Skip to content

dwisiswant0/gf-secrets

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.gf
 
 
 
 
 
 
 
 

🔑 gf-secrets

Secret and/or credential patterns used for gf.

Requirements ✨

Getting started 💫

Clone this repository.

▶ git clone https://github.com/dwisiswant0/gf-secrets

Then copy all JSON pattern files into ~/.gf directory.

▶ cd gf-secrets/
▶ cp -a .gf/ $HOME

See also:

  • secpat2gf: convert secret patterns to gf compatible.

Workaround ♻️

Finding for testing point with gau and fff.

▶ gau -subs [host] | cut -d"?" -f1 | grep -E "\.js(onp?)?$" | tee urls.txt
▶ sort -u urls.txt | fff -s 200 -o out/

After we save response from known URLs, it's time to digging for secrets.

Usage 💬

▶ ./gf-secrets.sh

You will see stdout results in your terminal if grep recursively turns match.

Contributing 👥

contributions

If you find a general pattern for secrets and/or credentials, feel free to open pull request. 💚

License 📄

The JSON files and documentation in this project are released under the MIT License.

Tools used with this project include third party materials.

Twitter Follow