gitGraber

gitGraber is a Python-based security tool designed to monitor GitHub in real time to detect exposed sensitive information in publicly indexed repositories. It scans recently indexed files on GitHub and searches for patterns that may indicate leaked credentials, API keys, or other confidential data used by popular online services. Instead of analyzing the full history of repositories, the tool focuses on newly indexed content, allowing security researchers and bug bounty hunters to quickly identify fresh leaks as they appear. gitGraber uses carefully crafted regular expressions to detect tokens and secrets associated with platforms such as AWS, Google, PayPal, Twitter, Stripe, and many others. When a potential leak is discovered, the tool can notify users through messaging platforms or display results directly in the command line. This approach helps organizations and security professionals monitor potential exposures.

Features

Real-time monitoring of GitHub to detect newly exposed sensitive data
Regex-based detection for various tokens, API keys, and secret credentials
Supports alerts through Slack, Discord, Telegram, or command-line output
Keyword and query-based GitHub searches for targeted monitoring
Option to generate dynamic wordlists from discovered filenames
Monitoring mode that can run automatically using scheduled tasks or cron jobs

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow gitGraber

gitGraber Web Site

Other Useful Business Software

Try Google Cloud Risk-Free With $300 in Credit

No hidden charges. No surprise bills. Cancel anytime.

Use your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.

Start Free

Rate This Project

User Reviews

Be the first to post a review of gitGraber!

Additional Project Details

Programming Language

Python

Related Categories

Python OSINT Tool

Registered

7 days ago

Similar Business Software

Criminal IP

Criminal IP equips security teams with the actionable Threat Intelligence needed to proactively identify, analyze, and respond to emerging threats. Powered by AI and OSINT, it delivers threat scoring, reputation data, and real-time detection of a wide array of malicious indicators, ranging from...

See Software
Reflectiz

Reflectiz is a web exposure management platform that helps organizations identify, monitor, and mitigate security, privacy, and compliance risks across their online environments. It provides full visibility and control over first, third, and fourth-party components like scripts, trackers, and...

See Software
Securden Password Vault for Enterprises

Securden Password Vault for Enterprises is a scalable, enterprise-grade credential management solution available in both cloud (SaaS) and on-premise deployments. It centralizes the storage of passwords, SSH keys, DevOps secrets, files, and other sensitive data in an AES-256 encrypted vault,...

See Software
Blumira

Empower Your Current Team to Achieve Enterprise-Level Security An all-in-one solution with SIEM, endpoint visibility, 24/7 monitoring, and automated response to reduce complexity, increase visibility and speed up time to respond. We handle the security heavy lifting, so you get time back...

See Software
New Relic

There are an estimated 25 million engineers in the world across dozens of distinct functions. As every company becomes a software company, engineers are using New Relic to gather real-time insights and trending data about the performance of their software so they can be more resilient and...

See Software
Proton Drive

Proton Drive is the all-in-one workspace for storing sensitive data and collaborating with your teams, clients, and partners. Collaborate securely without compromising control: Share client files, contracts, and sensitive business documents with full end-to-end encryption. You control who...

See Software