Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/lc/secretz

secretz, minimizing the large attack surface of Travis CI
https://github.com/lc/secretz

hacktoberfest osint secrets security travis-ci

Last synced: 4 days ago
JSON representation

secretz, minimizing the large attack surface of Travis CI

Host: GitHub
URL: https://github.com/lc/secretz
Owner: lc
License: mit
Created: 2019-07-12T17:05:06.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2022-05-30T04:53:54.000Z (over 2 years ago)
Last Synced: 2025-01-24T05:05:46.449Z (11 days ago)
Topics: hacktoberfest, osint, secrets, security, travis-ci
Language: Go
Homepage: https://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/
Size: 356 KB
Stars: 326
Watchers: 11
Forks: 48
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        






# secretz

[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT)

[![Build Status](https://travis-ci.org/lc/secretz.svg?branch=master)](https://travis-ci.org/lc/secretz)

[![Go ReportCard](https://goreportcard.com/badge/github.com/lc/secretz#1)](https://goreportcard.com/report/github.com/lc/secretz)

`secretz` is a tool that minimizes the large attack surface of Travis CI. It automatically fetches repos, builds, and logs for any given organization. 

Built during and for our research on TravisCI: https://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/

## Usage:

`secretz -t Organization [options]`

### Flags:

| Flag | Description | Example |

|------|-------------|---------|

| `-t` | Organization to get repos, builds, and logs for | `secretz -t ExampleCo` |

| `-c` | Limit the number of workers that are spawned | `secretz -t ExampleCo -c 3` |

| `-delay` | delay between requests + random delay/2 jitter | `secretz -t ExampleCo -delay 900`|

| `-members [list \| scan]` | Get all GitHub members belonging to Organization and list/scan them | `secretz -t ExampleCo -members scan` |

| `-timeout` | How long to wait for HTTP Responses from Travis CI | `secretz -t ExampleCo -timeout 20` |

| `-setkey` | Set API Key for api.travis-ci.org | `secretz -setkey yourapikey` |

## Installation:

### Via `go get`

```

go get -u github.com/lc/secretz

```

### Via `git clone`

```

go get -u github.com/json-iterator/go

git clone [email protected]:lc/secretz

cd secretz && go build -o secretz main.go

```

### Generate an API-Key: 

```

travis login

travis token --org

```

### Create config file

`secretz -setkey `

### Note:

Please keep your delay high and your workers low out of respect for TravisCI and their APIs. This will also help you from being rate-limited by them.