Primary Use Case

gitGraber is primarily used by security professionals and organizations to continuously monitor GitHub for accidental leaks of sensitive credentials related to services like AWS, Paypal, and Stripe. It helps detect secrets exposure from not only the organization itself but also from employees and third-party providers, enabling timely response and mitigation.

Key Features

Real-time monitoring of latest indexed GitHub files for sensitive data

Detection of API keys and tokens for multiple online services (Google, AWS, Paypal, etc.)

Notification support via Slack, Discord, and Telegram

Avoids duplicate alerts by tracking already scanned repositories

Configurable regex patterns to reduce false positives

Supports keyword and query-based searches with dynamic wordlist generation

Handles GitHub API abuse detection by rotating tokens automatically

Option to create cron jobs for continuous monitoring

Insights & Recommendations

gitGraber is designed to monitor the latest indexed files on GitHub rather than repository history, reducing noise from old leaks. Users should configure multiple GitHub tokens to handle API rate limits and avoid abuse detection. Regex patterns can be customized to reduce false positives and exclude irrelevant tokens. Notifications require proper setup of Slack, Discord, or Telegram integrations.

Clone the repository from GitHub Ensure Python 3.x is installed Install required dependencies (not explicitly listed, but implied Python environment setup) Configure GitHub tokens in config.py for API access Edit tokens.py to customize regex patterns or blacklists if needed

Usage

python3 gitGraber.py -k keywordsfile.txt

Search GitHub using each keyword from the specified keywords file.

python3 gitGraber.py -q "apikey"

Search GitHub for the specific query string "apikey".

python3 gitGraber.py -m

Enable continuous monitoring of the search query by creating a cron job that runs every 30 minutes.

python3 gitGraber.py -s

Enable Slack notifications for detected secrets.

python3 gitGraber.py -d

Enable Discord notifications for detected secrets.

python3 gitGraber.py -tg

Enable Telegram notifications for detected secrets.

python3 gitGraber.py -w wordlist.txt

Create a dynamic wordlist populated with discovered filenames from GitHub.

python3 gitGraber.py -l 7

Limit search results to commits less than 7 days old.

Smart Usage Notes

Integrate gitGraber with CI/CD pipelines to detect secrets leaks before deployment.Use automated notifications (Slack, Discord, Telegram) to accelerate incident response.Combine with internal secrets management tools to cross-verify exposed credentials.Leverage token rotation and abuse detection handling to maintain continuous monitoring without interruptions.Extend regex patterns and keyword lists periodically to adapt to emerging credential formats and reduce false positives.

OpenSec Atlas

gitGraber

About This Tool

Primary Use Case

Key Features

Insights & Recommendations

Installation

Usage

Smart Usage Notes

Security Capability Profile

Tags

You Might Also Like