akde/infosec

Information security is ultimately about managing risk

Scanning and downloading Git repositories

Mirroring

gittyleaks: Execute within a local repository the command gittyleaks --find-anything.

git-secrets: Scans (only) commit messages for sensitive information with git secrets --scan-history.

truffleHog: Scans repos and prints out information with a high entropy: Execute it with trufflehog $repo_dir.

git-secret-scanner: Scans a repo with git-secret-scanner scan -d $git_repo.

Other tools

git-scanner: Scans multiple hosts or a single host.
repo-supervisor: Tool which can be added as git-hook to scan new pull requests for sensitive data before it’s going to be merged.
repo-security-scanner: Older scanner

You must be logged in to post a comment.

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';