文章首发于个人博客：https://mybeibei.net，点击最下方“阅读原文”可直接跳转查看。

搜索文件：

filename:manifest.xml
filename:travis.yml
filename:vim_settings.xml
filename:database
filename:prod.exs NOT prod.secret.exs
filename:prod.secret.exs
filename:.npmrc _auth
filename:.dockercfg auth
filename:WebServers.xml
filename:.bash_history <Domain name>
filename:sftp-config.json
filename:sftp.json path:.vscode
filename:secrets.yml password
filename:.esmtprc password
filename:passwd path:etc
filename:dbeaver-data-sources.xml
path:sites databases password
filename:config.php dbpasswd
filename:prod.secret.exs
filename:configuration.php JConfig password
filename:.sh_history
shodan_api_key language:python
filename:shadow path:etc
JEKYLL_GITHUB_TOKEN
filename:proftpdpasswd
filename:.pgpass
filename:idea14.key
filename:hub oauth_token
HEROKU_API_KEY language:json
HEROKU_API_KEY language:shell
SF_USERNAME salesforce
filename:.bash_profile aws
extension:json api.forecast.io
filename:.env MAIL_HOST=smtp.gmail.com
filename:wp-config.php
extension:sql mysql dump
filename:credentials aws_access_key_id
filename:id_rsa or filename:id_dsa

从指定语言中搜索：

language:python username
language:php username
language:sql username
language:html password
language:perl password
language:shell username
language:java api
HOMEBREW_GITHUB_API_TOKEN language:shell

搜索API Keys、Tokens以及密码：

api_key
“api keys”
authorization_bearer:
oauth
auth
authentication
client_secret
api_token:
“api token”
client_id
password
user_password
user_pass
passcode
client_secret
secret
password hash
OTP
user auth

搜索用户名：

user:name (user:admin)
org:name (org:google type:users)
in:login (<username> in:login)
in:name (<username> in:name)
fullname:firstname lastname (fullname:<name> <surname>)
in:email (data in:email)

通过日期搜索：

created:<2012–04–05
created:>=2011–06–12
created:2016–02–07 location:iceland
created:2011–04–06..2013–01–14 <user> in:username

通过扩展搜索：

extension:pem private
extension:ppk private
extension:sql mysql dump
extension:sql mysql dump password
extension:json api.forecast.io
extension:json mongolab.com
extension:yaml mongolab.com
[WFClient] Password= extension:ica
extension:avastlic “support.avast.com”
extension:json googleusercontent client_secret

利用工具搜索：

1、TruggleHog :

https://github.com/dxa4481/truffleHog

使用方法示例：

python3 trufflehog.py --regex --entropy=False

2、Github-Dorks :

https://github.com/techgaun/github-dorks

使用方法示例：

python github-dork.py -u <username>

3、 Watchtower ：

https://radar.nightfall.ai/

使用方法示例：

注册账号或直接使用Github账号登录，然后输入目标URL，选择Scan，等待结果即可。

4、其它自动化工具：

https://github.com/BishopFox/GitGot

https://github.com/Talkaboutcybersecurity/GitMonitor

https://github.com/michenriksen/gitrob

https://github.com/tillson/git-hound

https://github.com/kootenpv/gittyleaks

https://github.com/awslabs/git-secrets 

https://git-secret.io/

感谢阅读，如果觉得还不错的话，欢迎分享给更多喜爱的朋友～

====正文结束====

原文始发于微信公众号（骨哥说事）：【收藏】深度挖掘-Github Dork