Skip to content

dwisiswant0/gf-secrets

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
.gf
.gf
 
 
.github
.github
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
gf-secrets.bash
gf-secrets.bash
 
 
gf-secrets.sh
gf-secrets.sh
 
 

Repository files navigation

🔑 gf-secrets

Secret and/or credential patterns used for gf.

Requirements ✨

Getting started 💫

Clone this repository.

▶ git clone https://github.com/dwisiswant0/gf-secrets

Then copy all JSON pattern files into ~/.gf directory.

cd gf-secrets/
▶ cp -a .gf/ $HOME

See also:

  • secpat2gf: convert secret patterns to gf compatible.

Workaround ♻️

Finding for testing point with gau and fff.

▶ gau -subs [host] | cut -d"?" -f1 | grep -E "\.js(onp?)?$" | tee urls.txt
▶ sort -u urls.txt | fff -s 200 -o out/

After we save response from known URLs, it's time to digging for secrets.

Usage 💬

▶ ./gf-secrets.sh

You will see stdout results in your terminal if grep recursively turns match.

Contributing 👥

contributions

If you find a general pattern for secrets and/or credentials, feel free to open pull request. 💚

License 📄

The JSON files and documentation in this project are released under the MIT License.

Tools used with this project include third party materials.

Twitter Follow

About

Secret and/or credential patterns used for gf.

Topics

crawler infosec bugbounty wayback-machine wayback alienvault-otx gf trufflehog gitleaks secrets-detection waybackurl gau open-threat-exchange trufflehog3

Resources

Readme

License

MIT license
Activity

Stars

232 stars

Watchers

5 watching

Forks

50 forks
Report repository

Sponsor this project

 
Learn more about GitHub Sponsors

Contributors 2

  •  
  •  

Languages