3. Finding Secrets

### File search:
Searching for KeePass databases:

Get-ChildItem -Path C:\ -Include *.kdbx -File -Recurse -ErrorAction SilentlyContinue

Searching for XAMPP configuration files:

Get-ChildItem -Path C:\xampp -Include *.txt,*.ini -File -Recurse -ErrorAction SilentlyContinue

Searching for user-created text files in home directory:

Get-ChildItem -Path C:\Users\<username>\ -Include *.txt,*.pdf,*.xls,*.xlsx,*.doc,*.docx -File -Recurse -ErrorAction SilentlyContinue

Searching for files in all user directories:

Get-ChildItem -Path C:\Users\ -File -Recurse -ErrorAction SilentlyContinue

Searching for passwords in config files and scripts:

Get-ChildItem -Path D:\ -Include *.config,*.ps1,*.xml,*.ini,*.txt -File -Recurse -ErrorAction SilentlyContinue | Select-Object -ExpandProperty Name > configs.txt
cat configs.txt | findstr -i password

Environment Variables:

ls env:
dir env:

Git repositories:

#Find repos:
Get-ChildItem -Path C:\ -Attributes Directory+Hidden -ErrorAction SilentlyContinue -Filter ".git" -Recurse

#Check status of repo (from inside repo):
git status

#Check commits:
git log

#Examine commit:
git show <commit-id>

#Examine difference between commits:
git diff <commit-id>