Hunt for sensitive information through githubs code search.
- Linux
- Once you perform a search a *.code.dump file will be made within your current working containing all of the code that your search has provided.
[GWF Certified] - https://twitter.com/GuerrillaWF
./treasure.py hunt | interactively search for something.
./treasure.py ssh [USERNAME] | Grab a users Public SSH Key(s) if available.
./treasure.py -e [FILE] iat | Grab instagram access tokens.
./treasure.py -e [FILE] ipv4 | Grab ipv4 addresses.
./treasure.py -e [FILE] ipv6 | Grab ipv6 addresses.
./treasure.py -e [FILE] btc | Grab bitcoin wallet addresses.
./treasure.py -e [FILE] bid | Grab blockchain identifiers.
./treasure.py -e [FILE] fat | Grab facebook access tokens.
What can it extract from your code dump ?
- ipv4, ipv6 addresses
- instagram access tokens
- bitcoin wallet addresses
- facebook access tokens
- blockchain identifiers
- 17vorVqtJqbDaN6ZC6UGE7UwGC4QVmDNMh