Tool and Usage
Gitrob is a security tool to find sensitive information on GitHub. During the audit, it may detect passwords, API keys, or other secrets.
Why this tool?
Especially open source developers may share their code in a public repository like GitHub. This is a great way to collaborate between the developer(s) and the community. The risk of sharing code is that sensitive data is part of the repository and uploaded by accident. GitRob helps to detect this kind of accidental leaks.
How it works
Gitrob starts with collectings all public repositories of the organization. Then it moves on to the discovery of organization members and pulls in their public repositories. This way it can compile a list of repositories that are related, or have a close relation to the organization.
Usage and audience
This tool is categorized as a company reconnaissance tool.
Gitrob is commonly used for information gathering, penetration test, or security assessment. Target users for this tool are pentesters, security professionals, and system administrators.
- + More than 1000 GitHub stars
- + The source code of this software is available
Author and Maintainers
Gitrob is under development by Michael Henriksen.
Support operating systems
Gitrob is known to work on Linux.
Several dependencies are required to use Gitrob.
|Latest release||1.1.2 [2017-04-09]|
|Last updated||Oct. 6, 2017|
|Gitrob GitHub profile|