Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mathis2001/gitdiscloser
Python recon tool for Github information disclosure research
https://github.com/mathis2001/gitdiscloser
bugbounty github pentesting recon
Last synced: 29 days ago
JSON representation
Python recon tool for Github information disclosure research
- Host: GitHub
- URL: https://github.com/mathis2001/gitdiscloser
- Owner: mathis2001
- Created: 2022-05-31T13:17:15.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-06-10T13:25:19.000Z (over 2 years ago)
- Last Synced: 2024-11-11T10:35:03.917Z (3 months ago)
- Topics: bugbounty, github, pentesting, recon
- Language: Python
- Homepage:
- Size: 87.9 KB
- Stars: 2
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# GitDiscloser
Python recon tool for Github information disclosure research
## Install:
```bash
$ git clone https://github.com/mathis2001/GitDiscloser
$ cd GitDiscloser
$ python3 gitdiscloser.py
```
## Requirements:
- Python3
- Pip3
- Pygithub
```bash
$ pip3 install pygithub
```
## Usage:
```bash
Search: ./gitdiscloser.py [-h] [-s "github search"] [-f wordlist] [-l limit] [-u] [-n] [-c]
Profiling: ./gitdiscloser.py [-h] [-r repository link |-p username]
Advanced: ./gitdiscloser.py [-h] [-a user/repository] [-f wordlist] [-l limit]
```
## options:
```bash
Options
---------------------------------------------------------
-h Show this help message
Search:
-s search request
-u search for urls in code
-f find word matches with a wordlist
-n sort by the more recently indexed
-l limit (limit of results wanted)
-c profile information for each result
Profiling:
-r profile information by repository link
-p profile information by username
Advanced (commits scan):
-a repository (mathis/GitDiscloser)
-f find word matches in commits with a wordlist
--------------------------------------------------------
Config
Simply put your github token in your environment variables as 'GITHUB_TOKEN'.
```
## Configuration:
In your Github account, clic on your profile in the top right of the page.
Then go to settings > Developer settings > personal access tokens > Generate a new token.
Give a name to your token, select only the public_repo access and clic on "Generate token".
You can now copy your token and paste it in your environment variables.
## Use case:
You search for information disclosure on a target website/domain (exp:target.com), so you can use GitDiscloser like this:
```bash
./gitdiscloser.py -s target.com -f -n
```
or if you want to use dorks:
```bash
./gitdiscloser.py -s ":target.com" -f -n
```
this command will make a github search on all recently shared file ("-n") and will search for all keywords of your wordlist in it ("-f").
If the tool find interesting results, you maybe want to know more about the author of the file.
So you can use the profiling option of GitDiscloser to get profile information about it and then see his/her firstname and the company where he/she work. (if company is not written in his/her github account, you can check his/her firstname on Linkedin to check it).
Exemple:
GitDiscloser response:
https://raw.githubusercontent.com/mathis2001/code.xyz
Possible secret(s) found in file:
[+] token
Check if mathis2001 work at target.com:
./gitdiscloser -r https://raw.githubusercontent.com/mathis2001/code.xyz or -p mathis2001
you can also profile each results with the '-c' option.
If your target work at the target company, you can now check for (potentially other) information disclosure in his/her other codes thanks to the "user:" dork
Exemple:
```bash
./gitdiscloser -s "user:" -f -n
```
To go deeper, GitDiscloser is also able to check for secrets in commits.
```bash
./gitdiscloser -a mathis2001/GitDiscloser -f
```
## Some screens:
## TO DO
- fix bugs
- Add an output file option (you can use "| tee -a" to get an output anyway")
- Secondary rate-limit restriction when making a query with to many responses.