Gitrob

Gitrob is an open source reconnaissance tool designed to identify potentially sensitive files that have been committed to public GitHub repositories. It helps security professionals, researchers, and organizations detect accidental data exposure by scanning repositories associated with specific GitHub users or organizations. The tool works by cloning repositories and analyzing their commit history to search for files that match predefined signatures of sensitive data. These signatures are used to flag items such as credentials, private keys, configuration files, and other materials that may expose confidential information. By automatically inspecting repository histories, Gitrob simplifies the process of identifying security risks that might otherwise remain unnoticed in publicly accessible codebases. The results of the scan are presented through a built-in web interface that allows users to browse findings, review flagged files, and analyze potential leaks more efficiently.

Features

Scans GitHub repositories belonging to users or organizations
Clones repositories and analyzes commit history for sensitive files
Uses signature-based detection to identify risky filenames and patterns
Displays results through a built-in web interface for easier analysis
Supports configurable commit depth to control how much history is scanned
Allows saving and loading scan sessions for later review or sharing

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow Gitrob

Gitrob Web Site

Other Useful Business Software

Go from Code to Production URL in Seconds

Cloud Run deploys apps in any language instantly. Scales to zero. Pay only when code runs.

Skip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.

Try it free

Rate This Project

User Reviews

Be the first to post a review of Gitrob!

Additional Project Details

Programming Language

Go, JavaScript, Unix Shell

Related Categories

Unix Shell OSINT Tool, JavaScript OSINT Tool, Go OSINT Tool

Registered

6 days ago

Similar Business Software

Reflectiz

Reflectiz is a web exposure management platform that helps organizations identify, monitor, and mitigate security, privacy, and compliance risks across their online environments. It provides full visibility and control over first, third, and fourth-party components like scripts, trackers, and...

See Software
Proton Pass

Proton Pass is an open-source password manager based in Switzerland that encrypts your usernames, passwords, bank cards, and encrypted notes and lets users quickly autofill details across all devices and browsers. Proton Pass goes beyond keeping your password safe, it secures your online...

See Software
Proton Drive

Proton Drive is the all-in-one workspace for storing sensitive data and collaborating with your teams, clients, and partners. Collaborate securely without compromising control: Share client files, contracts, and sensitive business documents with full end-to-end encryption. You control who...

See Software
Proton VPN

Protect your business against damaging data breaches and easily comply with security frameworks like ISO 27001, GDPR, and HIPAA. Our software-only virtual private network easily integrates with your existing infrastructure to provide a flexible and scalable way to protect your...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Air

Centralize your team's content in a workspace that's organized, versioned, and easy to share. Sure, Air stores your content. But it also has smart search, guest permissions, custom layouts, version tracking, and hassle-free sharing that makes every part of the creative process easier and more...

See Software