https://github.com/N0MoreSecr3ts/wraith

Uncover forgotten secrets and bring them back to life, haunting security and operations teams.
https://github.com/N0MoreSecr3ts/wraith

gitrob secrets-management wraith

Last synced: 21 days ago
JSON representation

Uncover forgotten secrets and bring them back to life, haunting security and operations teams.

• Host: GitHub
• URL: https://github.com/N0MoreSecr3ts/wraith
• Owner: N0MoreSecr3ts
• License: mit
• Created: 2020-05-21T15:15:20.000Z (over 4 years ago)
• Default Branch: develop
• Last Pushed: 2023-05-05T02:41:03.000Z (over 1 year ago)
• Last Synced: 2024-08-05T17:30:19.436Z (4 months ago)
• Topics: gitrob, secrets-management, wraith
• Language: Go
• Homepage:
• Size: 2.18 MB
• Stars: 207
• Watchers: 11
• Forks: 42
• Open Issues: 28
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: Contributing.md
  • License: LICENSE.txt
  • Code of conduct: CODE_OF_CONDUCT.md
  • Security: Security.txt

Awesome Lists containing this project

• awesome-hacking-lists - N0MoreSecr3ts/wraith - Uncover forgotten secrets and bring them back to life, haunting security and operations teams. (Go)

README

        


  


    

  


  Wraith

  




Finding digital secrets that were never meant to be found in all corners of the net.




  

  

  

  




  

  

  

  




  

  

  




  

  





  Capabilities •

  Screenshots •

  Quickstart •

  Documentation •

  Contributing •

  Credits •

  FAQ •

  Related



Wraith uncovers forgotten secrets and brings them back to life, haunting security and operations teams. It can be used to scan hosted and local git repos as well as local filesystems.

## Capabilities

### Targets

- Gitlab.com repositories and projects

- Github.com repositories and organizations

- Local git repositories

- Local filesystem

### Major Features

- Exclude files, paths, and extensions

- Web and terminal interfaces for real-time results (very much alpha)

- Configurable commit depth

- Built with [Viper][1] to manage environment variables, config files, or flags

- Uses [Cobra][2] sub-commands for easier, more modular, functionality

## Screenshots



  

  






## Quickstart

1. Download the latest [release][3] and either build it yourself with `make build` or you can use a prebuilt binary, currently they only exist for OSX. This project uses a branching git flow. Details can be found in the developer doc, suffice it to say **Master** is stable **develop** shoud be considered beta.

2. Download or clone the latest set of [signatures][4] and either copy *signatures/default.yaml* to *~/.wraith/signatures/* or adjust the location in your configuration file. A sample is shown below

3. Copy the below configuration to *~/.wraith/config.yaml*. This will allow you to get up and running for basic scans without having to figure out the flags. Any of these values can be overwritten on the commnd line as well. You will need to generate your own api tokens for github and gitlab if you are scanning against them.

4. Once you have this done, just run a scan command.

- `wraith scanGithub`

- `wraith scanGitlab`

- `wraith scanLocalGitRepo`

- `wraith scanLocalPath`

```yaml

---

commit-depth: -1

debug: false

github-api-token: 

github-orgs:

    - 

    - 

github-repos:

    - 

github-users:

    - 

gitlab-api-token: 

gitlab-targets:

    - 

    - 

    - 

scan-forks: false

scan-tests: false

ignore-extension:

    - .html

    - .css

    - .log

ignore-path:

    - static/

    - docs/

    - .idea/

in-mem-clone: false

local-paths:

    - ../relative/path/to/file.md

    - $HOME/path/to/file.pl

    - /absolute/path/to/file.rb

confidence-level: 3

num-threads: 1

local-repos:

    - ../wraith

    - /home/bob/Go/src/foo

silent: false

web-server: false

json: false

csv: false

test-signatures: false

signatures-path: "~/.wraith/signatures"

signature-file:

    - ../wraith-signatures/signatures/default.yaml

signatures-url: "https://github.com/N0MoreSecr3ts/wraith-signatures"

signatures-version: "0.2.0"

```

## Documentation

### Build from source

At this stage the best option is to build from source from this repository.

To install from source, make sure you have a correctly configured **Go >= 1.14** environment and that `$GOPATH/bin` is in your `$PATH`.

```shell

    $ cd $GOPATH/src

    $ git clone [email protected]:N0MoreSecr3ts/wraith.git

    $ cd wraith

    $ make build

    $ ./bin/wraith- 

```

### Signatures

Signatures are the current method used to detect secrets within the a target source. They are broken out into the [wraith-signatures][4] repo for extensability purposes. This allows them to be independently versioned and developed without having to recompile the code. To makes changes just edit an existing signature or create a new one. Check the [README][5] in that repo for additional details.

### Authencation

Wraith will need either a GitLab or Github access token in order to interact with their appropriate API's.  You can create a [GitLab personal access token][6], or [a Github personal access token][7] and save it in an environment variable in your **bashrc**, add it to a wraith config file, or pass it in on the command line. Passing it in on the commandline should be avoided if possible for security reasons. Of course if you want to eat your own dog food, go ahead and do it that way, then point wraith at your command history file. :smiling_imp:

### Additional Documentation

Additional documentation is forthcoming

## Contributing

[Contributing.md][14]

There is a [roadmap][13] as well, but at this point it's little more than a glorified TODO list and personal braindump. I am using that instead of issues, due to my velocity and general laziness towards process at this point. When the project becomes stable, most likely after Milestone 1, the roadmap will probably fall away and be captured in [Issues][15].

## Credits

- [@michenriksen][8] for writing [gitrob][9] which serves as the foundation for wraith

- [@codeemitter][11] for contributing several major features including in memory clones and gitlab support. His version is the immediate parent to wraith.

- [@mattyjones][10] (Maintainer)

## Related

There are several other projects that wraith owes some lineage to including:

- [Trufflehog][12]

- all the many recon and OSINT tools already existing

[1]: https://github.com/spf13/viper

[2]: https://github.com/spf13/cobra

[3]: https://github.com/N0MoreSecr3ts/wraith/releases

[4]: https://github.com/N0MoreSecr3ts/wraith-signatures

[5]: https://github.com/N0MoreSecr3ts/wraith-signatures/blob/master/README.md

[6]: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html

[7]: https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/

[8]: https://github.com/michenriksen

[9]: https://github.com/michenriksen/gitrob

[10]: https://github.com/mattyjones

[11]: https://github.com/codeEmitter/

[12]: https://github.com/dxa4481/truffleHog

[13]: https://github.com/N0MoreSecr3ts/wraith/blob/develop/docs/development/roadmap.md

[14]: https://github.com/N0MoreSecr3ts/wraith/blob/master/Contributing.md

[15]: https://github.com/N0MoreSecr3ts/wraith/issues