diff --git a/dorks/github/emerging.yaml b/dorks/github/emerging.yaml new file mode 100644 index 0000000..37c9dae --- /dev/null +++ b/dorks/github/emerging.yaml @@ -0,0 +1,70 @@ +- id: deepseek-envfile + name: "DeepSeek API Key in .env files" + source: github + category: emerging + query: 'sk- extension:env "deepseek"' + description: "Finds DeepSeek API keys in .env files (sk- prefix near deepseek reference)" + tags: [deepseek, china, env, tier4] +- id: moonshot-envfile + name: "Moonshot (Kimi) Key in .env files" + source: github + category: emerging + query: 'sk- extension:env "moonshot"' + description: "Finds Moonshot / Kimi API keys in .env files" + tags: [moonshot, kimi, china, env, tier4] +- id: qwen-envfile + name: "Alibaba DashScope (Qwen) Key in .env files" + source: github + category: emerging + query: 'DASHSCOPE_API_KEY extension:env' + description: "Finds Alibaba Cloud DashScope (Qwen) keys in .env files" + tags: [qwen, alibaba, dashscope, china, env, tier4] +- id: zhipu-envfile + name: "Zhipu GLM Key in .env files" + source: github + category: emerging + query: 'ZHIPU_API_KEY extension:env' + description: "Finds Zhipu GLM API keys in .env files" + tags: [zhipu, glm, china, env, tier4] +- id: minimax-envfile + name: "MiniMax API Key in .env files" + source: github + category: emerging + query: 'MINIMAX_API_KEY extension:env' + description: "Finds MiniMax API keys in .env files" + tags: [minimax, china, env, tier4] +- id: pinecone-envfile + name: "Pinecone API Key in .env files" + source: github + category: emerging + query: 'PINECONE_API_KEY extension:env' + description: "Finds Pinecone vector DB keys in .env files" + tags: [pinecone, vectordb, env, tier6] +- id: weaviate-envfile + name: "Weaviate API Key in .env files" + source: github + category: emerging + query: 'WEAVIATE_API_KEY extension:env' + description: "Finds Weaviate vector DB keys in .env files" + tags: [weaviate, vectordb, env, tier6] +- id: qdrant-envfile + name: "Qdrant API Key in .env files" + source: github + category: emerging + query: 'QDRANT_API_KEY extension:env' + description: "Finds Qdrant vector DB keys in .env files" + tags: [qdrant, vectordb, env, tier6] +- id: chroma-envfile + name: "Chroma API Key in .env files" + source: github + category: emerging + query: 'CHROMA_API_KEY extension:env' + description: "Finds Chroma vector DB keys in .env files" + tags: [chroma, vectordb, env, tier6] +- id: writer-envfile + name: "Writer.com API Key in .env files" + source: github + category: emerging + query: 'WRITER_API_KEY extension:env' + description: "Finds Writer.com platform keys in .env files" + tags: [writer, env, tier6] diff --git a/dorks/github/enterprise.yaml b/dorks/github/enterprise.yaml new file mode 100644 index 0000000..f41e154 --- /dev/null +++ b/dorks/github/enterprise.yaml @@ -0,0 +1,35 @@ +- id: codeium-envfile + name: "Codeium API Key in .env files" + source: github + category: enterprise + query: 'CODEIUM_API_KEY extension:env' + description: "Finds Codeium AI coding assistant keys in .env files" + tags: [codeium, devtools, env, tier7] +- id: tabnine-envfile + name: "Tabnine Token in .env files" + source: github + category: enterprise + query: 'TABNINE_TOKEN extension:env' + description: "Finds Tabnine AI coding assistant tokens in .env files" + tags: [tabnine, devtools, env, tier7] +- id: databricks-envfile + name: "Databricks Token in .env files" + source: github + category: enterprise + query: 'DATABRICKS_TOKEN extension:env' + description: "Finds Databricks personal access tokens in .env files" + tags: [databricks, enterprise, env, tier9] +- id: snowflake-cortex + name: "Snowflake Cortex credentials" + source: github + category: enterprise + query: 'SNOWFLAKE_PASSWORD "cortex"' + description: "Finds Snowflake passwords adjacent to Cortex LLM references" + tags: [snowflake, cortex, enterprise, tier9] +- id: watsonx-envfile + name: "IBM watsonx API Key in .env files" + source: github + category: enterprise + query: 'WATSONX_APIKEY extension:env' + description: "Finds IBM watsonx API keys in .env files" + tags: [ibm, watsonx, enterprise, env, tier9] diff --git a/dorks/github/infrastructure.yaml b/dorks/github/infrastructure.yaml new file mode 100644 index 0000000..c2c3ec0 --- /dev/null +++ b/dorks/github/infrastructure.yaml @@ -0,0 +1,70 @@ +- id: openrouter-envfile + name: "OpenRouter Key in .env files" + source: github + category: infrastructure + query: 'sk-or-v1- extension:env' + description: "Finds OpenRouter gateway keys (sk-or-v1- prefix) in .env files" + tags: [openrouter, gateway, env, tier5] +- id: openrouter-pyfile + name: "OpenRouter Key in Python files" + source: github + category: infrastructure + query: 'sk-or-v1- extension:py' + description: "Finds OpenRouter gateway keys hard-coded in Python source" + tags: [openrouter, gateway, python, tier5] +- id: litellm-envfile + name: "LiteLLM Master Key in .env files" + source: github + category: infrastructure + query: 'LITELLM_MASTER_KEY extension:env' + description: "Finds LiteLLM proxy master keys in .env files" + tags: [litellm, proxy, env, tier5] +- id: portkey-envfile + name: "Portkey API Key in .env files" + source: github + category: infrastructure + query: 'PORTKEY_API_KEY extension:env' + description: "Finds Portkey gateway keys in .env files" + tags: [portkey, gateway, env, tier5] +- id: helicone-envfile + name: "Helicone Key in .env files" + source: github + category: infrastructure + query: 'sk-helicone- extension:env' + description: "Finds Helicone observability keys in .env files" + tags: [helicone, observability, env, tier5] +- id: cloudflare-ai-envfile + name: "Cloudflare AI Token in repos" + source: github + category: infrastructure + query: 'CF_API_TOKEN "ai.run"' + description: "Finds Cloudflare API tokens next to Workers AI ai.run references" + tags: [cloudflare, workers-ai, tier5] +- id: vercel-ai-envfile + name: "Vercel AI SDK Key in .env files" + source: github + category: infrastructure + query: 'VERCEL_AI extension:env' + description: "Finds Vercel AI SDK credentials in .env files" + tags: [vercel, env, tier5] +- id: ollama-config + name: "Ollama host in docker-compose" + source: github + category: infrastructure + query: 'OLLAMA_HOST filename:docker-compose.yaml' + description: "Finds exposed self-hosted Ollama instances in docker-compose files" + tags: [ollama, self-hosted, docker, tier8] +- id: vllm-config + name: "vLLM entrypoint in config.yaml" + source: github + category: infrastructure + query: 'vllm.entrypoints filename:config.yaml' + description: "Finds self-hosted vLLM deployments in config.yaml files" + tags: [vllm, self-hosted, tier8] +- id: localai-envfile + name: "LocalAI API Key in .env files" + source: github + category: infrastructure + query: 'LOCALAI_API_KEY extension:env' + description: "Finds LocalAI self-hosted gateway keys in .env files" + tags: [localai, self-hosted, env, tier8] diff --git a/pkg/dorks/definitions/github/emerging.yaml b/pkg/dorks/definitions/github/emerging.yaml new file mode 100644 index 0000000..37c9dae --- /dev/null +++ b/pkg/dorks/definitions/github/emerging.yaml @@ -0,0 +1,70 @@ +- id: deepseek-envfile + name: "DeepSeek API Key in .env files" + source: github + category: emerging + query: 'sk- extension:env "deepseek"' + description: "Finds DeepSeek API keys in .env files (sk- prefix near deepseek reference)" + tags: [deepseek, china, env, tier4] +- id: moonshot-envfile + name: "Moonshot (Kimi) Key in .env files" + source: github + category: emerging + query: 'sk- extension:env "moonshot"' + description: "Finds Moonshot / Kimi API keys in .env files" + tags: [moonshot, kimi, china, env, tier4] +- id: qwen-envfile + name: "Alibaba DashScope (Qwen) Key in .env files" + source: github + category: emerging + query: 'DASHSCOPE_API_KEY extension:env' + description: "Finds Alibaba Cloud DashScope (Qwen) keys in .env files" + tags: [qwen, alibaba, dashscope, china, env, tier4] +- id: zhipu-envfile + name: "Zhipu GLM Key in .env files" + source: github + category: emerging + query: 'ZHIPU_API_KEY extension:env' + description: "Finds Zhipu GLM API keys in .env files" + tags: [zhipu, glm, china, env, tier4] +- id: minimax-envfile + name: "MiniMax API Key in .env files" + source: github + category: emerging + query: 'MINIMAX_API_KEY extension:env' + description: "Finds MiniMax API keys in .env files" + tags: [minimax, china, env, tier4] +- id: pinecone-envfile + name: "Pinecone API Key in .env files" + source: github + category: emerging + query: 'PINECONE_API_KEY extension:env' + description: "Finds Pinecone vector DB keys in .env files" + tags: [pinecone, vectordb, env, tier6] +- id: weaviate-envfile + name: "Weaviate API Key in .env files" + source: github + category: emerging + query: 'WEAVIATE_API_KEY extension:env' + description: "Finds Weaviate vector DB keys in .env files" + tags: [weaviate, vectordb, env, tier6] +- id: qdrant-envfile + name: "Qdrant API Key in .env files" + source: github + category: emerging + query: 'QDRANT_API_KEY extension:env' + description: "Finds Qdrant vector DB keys in .env files" + tags: [qdrant, vectordb, env, tier6] +- id: chroma-envfile + name: "Chroma API Key in .env files" + source: github + category: emerging + query: 'CHROMA_API_KEY extension:env' + description: "Finds Chroma vector DB keys in .env files" + tags: [chroma, vectordb, env, tier6] +- id: writer-envfile + name: "Writer.com API Key in .env files" + source: github + category: emerging + query: 'WRITER_API_KEY extension:env' + description: "Finds Writer.com platform keys in .env files" + tags: [writer, env, tier6] diff --git a/pkg/dorks/definitions/github/enterprise.yaml b/pkg/dorks/definitions/github/enterprise.yaml new file mode 100644 index 0000000..f41e154 --- /dev/null +++ b/pkg/dorks/definitions/github/enterprise.yaml @@ -0,0 +1,35 @@ +- id: codeium-envfile + name: "Codeium API Key in .env files" + source: github + category: enterprise + query: 'CODEIUM_API_KEY extension:env' + description: "Finds Codeium AI coding assistant keys in .env files" + tags: [codeium, devtools, env, tier7] +- id: tabnine-envfile + name: "Tabnine Token in .env files" + source: github + category: enterprise + query: 'TABNINE_TOKEN extension:env' + description: "Finds Tabnine AI coding assistant tokens in .env files" + tags: [tabnine, devtools, env, tier7] +- id: databricks-envfile + name: "Databricks Token in .env files" + source: github + category: enterprise + query: 'DATABRICKS_TOKEN extension:env' + description: "Finds Databricks personal access tokens in .env files" + tags: [databricks, enterprise, env, tier9] +- id: snowflake-cortex + name: "Snowflake Cortex credentials" + source: github + category: enterprise + query: 'SNOWFLAKE_PASSWORD "cortex"' + description: "Finds Snowflake passwords adjacent to Cortex LLM references" + tags: [snowflake, cortex, enterprise, tier9] +- id: watsonx-envfile + name: "IBM watsonx API Key in .env files" + source: github + category: enterprise + query: 'WATSONX_APIKEY extension:env' + description: "Finds IBM watsonx API keys in .env files" + tags: [ibm, watsonx, enterprise, env, tier9] diff --git a/pkg/dorks/definitions/github/infrastructure.yaml b/pkg/dorks/definitions/github/infrastructure.yaml new file mode 100644 index 0000000..c2c3ec0 --- /dev/null +++ b/pkg/dorks/definitions/github/infrastructure.yaml @@ -0,0 +1,70 @@ +- id: openrouter-envfile + name: "OpenRouter Key in .env files" + source: github + category: infrastructure + query: 'sk-or-v1- extension:env' + description: "Finds OpenRouter gateway keys (sk-or-v1- prefix) in .env files" + tags: [openrouter, gateway, env, tier5] +- id: openrouter-pyfile + name: "OpenRouter Key in Python files" + source: github + category: infrastructure + query: 'sk-or-v1- extension:py' + description: "Finds OpenRouter gateway keys hard-coded in Python source" + tags: [openrouter, gateway, python, tier5] +- id: litellm-envfile + name: "LiteLLM Master Key in .env files" + source: github + category: infrastructure + query: 'LITELLM_MASTER_KEY extension:env' + description: "Finds LiteLLM proxy master keys in .env files" + tags: [litellm, proxy, env, tier5] +- id: portkey-envfile + name: "Portkey API Key in .env files" + source: github + category: infrastructure + query: 'PORTKEY_API_KEY extension:env' + description: "Finds Portkey gateway keys in .env files" + tags: [portkey, gateway, env, tier5] +- id: helicone-envfile + name: "Helicone Key in .env files" + source: github + category: infrastructure + query: 'sk-helicone- extension:env' + description: "Finds Helicone observability keys in .env files" + tags: [helicone, observability, env, tier5] +- id: cloudflare-ai-envfile + name: "Cloudflare AI Token in repos" + source: github + category: infrastructure + query: 'CF_API_TOKEN "ai.run"' + description: "Finds Cloudflare API tokens next to Workers AI ai.run references" + tags: [cloudflare, workers-ai, tier5] +- id: vercel-ai-envfile + name: "Vercel AI SDK Key in .env files" + source: github + category: infrastructure + query: 'VERCEL_AI extension:env' + description: "Finds Vercel AI SDK credentials in .env files" + tags: [vercel, env, tier5] +- id: ollama-config + name: "Ollama host in docker-compose" + source: github + category: infrastructure + query: 'OLLAMA_HOST filename:docker-compose.yaml' + description: "Finds exposed self-hosted Ollama instances in docker-compose files" + tags: [ollama, self-hosted, docker, tier8] +- id: vllm-config + name: "vLLM entrypoint in config.yaml" + source: github + category: infrastructure + query: 'vllm.entrypoints filename:config.yaml' + description: "Finds self-hosted vLLM deployments in config.yaml files" + tags: [vllm, self-hosted, tier8] +- id: localai-envfile + name: "LocalAI API Key in .env files" + source: github + category: infrastructure + query: 'LOCALAI_API_KEY extension:env' + description: "Finds LocalAI self-hosted gateway keys in .env files" + tags: [localai, self-hosted, env, tier8]