OSINT tool to get information from a github profile and find GitHub user’s email addresses leaked on commits.
GitHub uses the email address associated with a GitHub account to link commits and other activity to a GitHub profile. When a user makes commits to public repos their email address is usually published in the commit and becomes publicly accessible, if you know where to look.
GitHub provide some instructions on how to prevent this from happening, but it seems that most GitHub users either don’t know or don’t care that their email address may be exposed.
Finding a GitHub user’s email address is often as simple as looking at their recent events via the GitHub API.
Idea and text from Nick Drewe.
git clone https://github.com/GONZOsint/gitrecon.git
python3 -m pip install -r requirements.txt
It is possible to use a Github access token by editing line 23 of the gitrecon.py file
token = '<Access token here>'
usage: gitrecon.py [-h] [-a] [-o] username
-h, --help show this help message and exit
-a, --avatar download avatar pic
-o, --output save output as json
- Profile info
- User ID
- Avatar url
- Gravatar ID
- Twitter username
- Created at
- Updated at
- Extract Orgs
- Search for leaked emails on commits
To avoid this type of leaks, certain configurations can be made on Github:
Settings url: https://github.com/settings/emails
Keep my email addresses private
Block command line pushes that expose my email