Skip to content

Harish4948/github_org_member_repo_secret_scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
ReadMe.md
ReadMe.md
 
 
monitor.py
monitor.py
 
 
scanner.sh
scanner.sh
 
 

Repository files navigation

GitHub Public Repository Scanner

This tool scans New public repositories of Organization members and Organizations for secrets in almost real time(8 mins) It retrieves the repos and basically diffs with previous results, these new result are pushed to a secret scanner to scan for secrets and alert the webhooks from notify. The prob with most free/open source solutions is that it takes a long time to scan and hard to scan just the new repos for secrets.

Usage

  1. Set the GITHUB_PAT environment variable to a [GitHub Personal Access Token]
  2. Modify the org_names list in main function with the names of the organizations you want to scan.
  3. Run the script with python monitor.py.

Requirements

  • Python 3.6 or higher
  • requests library (pip install requests)
  • tqdm library (pip install tqdm)
  • Trufflehog
  • Notify from project discovery

Future Plan

  • Implement Monitoring User public repos for new changes and scan them
  • Clean up the bash script to better arrange the output and filenames

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages