{"id":13625880,"url":"https://github.com/FeeiCN/GSIL","last_synced_at":"2025-04-16T10:33:35.262Z","repository":{"id":41754933,"uuid":"106538615","full_name":"FeeiCN/GSIL","owner":"FeeiCN","description":"GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）","archived":true,"fork":false,"pushed_at":"2023-11-28T09:50:29.000Z","size":122,"stargazers_count":2130,"open_issues_count":7,"forks_count":488,"subscribers_count":61,"default_branch":"master","last_synced_at":"2025-01-17T18:45:05.148Z","etag":null,"topics":["security-scanner","security-tools","sensitive-data","sensitive-data-security"],"latest_commit_sha":null,"homepage":"https://feei.cn/gsil/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FeeiCN.png","metadata":{"files":{"readme":"README-zh.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-10-11T10:14:57.000Z","updated_at":"2025-01-10T05:53:02.000Z","dependencies_parsed_at":"2024-01-03T04:08:51.655Z","dependency_job_id":"be8bf653-90d8-48ee-8700-f43e9d113d59","html_url":"https://github.com/FeeiCN/GSIL","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FeeiCN%2FGSIL","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FeeiCN%2FGSIL/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FeeiCN%2FGSIL/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FeeiCN%2FGSIL/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FeeiCN","download_url":"https://codeload.github.com/FeeiCN/GSIL/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249228273,"owners_count":21233852,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["security-scanner","security-tools","sensitive-data","sensitive-data-security"],"created_at":"2024-08-01T21:02:04.454Z","updated_at":"2025-04-16T10:33:34.986Z","avatar_url":"https://github.com/FeeiCN.png","language":"Python","readme":"# GSIL(GitHub敏感信息泄露)\n\n[English documents](https://github.com/FeeiCN/GSIL/blob/master/README.md)\n\n\u003e 近实时监控GitHub敏感信息泄露，并发送告警通知。\n\n## 安装\n\n\u003e 仅在Python3下验证过\n\n```bash\n$ git clone https://github.com/FeeiCN/GSIL.git\n$ cd GSIL/\n$ pip install -r requirements.txt\n```\n\n## 配置\n\n### GSIL/config.gsil(复制config.gsil.cfg.example并重命名config.gsil.cfg): 告警邮箱和Github配置\n\n```\n[mail]\nhost : smtp.exmail.qq.com\n# SMTP端口(非SSL端口，但会使用TLS加密)\nport : 25\n# 多个发件人使用逗号(,)分隔\nmails : gsil@feei.cn\nfrom : GSIL\npassword : your_password\n# 多个收件人使用逗号(,)分隔\nto : feei@feei.cn\n\n[github]\n# 扫描到的漏洞仓库是否立刻Clone到本地（~/.gsil/codes/）\n# 此选项用作监控其它厂商，避免因为仓库所有者发现后被删除\nclone: false\n\n# GitHub Token用来调用相关API，多个Token使用逗号(,)分隔\n# https://github.com/settings/tokens\n# GitHub已调整最新的速度限制，请求数量大幅降低，单账户多Token将共享限速，详见https://docs.github.com/en/rest/reference/search#rate-limit 以及 https://docs.github.com/en/rest/reference/rate-limit\n# 建议你根据关键词数量配置多个GitHub账户的Token以避免超速\ntokens : your_token\n```\n\n### GSIL/rules.gsil(复制rules.gsil.yaml.example并重命名rules.gsil.yaml): 扫描规则\n\n\u003e 规则一般选用内网独立的特征，比如蘑菇街的外网是mogujie.com，蘑菇街的内网是mogujie.org，则可以将mogujie.org作为一条规则。\n\n\u003e 其它还有类似代码头部特征、外部邮箱特征等\n\n| 字段 | 意义 | 选填 | 默认 | 描述 |\n| --- | --- | --- | --- | --- |\n| keyword | 关键词 | 必填 | - | 多个关键词可以用空格，比如‘账号 密码’；某些关键字出现的结果非常多，所以需要精确搜索时可以用双引号括起来，比如‘”ele.me“’；|\n| ext | 指定文件后缀 | 可选 | 全部后缀 | 多个后缀可以使用英文半角逗号（,）分隔，比如`java,php,python` |\n| mode |  匹配模式 | 可选 | 正常匹配(normal-match) | 正常匹配(normal-match)：匹配包含keyword的行，并记录该行附近行 / 仅匹配(only-match)：仅匹配包含keyword行 / 全部匹配(full-match)（不推荐使用）：搜出来的整个问题都算作结果 |\n\n```\n{\n    # 一级分类，一般使用公司名，用作开启扫描的第一个参数（python gsil.py test）\n    \"test\": {\n        # 二级分类，一般使用产品线\n        \"mogujie\": {\n            # 公司内部域名\n            \"\\\"mogujie.org\\\"\": {\n                # mode/ext默认可不填\n                \"mode\": \"normal-match\",\n                \"ext\": \"php,java,python,go,js,properties\"\n            },\n            # 公司代码特征\n            \"copyright meili inc\": {},\n            # 内部主机域名\n            \"yewu1.db.mogujie.host\": {},\n            # 外部邮箱\n            \"mail.mogujie.com\": {}\n        },\n        \"meilishuo\": {\n            \"meilishuo.org\": {},\n            \"meilishuo.io\": {}\n        }\n    }\n}\n```\n\n## 用法\n\n```bash\n# 启动测试\n$ python gsil.py test\n\n# 测试token有效性\n$ python gsil.py --verify-tokens\n```\n\n```bash\n$ crontab -e\n\n# 漏洞报告，此项任务发现漏洞后会立刻发送漏洞报告\n# 每个小时运行一次，GitHub API接口调用频率限制可以根据token数量、规则数量来调整crontab频率实现，若觉得麻烦可简单配置多个token来实现。\n# crontab执行时间决定了报告的发送时效性，间隔越短报告越快但频率限制越容易触发\n# 建议配置5个token+20条规则，每15分钟运行一次（可以配置更短，根据各自需求确定）\n*/15 * * * * /usr/bin/python /var/app/GSIL/gsil.py test \u003e /tmp/gsil\n\n# 统计报告，发送一天的扫描进展，包括运行次数、成功次数、失败次数、发现漏洞数、各域名状况、异常等等\n# 每天晚上11点发送统计报告\n0 23 * * * /usr/bin/python /var/app/GSIL/gsil.py --report\n```\n\n*扫描报告过一次的将不会重复报告，缓存记录在~/.gsil/目录*\n\n## 引用\n\n- [GSIL详细介绍](https://feei.cn/gsil/)\n","funding_links":[],"categories":["Tools","Python","其他_安全与渗透","Python (1887)"],"sub_categories":["Git","Reconnaissance","网络服务_其他"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FFeeiCN%2FGSIL","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FFeeiCN%2FGSIL","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FFeeiCN%2FGSIL/lists"}