Giter Club home page Giter Club logo

git-scrapers's Introduction

git-user.rb

Patrick Hurd, Coalfire Federal

OSINT tool specifically for targetting developers.

What you get:

  • Profile information
  • Commit authorship information
  • See options list for non-default output

Setup

  1. sudo apt install ruby
  2. sudo gem install httparty
  3. sudo apt install aha (Required for mine output)
  4. sudo apt install whois (Required for whois output)
  5. Add your GitHub username/password/token to your gitconfig if you plan on mining private repos

Usage:

Usage: git-user.rb [options]
    -h, --help                       Show this help banner

    -u, --user USERNAME              User to gather info from
    -o, --organization ORGANIZATION  Organization to scrape
    -r, --repo REPO                  The repo whom's contributors to scrape
        --local ABSOLUTE_PATH        Perform scrape on a repo local to your filesystem
        --name NAME                  Name to refer to a --local repo in report filenames

    -a, --auth                       Authenticate with HTTP basic auth
    -t, --token TOKEN                Use specified GitHub personal access token

    -s, --stackoverflow              Try to find users' accounts on StackOverflow
    -p, --pwned                      Search for relevant data breaches using haveibeenpwned
    -e, --extra_checking             Do extra checking on email addresses
    -m, --mine                       Mine the repo or user/organization's repos for secrets
        --whois                      Perform whois lookup on domains found in profile information
    -l, --loud                       Perform active recon on users (scrape their personal site)

        --html                       Output main report to an HTML document
    -w, --wordlist                   Generate wordlist for use in password attacks
    -c, --csv                        Export discovered accounts to a GoPhish-importable CSV file

Add the following line to your .bashrc or .zshrc if you're using zsh to enable argument autocompletion (optional):

complete -W "--help --user --organization --repo --auth --token --stackoverflow --pwned --extra_checking --mine --html --wordlist --whois --loud --csv --local --name" git-user.rb

Example command:

./git-user.rb -t deadb33f... -o Coalfire-Research -r Git-Scrapers -s -p -e -m --html -c

If you have two-factor authentication enabled on your GitHub account, you will need to create and use an application token instead of your password (using -t TOKEN instead of -a).

Repo mining will skip forked repos.

How you can help:

Check out the issues

git-scrapers's People

Contributors

djent- avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.