Byte-Sized OSINT Tip: GitHub
GitHub is an incredible tool for developers. Hosting a plethora of open-source tools, personal projects, and company data, GitHub is a great place to start any OSINT operation, red-team engagement, bug bounty recon, or penetration test. But why is GitHub such a wealth of knowledge for hackers? Several reasons:
- Many developers hard-code ‘secrets’, or pieces of information such as API keys, passwords, AWS tokens, and more into these repositories. If you have these secrets and they are still active, you can get access to whatever program the secret is for.
- Many companies host at least some of their projects on GitHub. It’s a great way to learn about what languages and frameworks they use as well as to analyze their programming style.
- Many developers put what company (or companies!) they work for in their profile, and in a companies’ GitHub organization, you can see who pushed what parts of the code. Furthermore, this information can help you launch a successful phishing and/or social engineering operation, as part of an authorized red-team engagement of course.
- There are many tools made to scan these repositories, profiles, and organizations for code vulnerabilities and secrets as part of a red-team engagement, bug bounty, or penetration test.
So how should you get started?
Simply search for the company, program, or person you are looking for. Look at the different profiles, organizations, and repositories that come up. Then, use tools like snyk and trufflehog to scan the repositories for exposed secrets and vulnerabilities.
Hopefully you found this Byte-Sized OSINT tip useful. Be sure to ‘clap’ for this story and share it with someone else if you found it useful!
Megan Howell (CyberQueenMeg) is a cybersecurity student at Grand Canyon University and an Offensive Security Intern at Cisco Systems. She is a bug bounty hunter, has been featured in Forbes Magazine for her work in AI Bias hunting, open source contributor to programs like BeeF and BlackArch Linux, former DefCon speaker, SkillsUSA Cybersecurity national competitor, National Cyber Scholar, and Cyber Patriot competitor. You can find her social media profiles at linktr.ee/cyberqueenmeg.
DISCLAIMER
The information presented above can be used for both beneficial and malicious purposes. I do not condone or endorse the use of this information for malicious purposes and will fully support the prosecution of those who use the information presented above in a manner that violates the law. You are only authorized to utilize this information on your own systems or on systems you are explicitly authorized to penetration test or perform bug bounties on. If you use this exploit in a malicious manner, you will be charged and prosecuted to the full extent of the laws surrounding unethical hacking and cyber crime.
