Search For Information Leaks On Github Using Grep.App

Using grep.app to gather sensitive information.

Background:

grep.app allows you to search across a half million git repositories.

An information leakage is when confidential or sensitive data is unintentionally exposed online. This can happen, for example, when a user publishes their codebase on GitHub without taking adequate security precautions. Sensitive data that can be exposed in this way includes login credentials, passwords, and credit card numbers.

Exercise:

Use grep.app to search for information leaks.

Hint: Search for code, not keywords. For example: password = "

Example:

Looking up keywords on this site allows you to search through repositories looking for sensitive information. For example...

Passwords

Private Keys:

Login Credentials:

Credit Cards:

Always remember to remain ethical in your decision making especially when dealing with sensitive information.