search

BishopFox / GitGot

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
GNU Lesser General Public License v3.0
1.45k stars 207 forks source link

Additional Keys / Urls to look for. #1

Closed RandomRobbieBF closed 5 years ago

RandomRobbieBF commented 5 years ago

Hey,

I seen this was a new project but thought i might be able to help a little with some additional finds.

https://github.com/streaak/keyhacks https://github.com/random-robbie/keywords/blob/master/keywords.txt

Hope they help :)

the-bumble commented 5 years ago

Hi RandomRobbie,

Thank you for the suggestions! Those are great resources. I'd be curious to see what keywords you found to work best with the tool. I'm hesitant to include additional keywords to the default regex list because it will add computation O(n) to every result for every user using the default list.

If there are particular keywords you'd like to see added in the default list, I'd love to see your suggestions! Otherwise, if you have a set of keywords that might be a strong candidate for a secondary regex list e.g., a PII regex list with keywords like SSN, Date of Birth, etc. that would be cool, too!

the-bumble commented 5 years ago

Feel free to reopen if you have any specific suggestions! Until then I'll be sure to look through these lists. Thank you!