github-dorks icon indicating copy to clipboard operation
github-dorks copied to clipboard
verified publisher icon techgaun

offline cloned repository scanning

Open techgaun opened this issue 8 years ago • 2 comments

the way it would work is run github-dorks as an offline tool and use regex and text patterns to find potential leaks.. optionally see if we can also scan history

techgaun avatar Mar 03 '17 18:03 techgaun

I like the idea of setting up a pre-commit hook.

Plazmaz avatar Mar 03 '17 18:03 Plazmaz

Actionable steps to achieve this:

  1. Clone repo. I suggest using GitPython or similar for git management.
  2. Write system for parsing GitHub search syntax, similar to https://github.com/Plazmaz/GHScraper/blob/master/index.js#L16-L33 and https://github.com/Plazmaz/GHScraper/blob/master/index.js#L89-L113 (sorry, messy)
  3. Convert dorks into objects
  4. Iterate commit diffs via GitPython and check them against the objects

Plazmaz avatar Jul 20 '17 15:07 Plazmaz