Tool and Usage
Gitrob is a security tool to find sensitive information on GitHub. During the audit, it may detect passwords, API keys, or other secrets.
Why this tool?
Especially open source developers may share their code in a public repository like GitHub. This is a great way to collaborate between the developer(s) and the community. The risk of sharing code is that sensitive data is part of the repository and uploaded by accident. GitRob helps to detect this kind of accidental leaks.
How it works
Gitrob starts with collectings all public repositories of the organization. Then it moves on to the discovery of organization members and pulls in their public repositories. This way it can compile a list of repositories that are related, or have a close relation to the organization.
Usage and audience
Gitrob is commonly used for data leak prevention, information gathering, penetration testing, or security assessment. Target users for this tool are developers, pentesters, and security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 1000 GitHub stars
- + The source code of this software is available
Supported operating systems
Gitrob is known to work on Linux.
Several dependencies are required to use Gitrob.
|Latest release||1.1.2 [2017-04-09]|
|Last updated||April 16, 2018|
|Gitrob GitHub profile|