Gitrecon – OSINT Tool To Get Information From A Github Profile And Find GitHub User’S Email Addresses Leaked On Commits

OSINT tool to get information from a github profile and find GitHub user’s email addresses leaked on commits. How does this work? GitHub uses the email address associated with a GitHub account to link commits and other activity to a GitHub profile. When a user makes commits to public repos their email address is usuallyRead More

Git-Wild-Hunt – A Tool To Hunt For Credentials In Github Wild AKA Git*Hunt

A tool to hunt for credentials in the GitHub wild AKA git*hunt Getting started Install the tool Configure your GitHub token Search for credentials See results cat results.json | jq  Installation requirements: virtualenv, python3 git clone https://github.com/d1vious/git-wild-hunt && cd git-wild-hunt clone project and cd into the project dir pip install virtualenv && virtualenv -pRead More

Sigurls – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine

sigurls is a reconnaissance tool, it fetches URLs from AlienVault’s OTX, Common Crawl, URLScan, Github and the Wayback Machine. Usage To display help message for sigurls use the -h flag: $ sigurls -h _ _ ___(_) __ _ _ _ _ __| |___/ __| |/ _` | | | | ‘__| / __|__ | (_|Read More

GitDorker – A Tool To Scrape Secrets From GitHub Through Usage Of A Large Repository Of Dorks

GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I’ve compiled from various sources to provide an overview of sensitive information stored on github given a search query. The Primary purpose of GitDorker is to provide the user with a clean and tailored attack surface toRead More

Commit Stream – OSINT Tool For Finding Github Repositories By Extracting Commit Logs In Real Time From The Github Event API

commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github repositories in real time.OSINT / Recon uses for Redteamers / Bug bounty hunters: Uncover repositories which employees of a target company is commiting code (filter by email domain) Identify repositories belonging to an individual (filterRead More

GitMonitor – A Github Scanning System To Look For Leaked Sensitive Information Based On Rules

GitMonitor is a Github scanning system to look for leaked sensitive information based on rules. I know that there are a lot of very good other tools for finding sensitive information leaked on Github right now, I myself currently still use some of them. However, I think they still lack some features like: A scanningRead More

Git-Hound v1.1 – GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System

A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit history searching, and a unique result scoring system. GitHound has earned me over $7500 applied to Bug Bounty research. Corporate and Bug Bounty Hunter use cases are outlined below.Features GitHub/Gist code searching. This enablesRead More

X