Github password attack
by V1NC3NT - December 10, 2020 at 04:16 PM
[Image: GH2op5P.gif]
Attack on passwords and repository keys from Github

With the trufflehog tool, you can attack the repository of your choice by looking for passwords, keys, and other sensitive data. It often happens that developers accidentally leave passwords and keys in the source code, but even if they delete them, trufflehog, thanks to a complete analysis, manages to find and recover them. Let's proceed to the installation:

Downloading Kali Linux

We go into the terminal and write the commands for installing trufflehog:
sudo pip3 install truffleHog

The main command that displays all the functions of the tool.

truffleHog --regex --entropy=False url repository
The main command of the attack on the repository

[Image: GH2op5P.gif]

 Users browsing this thread: 1 Guest(s)