APT
@APT_Notes
12.5K subscribers
550 photos
27 videos
24 files
889 links
This channel discusses:

— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc

Disclaimer:
t.iss.one/APT_Notes/6

Chat Link:
t.iss.one/APT_Notes_PublicChat
Download Telegram
About
Blog
Apps
Platform
Join
APT
12.5K subscribers
APT
GitHub Dorks

https://shahjerry33.medium.com/github-recon-its-really-deep-6553d6dfbb1f

#bugbounty #OSINT #dorks #github
242 views
APT
🔍 GitHub Dorks

Many people ask me how to do GitHub reconnaissance, find credentials and other information Pentest or RedTeam might need.
This post will look at some ways to search GitHub.

#github #dorks #recon #osint
🔥6👍1
2.34K views
APT
👩‍💻 Anyone can Access Deleted and Private Repository Data on GitHub

You can access data from deleted forks, deleted repositories and even private repositories on GitHub. And it is available forever. This is known by GitHub, and intentionally designed that way. Cross Fork Object Reference (CFOR) vulnerability occurs when one repository fork can access sensitive data from another fork (including data from private and deleted forks).

— Deleted Fork Data: Still accessible.
— Deleted Repo Data: Commits remain.
— Private Repo Data: Can become public.

🔗 Research:
https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github

#github #private #repo #cfor
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥156👍4👏1
6.28K views