{"id":20400745,"url":"https://github.com/goodwithtech/org-secrets","last_synced_at":"2025-10-06T22:31:58.550Z","repository":{"id":98630791,"uuid":"285736632","full_name":"goodwithtech/org-secrets","owner":"goodwithtech","description":"A disposable Sensitive Information Scanners for your git hosting services.","archived":false,"fork":false,"pushed_at":"2021-06-02T15:57:15.000Z","size":126,"stargazers_count":6,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-26T08:47:34.230Z","etag":null,"topics":["ghorg","shhgit"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/goodwithtech.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2020-08-07T04:27:33.000Z","updated_at":"2023-02-11T16:22:59.000Z","dependencies_parsed_at":"2023-03-07T10:30:18.735Z","dependency_job_id":null,"html_url":"https://github.com/goodwithtech/org-secrets","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodwithtech%2Forg-secrets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodwithtech%2Forg-secrets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodwithtech%2Forg-secrets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/goodwithtech%2Forg-secrets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/goodwithtech","download_url":"https://codeload.github.com/goodwithtech/org-secrets/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248578868,"owners_count":21127713,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ghorg","shhgit"],"created_at":"2024-11-15T04:45:51.202Z","updated_at":"2025-10-06T22:31:58.463Z","avatar_url":"https://github.com/goodwithtech.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# org-secrets\n\nA disposable Sensitive Information Scanners for your git hosting services. You can check whole repositories belongs to target user/organization.\n\nSupport GitHub, GitLab, BitBuekct, Gitea and self-hosted git repositiries. [See gabrie30/ghorg for details](https://github.com/gabrie30/ghorg#supported-providers).\n\n\u003cimg src=\"docs/usage.png\" width=\"700\"\u003e\n\nNote: This image needs to put personal access tokens from stdin. You should revoke used your personal access token after run.\n\n## Quick start\n\n1. Copy Personal Access Token from git hosting services. [See gabrie30/ghorg for details](https://github.com/gabrie30/ghorg#github-setup).\n2. Run commands below. \n3. Delete Personal Access Token from git hosting services.\n\n```shell\n# Check target organization's repositories (-o)\n$ docker run --rm -it goodwithtech/org-secrets -o goodwithtech -t \u003cgithub_token\u003e -f -a\n...\nSuccess cloning repo: https://github.com/goodwithtech/dummy-for-org-secrets.git -\u003e branch: main\nSuccess cloning repo: https://github.com/goodwithtech/org-secrets.git -\u003e branch: master\nSuccess cloning repo: https://github.com/goodwithtech/dockle.git -\u003e branch: master\nSuccess cloning repo: https://github.com/goodwithtech/dockertags.git -\u003e branch: master\nStart scanning /secrets_ghorg/dockle\nStart scanning /secrets_ghorg/dummy-for-org-secrets\n[/secrets_ghorg/dummy-for-org-secrets] Matching file /.env for Environment configuration file\n[/secrets_ghorg/dummy-for-org-secrets] 1 match for AWS Access Key ID Value in file /config.toml: AKIA1111111111111111\n\n# Check target user's repositories (-u)\n$ docker run --rm -it goodwithtech/org-secrets -u tomoyamachi -t \u003cgithub_token\u003e -f -a\n...\n121 repos found in tomoyamachi\nSuccess cloning repo: https://github.com/tomoyamachi/docker-transcribe.git -\u003e branch: master\nSuccess cloning repo: https://github.com/tomoyamachi/adoptimizer.git -\u003e branch: master\nSuccess cloning repo: https://github.com/tomoyamachi/cucumber-api.git -\u003e branch: master\nSuccess cloning repo: https://github.com/tomoyamachi/bazel-cpp-sample.git -\u003e branch: master\n...\nStart scanning /root/git/mnt_ghorg/invt\n[/root/git/mnt_ghorg/invt] Matching file /config/database.yml for Potential Ruby On Rails database configuration file\n[/root/git/mnt_ghorg/invt] 1 match for Facebook Client ID in file /config/environment.rb: FACEBOOK_APP_ID = \"17XXXXXXXXX\"\n[/root/git/mnt_ghorg/invt] Matching file /config/initializers/secret_token.rb for Ruby On Rails secret token configuration file\n[/root/git/mnt_ghorg/goodwithCompany] Matching file /.env for Environment configuration file\nStart scanning /root/git/mnt_ghorg/dotfiles\n[/root/git/mnt_ghorg/dotfiles] Matching file /.bash_profile for Shell profile configuration file\n[/root/git/mnt_ghorg/dotfiles] Matching file /.gitconfig for Git configuration file\n[/root/git/mnt_ghorg/dotfiles] Matching file /.zshrc for Shell configuration file\n[/root/git/mnt_ghorg/dotfiles] 1 match for Username and password in URI in file /shells/backup_dev_es.sh: http://user:pass@xxx.xxx.xxx.xxx/${target}\n```\n\n## Usage\n\n```shell\n$ docker run --rm -it goodwithtech/org-secrets -t {token} -u {user} -f -a\n -t: scm token to clone with\n -u: user name\n -o: organization name\n -s: type of scm used, github, gitlab or bitbucket (default: github)\n -b: branch left checked out for each repo cloned (default: default branch)\n -h: host url, for on self hosted git repository (default: uses github/gitlab public api)\n -f: Include repos are forks (default: skip fork repository)\n -a: Include repos are archived (default: skip archived repository)\n```\n\n## Common Examples\n\n### For your orgnization\n```\n$ docker run --rm -it goodwithtech/org-secrets -t \u003cgithub_token\u003e -o goodwithtech\n$ docker run --rm -it goodwithtech/org-secrets -t \u003cgitlab_token\u003e -u goodwithtech -s gitlab\n```\n\n### For self-hosted git hosting services\n```\n# For GitHub Enterprise\n$ docker run --rm -it goodwithtech/org-secrets -t \u003cgithub_token\u003e -u \u003cuser\u003e -h https://github.domain.com/api/v3/\n\n# For GitLab CC\n$ docker run --rm -it goodwithtech/org-secrets -t \u003cgitlab_token\u003e -u \u003cuser\u003e -h https://gitlab.domain.com/ -s gitlab\n```\n\n### Using an original shhgit config file\n\n```\n$ docker run --rm -it -v $(pwd)/original-config.yml:/config.yaml goodwithtech/org-secrets -t \u003ctoken\u003e -u \u003cuser\u003e\n```\n\n\n### Save repositories to local directory\n\n```shell\n$ docker run --rm -it -v /path/to/save/:/secrets_ghorg/ goodwithtech/org-secrets -t \u003ctoken\u003e -u \u003cuser\u003e\n$ ls /path/to/save\n\u003crepo1\u003e \u003crepo2\u003e\n```\n\n## Dependency\nThis image uses [gabrie30/ghorg](https://github.com/gabrie30/ghorg) and [eth0izzle/shhgit](https://github.com/eth0izzle/shhgit).  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoodwithtech%2Forg-secrets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoodwithtech%2Forg-secrets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoodwithtech%2Forg-secrets/lists"}