45 lines
1.4 KiB
Markdown
45 lines
1.4 KiB
Markdown
# GitMon
|
|
Monitor GitHub events and clone repositories to search for secrets, and more.
|
|
|
|
![Console output](.img/console-output.png)
|
|
|
|
## Overview
|
|
GitMon allows an operator to continually monitor the [GitHub Events API](https://docs.github.com/en/rest/activity/events)
|
|
to collect metadata and look for secret leakage.
|
|
|
|
When certain events such as _CreateEvent_ or _DeleteEvent_ are observed, GitMon
|
|
will send the repository URL to a worker that will clone the repository and
|
|
search for API keys, passwords, endpoints, and more.
|
|
|
|
GitMon will also build a table that maps commit email addresses to GitHub usernames.
|
|
|
|
## Features
|
|
- Monitor for _CreateEvent_ and _DeleteEvent_
|
|
- ~~Commit metadata scraping~~ (_Not implemented yet_)
|
|
- ~~Automatic secret scraping~~ (_Not implemented yet_)
|
|
- ~~IRC/Webhook notifications~~ (_Not implemented yet_)
|
|
|
|
## Installation
|
|
```shell
|
|
git clone https://git.juggalol.com/agatha/gitmon
|
|
cd gitmon
|
|
pip install -r requirements.txt
|
|
```
|
|
|
|
## Configuration
|
|
GitMon works best with a token. Without a token you are limited to 60 API calls per hour.
|
|
Creating and using a Personal Access Token will raise that limit to 60,000 API calls per hour.
|
|
|
|
To use a Personal Access Token, create a `config.py` file:
|
|
```
|
|
token = 'ghp_YOUR_TOKEN_HERE'
|
|
```
|
|
|
|
## Caught Slippin'
|
|
![Deleted GitHub token](.img/slippin-ght.png)
|
|
|
|
![Cloud creds](.img/slippin-db.png)
|
|
|
|
## Contributors
|
|
- agathanonymous
|