README
ΒΆ
π΅οΈ Gitrob
Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github.
π Table of Contents
β¨ Features
- π Scans repositories for sensitive files
- π Web interface for easy analysis
- π Configurable commit depth scanning
- π₯ Organization member scanning
- πΎ Session saving and loading
- βοΈ Customizable signature patterns
- π Multi-threaded processing
π₯ Installation
Pre-built Binaries
Download the latest pre-built release for your platform.
Using Go
go get github.com/bitthr3at/gitrob
π Quick Start
- Set up GitHub Token
export GITROB_ACCESS_TOKEN=your_github_token
- Run Gitrob
gitrob target_organization
- Access Web Interface
http://localhost:9393
βοΈ Configuration
GitHub Access Token
- Create a personal access token
- Set it in your environment:
export GITROB_ACCESS_TOKEN=your_token_here
Signature Configuration
Gitrob uses YAML configuration files to define signature patterns for detecting sensitive information. You can specify a custom config file or use the default locations.
Using Custom Config File
gitrob -config /path/to/your/config.yaml target_organization
Default Config Locations
If no config file is specified, Gitrob searches in these locations (in order):
./config.yaml(Current directory)./core/config.yaml(Core directory)/etc/gitrob/config.yaml(System config)$HOME/.gitrob/config.yaml(User config)
Custom Signature Format
patterns:
- name: "sensitive_file"
type: "content|extension|filename|path"
pattern: "regex_pattern"
description: "What this detects"
comment: "Additional context"
Signature Types:
content: Match file contents using regexextension: Match file extensions (exact match)filename: Match filenames (exact match)path: Match file paths using regex
Example:
patterns:
- name: "aws_key"
type: "content"
pattern: "(?i)aws_access_key_id\\s*=\\s*[A-Z0-9]{20}"
description: "AWS Access Key ID"
comment: "AWS credentials should not be committed"
π οΈ Usage
Command Format
gitrob [options] target [target2] ... [targetN]
Options
| Option | Description | Default |
|---|---|---|
| -bind-address | Web server bind address | 127.0.0.1 |
| -commit-depth | Number of commits to process | 500 |
| -config | Path to config.yaml file | core/config.yaml |
| -debug | Enable debug output | false |
| -github-access-token | GitHub API token | - |
| -load | Load session file | - |
| -no-expand-orgs | Don't scan org members | false |
| -port | Web server port | 9393 |
| -repo | Single repository to scan | - |
| -save | Save session to file | - |
| -silent | Suppress output | false |
| -threads | Concurrent threads | CPU cores |
Session Management
Save Session
gitrob -save ~/gitrob-session.json acmecorp
Load Session
gitrob -load ~/gitrob-session.json
π¨ Building from Source
Prerequisites
- Go >= 1.8
- Git
Build Steps
- Clone Repository
git clone https://github.com/bitthr3at/gitrob.git
cd gitrob
- Build
chmod +x build.sh
./build.sh
This creates binaries in the build directory for:
- Linux (amd64)
- macOS (amd64)
- Windows (amd64)
For single platform build:
go build
π€ Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch
- Commit your changes
- Push to the branch
- Open a Pull Request
π License
This project is licensed under the MIT License - see the LICENSE file for details.
Documentation
ΒΆ
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.