████║███████╗██║  ██║
 ╚═════╝ ╚═╝   ╚═╝   ╚═╝     ╚═╝╚═╝╚═╝  ╚═══╝╚══════╝╚═╝  ╚═╝ v1.1
 Automatic search for GitHub.                                                            

 + Autor: Danilo Vaz a.k.a. UNK
 + Blog: http://unk-br.blogspot.com
 + Github: http://github.com/danilovazb
 + Gr33tz: l33t0s, RTFM

 +[WARNING]------------------------------------------+
 | THIS TOOL IS THE PENALTY FOR EDUCATIONAL USE,     |
 | THE AUTHOR IS NOT RESPONSIBLE FOR ANY DAMAGE TO   |
 | THE TOOL THAT USE.                                |
 +---------------------------------------------------+


       [-h] [-q 'filename:shadown path:etc']
       [-m wordpress] [-o result.txt]

optional arguments:
  -h, --help            show this help message and exit
  -q 'filename:shadown path:etc', --query 'filename:shadown path:etc'
                        Specify search term
  -m wordpress, --module wordpress
                        Specify the search module
  -o result.txt, --output result.txt
                        Specify the output file where it will be
                        saved

 

Example:

Searching for wordpress configuration files with passwords:

$:> python git_miner.py -q 'filename:wp-config extension:php FTP_HOST in:file ' -m wordpress -o result.txt

68747470733a2f2f322e62702e626c6f6773706f

 

Looking for brasilian government files containing passwords:

$:> python git_miner.py --query 'extension:php "root" in:file AND "gov.br" in:file' -m senhas

Looking for shadow files on the etc paste:

$:> python git_miner.py --query 'filename:shadow path:etc' -m root

Searching for joomla configuration files with passwords:

$:> python git_miner.py --query 'filename:configuration extension:php "public password" in:file' -m joomla

68747470733a2f2f332e62702e626c6f6773706f

 

Hacking SSH Servers:

 

 

Download: GitMiner-master.zip

 

Source: https://github.com/UnkL4b/GitMiner

  • Upvote 2

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...