https://github.com/6mile/git-hunter
Find threats in your source code
https://github.com/6mile/git-hunter
Last synced: 9 months ago
JSON representation
Find threats in your source code
- Host: GitHub
- URL: https://github.com/6mile/git-hunter
- Owner: 6mile
- Created: 2021-07-12T21:11:08.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2024-05-13T01:47:50.000Z (over 1 year ago)
- Last Synced: 2025-03-25T14:06:14.946Z (10 months ago)
- Language: Shell
- Size: 5.86 KB
- Stars: 4
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# git-hunter
Find threats in source code
## Pre-requisites:
### github-subdomains
The obvious use here is to find subdomains in GitHub repositories, but this also will find the developers working on those projects.
https://github.com/gwen001/github-subdomains
### gitleaks
This is the best way to find sensitive data exposure in git repos
## Working with JSON and jq
### use jq to sort by two columns and use the csv format
```jq -r '.secrets[] | [.file, .offender] | @csv' ./scanresults/file01.json | sort -u```
### use jq to pull all relevant fields for CSV report
```jq -r '.secrets[] | [.file, .rule, .lineNumber, .commit, .author, .date, .offender] | @csv' ./file02.json > file02-report.csv```
### use jq to remove the line file from bloodhound-cli
```jq 'del(.secrets[].line)' ./file03.json```
## Interact with git
### See all developers that have worked in this repo
```git shortlog -sne```
### use git to search all commits
```git grep "password=" `git show-ref --heads` ```
### count number of commits in history
```git rev-list HEAD --count```
## Audit Git Commit Signing GPG
### See the GPG signature details for last commit
```git log --show-signature -1```
### See the GPG details for ALL commits
```git log --show-signature```
## Use Gitleaks to find embedded secrets
### run gitleaks against all commits and point it at local directory
```gitleaks -v --depth=$(git rev-list HEAD --count) -p ./```
### run gitleaks against a github url
```gitleaks -v -r https://github.com/juice-shop/juice-shop.git```
### find GitHub username via uid
```curl https://api.github.com/user/106486165```
## Use regex to find sensitive details in files
### find emails in all files
```find ./ -exec grep -si -o '[A-Z0-9._%+-]\+@[A-Z0-9.-]\+\.[A-Z]\{2,4\}' {} \;```
### Make specific point in time git commits
```git commit --date='2021-01-01 12:12:00' -m "message"```