# GitMon
Monitor GitHub events and clone repositories to search for secrets, and more.

![Console output](.img/console-output.png)

## Overview
GitMon allows an operator to continually monitor the [GitHub Events API](https://docs.github.com/en/rest/activity/events)
to collect metadata and look for secret leakage.

When certain events such as _CreateEvent_ or _DeleteEvent_ are observed, GitMon
will send the repository URL to a worker that will clone the repository and
search for API keys, passwords, endpoints, and more.

GitMon will also build a table that maps commit email addresses to GitHub usernames.

## Installation
```shell
git clone https://git.juggalol.com/agatha/gitmon
cd gitmon
pip install -r requirements.txt
```

## Configuration
GitMon works best with a token. Without a token you are limited to 60 API calls per hour.
Creating and using a Personal Access Token will raise that limit to 60,000 API calls per hour.

To use a Personal Access Token, create a `config.py` file:
```
token = 'ghp_YOUR_TOKEN_HERE'
```

## Caught Slippin'
![Deleted GitHub token](.img/slippin-ght.png)

![Cloud creds](.img/slippin-db.png)

## Contributors
- agathanonymous