Tools for github recon?

This page summarizes the projects mentioned and recommended in the original post on /r/Pentesting

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  1. git-all-secrets

    A tool to capture all the git secrets by leveraging multiple open source git searching tools

    After analyzing a lot of tools, i ended using the "Git All Secrets" (https://github.com/anshumanbh/git-all-secrets). It is based on the TruffleHog, but allows you to search by username or even by organization name. It's just a little tricky to run, you have to use docker and mount a local directory into the docker container (to be able to get the output)

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  3. Sn1per

    Attack Surface Management Platform

    Sniper All-in-one Pentesting tool

  4. gitleaks

    Find secrets with Gitleaks 🔑

  5. Puts Debuggerer

    Ruby library for improved puts debugging, automatically displaying bonus useful information such as source line number and source code.

    site: github.com + "example.com"

  6. trufflehog

    Find, verify, and analyze leaked credentials

    Also check out the tool truffleHog https://github.com/trufflesecurity/truffleHog and git-all-secrets https://github.com/anshumanbh/git-all-secrets

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Detecting Secrets in Git Repositories

    2 projects | /r/kubernetes | 7 Jul 2023
  • Where have you had secrets leaked?

    1 project | /r/devops | 22 Jan 2023
  • git push

    1 project | /r/ProgrammerHumor | 11 Jan 2023
  • Nosey Parker: a new scanner to find misplaced secrets in textual data and Git history

    4 projects | /r/netsec | 8 Dec 2022
  • Security scanning

    3 projects | /r/devops | 7 Nov 2022