Skip to content

Instantly share code, notes, and snippets.

View CrazyJack1975's full-sized avatar

CrazyJack1975

16 followers · 55 following
View GitHub Profile
@win3zz
win3zz / GitHub-Leaked-API-Keys-and-Secrets.md
Last active April 18, 2025 20:57

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

@Neo23x0
Neo23x0 / cyber-security-blogs.txt
Created September 10, 2022 13:49
Cyber Security Blogs
https://thedfirreport.com/
https://www.zerodayinitiative.com/blog/
https://codewhitesec.blogspot.com/
https://www.digitalshadows.com/blog-and-research/
https://blog.talosintelligence.com/
https://www.riskiq.com/blog/
https://www.sekoia.io/en/blog-sekoia-io/
https://www.nextron-systems.com/blog/
https://www.microsoft.com/security/blog/
https://blog.truesec.com/
@awakecoding
awakecoding / Get-RdpLogonEvent.ps1
Created September 7, 2022 01:20
function Get-RdpLogonEvent
{
[CmdletBinding()]
param(
[Int32] $Last = 10
)
$RdpInteractiveLogons = Get-WinEvent -FilterHashtable @{
LogName='Security'
ProviderName='Microsoft-Windows-Security-Auditing'
@jfmaes
jfmaes / ssl-scraper.py
Last active September 10, 2021 16:52
extract hostnames based on SSL certificates
#!/usr/bin/python
import requests
from socket import *
from requests.packages.urllib3.contrib import pyopenssl as reqs
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
import argparse
import ipaddress
#import asyncio
@OTaKuHP
OTaKuHP / Bug Bounty payloads.md
Created June 27, 2021 03:57
@OTaKuHP
OTaKuHP / Bug Bounty Checklist and Cheatsheets.md
Created June 11, 2021 03:42
@svch0stz
svch0stz / scanning_cobaltstrike_config.csv
Created May 6, 2021 10:55
scanning_cobaltstrike_config.csv
We can make this file beautiful and searchable if this error is corrected: Unclosed quoted field in line 5.
ip,port,time_scanned,arch,Beacon Type,Port,Polling,Jitter,Max DNS,C2 Server,User Agent,HTTP Method Path 2,Header 1,Header 2,Injection Process,Pipe Name,Year,Month,Day,DNS Idle,DNS Sleep,Method 1,Method 2,Spawn To,Proxy Hostname,Proxy Username,Proxy Password,Proxy Access Type,CreateRemoteThread,Watermark
185.20.186.108,443,1.62002E+12,x86,8 (HTTPS),443,5000,0,,"185.20.186.108,/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books",,/N4215/adj/amzn.us.sr.aps,,,,,,,,,,GET,POST,%windir%\syswow64\rundll32.exe,,,,,,1359593325
185.20.186.108,443,1.62002E+12,x64,8 (HTTPS),443,5000,0,,"185.20.186.108,/s/ref=nb_sb_noss_1/167-3294888-0262949/field-keywords=books",,/N4215/adj/amzn.us.sr.aps,,,,,,,,,,GET,POST,%windir%\sysnative\rundll32.exe,,,,,,1359593325
213.202.211.246,80,1.62002E+12,x86,0 (HTTP),80,10000,5,,"213.202.211.246,/metro91/admin/1/ppptp.jpg",,/metro91/admin/1/secure.php,,,,,,,,,,GET,POST,%windir%\syswow64\rundll32.exe,,,,,,0
213.202.211.246,80,1.62002E+12,x64,0 (HTTP),80,10000,5,,"213.202.211.246,/metr
@ha3ks
ha3ks / maderas.txt
Created July 28, 2020 14:55 — forked from heywoodlh/maderas.txt
Clone of the arsenal, armory & library by Maderas (@hackermaderas) -- https://pastebin.com/v8Mr2k95
The arsenal, armory & library by Maderas (@hackermaderas, #CyberpunkisNow) 6/8/2019
Original / 1st version here: https://pastebin.com/rMw4WbhX
___________________________________________________________________________________
# Basic knowledge requirements for Red Teaming, PenTesting, Hacking & Cybersecurity
# These are the basic competencies expected (and tested for during the in-person technical interview) by one of the largest, most visible InfoSec companies # on Earth.
@m8sec
m8sec / oscp_payload_generator.sh
Last active July 27, 2024 10:44
#!/usr/bin/env bash
# Script to quickly and easily create non-meterpreter payloads for the OSCP
# @m8sec
# Note: It is recommeneded to create a new directory before running this
# script. All payloads will be placed in the current directory
IP="127.0.0.1" # <YOUR IP HERE>
PORT=443 # You may have to change this if there are outbound restrictions on the target ;)
@0xtornado
0xtornado / 0_CyberChef_CobaltStrike_Shellcode_Decoder_Recipe
Created April 30, 2020 14:11
CyberChef recipe to extract and decode Shellcode from a Cobalt Strike beacon
[{"op":"Conditional Jump","args":["bxor",false,"Decode_Shellcode",10]},{"op":"Label","args":["Decode_beacon"]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"Decode text","args":["UTF-16LE (1200)"]},{"op":"Regular expression","args":["User defined","[a-zA-Z0-9+/=]{30,}",true,true,false,false,false,false,"List matches"]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"Gunzip","args":[]},{"op":"Label","args":["Decode_Shellcode"]},{"op":"Regular expression","args":["User defined","[a-zA-Z0-9+/=]{30,}",true,true,false,false,false,false,"List matches"]},{"op":"Conditional Jump","args":["",false,"",10]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"XOR","args":[{"option":"Decimal","string":"35"},"Standard",false]}]