https://github.com/lc/secretz

secretz, minimizing the large attack surface of Travis CI
https://github.com/lc/secretz

hacktoberfest osint secrets security travis-ci

Last synced: 24 days ago
JSON representation

secretz, minimizing the large attack surface of Travis CI

• Host: GitHub
• URL: https://github.com/lc/secretz
• Owner: lc
• License: mit
• Created: 2019-07-12T17:05:06.000Z (almost 6 years ago)
• Default Branch: master
• Last Pushed: 2022-05-30T04:53:54.000Z (almost 3 years ago)
• Last Synced: 2025-03-31T12:06:30.484Z (about 1 month ago)
• Topics: hacktoberfest, osint, secrets, security, travis-ci
• Language: Go
• Homepage: https://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/
• Size: 356 KB
• Stars: 326
• Watchers: 10
• Forks: 42
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        






# secretz

[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT)

[![Build Status](https://travis-ci.org/lc/secretz.svg?branch=master)](https://travis-ci.org/lc/secretz)

[![Go ReportCard](https://goreportcard.com/badge/github.com/lc/secretz#1)](https://goreportcard.com/report/github.com/lc/secretz)

`secretz` is a tool that minimizes the large attack surface of Travis CI. It automatically fetches repos, builds, and logs for any given organization. 

Built during and for our research on TravisCI: https://edoverflow.com/2019/ci-knew-there-would-be-bugs-here/

## Usage:

`secretz -t Organization [options]`

### Flags:

| Flag | Description | Example |

|------|-------------|---------|

| `-t` | Organization to get repos, builds, and logs for | `secretz -t ExampleCo` |

| `-c` | Limit the number of workers that are spawned | `secretz -t ExampleCo -c 3` |

| `-delay` | delay between requests + random delay/2 jitter | `secretz -t ExampleCo -delay 900`|

| `-members [list \| scan]` | Get all GitHub members belonging to Organization and list/scan them | `secretz -t ExampleCo -members scan` |

| `-timeout` | How long to wait for HTTP Responses from Travis CI | `secretz -t ExampleCo -timeout 20` |

| `-setkey` | Set API Key for api.travis-ci.org | `secretz -setkey yourapikey` |

## Installation:

### Via `go get`

```

go get -u github.com/lc/secretz

```

### Via `git clone`

```

go get -u github.com/json-iterator/go

git clone [email protected]:lc/secretz

cd secretz && go build -o secretz main.go

```

### Generate an API-Key: 

```

travis login

travis token --org

```

### Create config file

`secretz -setkey `

### Note:

Please keep your delay high and your workers low out of respect for TravisCI and their APIs. This will also help you from being rate-limited by them.