Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/olivierodo/leak-hunter

We love all Apis however the Golden rule is: Never trust a Partner when he swears that he will be cautious with your api credentials
https://github.com/olivierodo/leak-hunter

credentials-helper leakage search-engine security

Last synced: about 1 month ago
JSON representation

We love all Apis however the Golden rule is: Never trust a Partner when he swears that he will be cautious with your api credentials

Host: GitHub
URL: https://github.com/olivierodo/leak-hunter
Owner: olivierodo
License: mit
Created: 2020-02-18T14:28:46.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2021-06-11T02:48:48.000Z (over 3 years ago)
Last Synced: 2024-10-22T09:46:47.885Z (3 months ago)
Topics: credentials-helper, leakage, search-engine, security
Language: JavaScript
Homepage: http://restqa.io/leak-hunter
Size: 624 KB
Stars: 0
Watchers: 3
Forks: 0
Open Issues: 7
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# leak-hunter

> A Job that looking for API credential leaks across different platforms (ex: github).
We love all Apis however the Golden rule is: **Never trust a Partner when he swears that he will be cautious with your api credentials**

## Description

As your are allowing anyone to reuse your api, you MUST be concerned about the credentials that you share with people and potential leaks on platform like github or gitlab, etcc....
This project is a simple way to check if any of our crendential has been leaked on some platform and notify you.

__This project can help you but please consider to use the [Token scanning service](https://developer.github.com/partnerships/token-scanning/) for a more preventive security__

## Usage

### Dependencies

* github accessToken
* gitlab accessToken (TODO)
* bitbucket accessToken (TODO)
* Slack webhook url

### Setup :computer:

* Set your environment variables ```cp .env.sample .env``` then edit your `.env` file.
* Install dependencies using ``` npm install ``` or ``` yarn ```.

### Run :running:

Get command documentation

```
./hunt -h
```

### Tests :mag:

* Code style
```
npm run lint
```

## Automation

If you want to run the command as a Job on Kuvernetes just run the command :

Update the configmap on the file [kubernetes-definition.yml](kubernetes-definition.yml)

Then run the command

```
$ kubectl -f kubernetes-definition.yml
```

Then you can chack the job by running

```
$ kubectl get jobs
```

TODO

* Bitbucket integration
* Gitlab integraton

## License

[MIT License](./LICENSE)