DumpTheGit: Find Sensitive Information Uploaded to the Github Repositories [Blackhat Europe Tool]

Tools & Scripts
, ,
1

image
image1024×619 205 KB

DumpTheGit

DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.

The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens, etc which have been accidentally uploaded by the developers. DumpTheGit just requires your Github Access Token to fetch the information.

INSTALL

  1. Download the DumpTheGit repository into your system: git clone https://github.com/Securityautomation/DumpTheGit.git
  2. Move the repository’s file in your webserver(example: Tomcat, XAMPP, LAMP, default(MAC apache), etc.)
  3. Open the index.html to access the tool.

Screenshots

KeywordSearch

image
image2048×454 84.2 KB

Output

image
image2048×1238 579 KB

GitHub Link: https://github.com/Securityautomation/DumpTheGit

15 Likes