"Subdomains" github dork automation script.
By the increasing number of sub-domains for a target, it is getting harder to check for every sub-domain in the github search manually. Hence the script which needs the file of subdomains and performs the code search on github with the results so we could find secrets at sneaky places.
python3 github.py -h
usage: github.py [-h] -f FILE
Quick script to find github code searches for each subdomain
optional arguments:
-h, --help show this help message and exit
-f FILE, --file FILE the file consisting of subdomains
Python3+
Install chromedriver
MAC - brew cask install chromedriver
Linux - sudo apt install chromium-chromedriver
On MAC you might face this Error: "chromedriver" cannot be opened because the developer cannot be verified. Unable to launch the chrome browser
Suggested Fix : xattr -d com.apple.quarantine /usr/local/bin/chromedriver
Clone the repo git clone https://github.com/Rnalter/SubGitter && cd SubGitter/
Install project dependencies pip install -r requirements.txt
Update email and password in Github.py vi github.py
Run the tool via python github.py --help
python github.py -f subdomains.txt
By default, runs chrome headless, in case you want see the browser performing the queries, comment out options.add_argument("--headless") line in github.py
python3 github.py -f subdomains.txt
4 for aclpushdb.ops.yahoo.com
14 for alms.ops.yahoo.com
1 for alpha.coname.ops.yahoo.com
2 for amf.ops.yahoo.com
1 for analytics.edge.ops.yahoo.com
0 for api-prod.vip.ops.yahoo.com
1 for api.brooklyn.ops.yahoo.com
4+ for api.cm.ops.yahoo.com
